The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.
For generations, secrets have been kept, shared, and exposed. Most would agree that the best-kept secrets are the ones we've never heard of or told others about. The concepts that revolve around maintaining safe secrets are universal and stem from addressing these questions: "Where is the secret kept?", "Who needs to know about the secret?", "How does the secret get shared with the relevant parties?", and "How do you prevent the secret from being easily interpreted?" The answers can help you create a secure lifecycle for storing, sharing, and consuming secrets. In Kubernetes, a secure secret strategy depends on the answers to these same questions. Now more than ever, the vulnerabilities around the storage, sharing, and consumption of secrets in Kubernetes are well known, and as a result, more likely to be exploited. In this talk, Lukonde Mwila will share why addressing these questions can optimize managing sensitive data in Kubernetes. In addition, he'll highlight details of a Kubernetes secret strategy from a real-world project in relation to these questions. Lastly, he'll share how answers to these questions can be used to develop a framework for a secure secret lifecycle in Kubernetes environments with a demo using ESO, ArgoCD, and OPA Gatekeeper.
Lukonde is a Senior Developer Advocate at AWS and a CNCF Ambassador. He has years of experience in application development, solution architecture, cloud engineering, and DevOps workflows. He is a life-long learner and is passionate about sharing knowledge through various mediums... Read More →
