Securing 900 Kubernetes Clusters - Journey to ValidatingAdmissionPolicies

Explore Mercedes-Benz Tech Innovation's journey in securing over 900 Kubernetes clusters without Pod Security Policies (PSP) in this 38-minute conference talk. Discover why Pod Security Standards (PSS) were not suitable for their large-scale Kubernetes fleet and learn about their implementation of Pod Security using popular tools like Kyverno and OPA. Gain insights into the challenges faced, lessons learned, and advantages of adopting ValidatingAdmissionPolicies (VAPs) as a native solution. Examine practical examples demonstrating Mercedes-Benz's approach to ensuring a secure runtime for all applications across their extensive managed Kubernetes environment of 6,500+ machines.

Securing 900 Kubernetes Clusters Without PSP - Mercedes-Benz' Journey to ValidatingAdmissionPolicies