Andrew Block · @sabre1041
126 followers · 1069 posts · Server hachyderm.ioLatest release (v0.0.26) of the #OpenShift Group Sync Operator has been released! Features include:
* Certificate management for custom Azure certificates
* Security hardening for secret access
Now available in OperatorHub! #security #rbac #OpenShift
https://github.com/redhat-cop/group-sync-operator/releases/tag/v0.0.26
Jérôme Petazzoni · @jpetazzo
1368 followers · 391 posts · Server hachyderm.io
In her second talk at #devoxx today, @tiffanyfay walks us through a demo of setting up fine grained permissions with #kubernetes #RBAC, creating roles, rolebindings, and even breaking down how kubectl obtains the service account token and discovers the kubernetes API server endpoint when running from within a pod!
Jérôme Petazzoni · @jpetazzo
1368 followers · 373 posts · Server hachyderm.ioÀ #devoxx!
Et on va commencer par un talk de @tiffanyfay sur le #RBAC dans #Kubernetes, en anglais.
Je suis assez curieux de voir combien de gens vont venir écouter un talk en anglais !
(En tout cas si vous voulez un "quickstart" sur les permissions dans K8S, c'est THE occasion, ou comme on dit ici LE occasion :D )
robrich · @robrich
12 followers · 100 posts · Server hachyderm.io
https://dev.to/oktadev/how-to-secure-your-kubernetes-cluster-with-openid-connect-and-rbac-5hic - secure your #k8s cluster with #RBAC using #Okta. Nice #terraform setup @deepu105.
Charlie Egan · @charlieegan3
26 followers · 37 posts · Server hachyderm.io30 years on, #RBAC remains a solid foundation for access control system designs.
I've written up a post where I go into detail about how to build and extend on RBAC in OPA.
https://www.styra.com/blog/enforcing-role-based-access-control-rbac-policies-with-opa/
John Refior · @jrefior
146 followers · 1119 posts · Server hachyderm.io
Greg Swift · @gregswift
52 followers · 84 posts · Server hachyderm.ioSay you run into the normal problems with groups:
1: Org restructuring has left groups in a constant mess
2: Groups are overloaded in who is in them and what access they provide
3: Groups are non-sensical and aren't following a pattern
4: Really want to get closer to #ZeroStandingPermissions (#ZSP) or #RoleBasedAccessControl (#RBAC)
#zerostandingpermissions #zsp #rolebasedaccesscontrol #RBAC
Volkan Özçelik · @volkan
27 followers · 1068 posts · Server z2h.devklum (Kubernetes Lazy User Manager) does the following basic tasks:
- Create/Delete/Modify users
- Easily manage roles associated with users
- Issues kubeconfig files for users to use
#klum #usermanagement #kubernetes #infra #RBAC #tools
Volkan Özçelik · @volkan
27 followers · 1065 posts · Server z2h.devkubectl-who-can shows who has RBAC permissions to perform actions on different resources in Kubernetes.
#kubernetes #RBAC #plugin #tools #devops #devex
Volkan Özçelik · @volkan
27 followers · 1062 posts · Server z2h.devKrane is a Kubernetes RBAC static analysis & visualisation tool.
#Krane #RBAC #security #visualization #StaticAnalysis #tools #DevOps #infra
#krane #RBAC #security #visualization #StaticAnalysis #tools #devops #infra
Volkan Özçelik · @volkan
23 followers · 987 posts · Server z2h.devpolicy is a CLI for building OPA policies into OCI images.
https://github.com/opcr-io/policy
#policy #OPA #CLI #tools #Kubernetes #infra #security #rbac #role #policy #CommandLine #apps
#policy #opa #cli #tools #kubernetes #infra #security #RBAC #role #CommandLine #apps
Volkan Özçelik · @volkan
22 followers · 952 posts · Server z2h.devIf you want to have a policy-based RBAC over “anything”, then OPA is a great solution
#infra #security #RBAC #policy #opa #declarative #rego
Volkan Özçelik · @volkan
16 followers · 821 posts · Server z2h.dev
Krane is a Kubernetes RBAC static analysis & visualisation tool
https://github.com/appvia/krane
#Kubernetes #infra #tools #security #StaticAnalysis #visualization #RBAC
#kubernetes #infra #tools #security #StaticAnalysis #visualization #RBAC