Storing secrets in Kubernetes via native Secret objects has long been standard practice - but evolving security and compliance requirements demand more secure approaches. In this episode, we introduce the Secrets Store CSI Driver, a Kubernetes SIG Auth subproject that securely integrates your workloads with external secret stores like Azure Key Vault, Google Secret Manager, and AWS Secrets Manager. The CSI Driver mounts secrets directly into your pods at runtime, enabling zero-touch rotation and significantly reducing the risk of secret exposure or compromise. Join Anish and Ben as they demonstrate how to use the Secrets Store CSI Driver to meet modern security and compliance needs while simplifying secret management in Kubernetes.

Read more...

Learn how to implement node-specific restrictions in Kubernetes to prevent rogue nodes and enhance cluster security. This talk covers practical strategies and tools for securing Kubernetes nodes.

Explore advanced authorization patterns in Kubernetes, including CEL expressions, advanced selectors, and potential future enhancements to RBAC. Learn how to implement fine-grained access control.

Exploring the Common Expression Language (CEL) and its application in Kubernetes policy enforcement. Learn how CEL simplifies policy creation and management while maintaining security and compliance.

In this lightning talk, Anish will introduce you to the (Secrets Store) CSI driver and Sync controller and discuss trade-offs of the CSI driver versus Sync controller.

Comparative analysis of popular secrets management tools including External Secrets Operator (ESO), Secrets Store CSI Driver (SSCSID), Teller, and SOPS. Learn which tool fits your use case best.

Deep dive into OpenID Connect (OIDC) and Workload Identity in Kubernetes. Exploring how to securely authenticate workloads and manage identity across cloud-native applications.

Live presentation on the Secrets Store CSI Driver, covering its design principles, implementation details, and real-world usage patterns for keeping secrets secure in Kubernetes.

Explore the latest advancements in Kubernetes Workload Identity for Azure environments. Learn about new features, security improvements, and integration patterns for cloud-native applications.

CNCF webinar demonstrating how the Secrets Store CSI Driver enables secure integration of external secret stores with Kubernetes workloads. Covers architecture, implementation, and best practices.