Brussels / 2 & 3 February 2019

schedule

How Kubernetes used gRPC to encrypt secrets with an external Key Management Service


How Kubernetes used gRPC to encrypt secrets with an external Key Management Service

In recent headlines, there are increasing news about cloud resources getting hacked caused by attacks on Kubernetes clusters. Failing to properly secure your Kubernetes data can result in cloud resources getting hacked and your application secrets getting stolen. The etcd database contains information that may grant an attacker significant visibility into the state of your cluster.

This presentation focuses on how a gRPC-based implementation was added to Kubernetes to delegate encrypting secrets to an external Key Management Service and the benefits of using a gRPC-based design for this type of problem. Basic knowledge of Kubernetes and gRPC is a plus but not required.

Speakers

Photo of Rita Zhang Rita Zhang

Links