Virtual Event
November 17, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual and add this co-located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

MC’s for Production Identity Day: SPIFFE + SPIRE: Umair Khan, HPE + Andrès Vega, VMware
Back To Schedule
Tuesday, November 17 • 3:50pm - 4:10pm
Fortifying Microservice Security with SPIRE and OPA

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Microservice architecture although beneficial brings with it unique security challenges around authentication and authorization which become more acute due to the diverse nature of microservice environments.
How do we reliably authenticate and authorize interactions between 10s, 100s, or even 1000s of services at scale while handling 1000 API calls per second?

SPIRE solves authentication by creating an identity plane across varied infrastructure over which cryptographically verifiable identities such as JWTs are delivered securely to workloads. OPA provides a policy engine that can be used to enforce fine-grained authorization policies across the stack.
We will show how SPIRE issued JWT SVID claims created using SPIRE’s OIDC Federation can be used by OPA to enforce service-to-service and end-user access control in microservice environments without compromising on speed and availability.

avatar for Ash Narkar

Ash Narkar

SIG-Security Technical Lead, Styra
Ash Narkar is a maintainer of the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc. working on OPA development and integrations. Previously he was a Principal Engineer at Verizon... Read More →

Tuesday November 17, 2020 3:50pm - 4:10pm EST