In-person + Virtual
18-21 April
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis. 
Back To Schedule
Friday, April 21 • 16:55 - 17:30
Can You Keep a Secret? on Secret Management in Kubernetes - Liav Yona & Gal Cohen, Firefly

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.

Our applications today need to interface and communicate with many different services, and many times authenticate to these. This means just to be able to function in a modern cloud native system, applications needs to store and use sensitive data constantly - such as passwords, access keys, certificates (among other private keys), and these sensitive keys have become a core part of the code we write. We’ve learned a long time ago that we can’t have hard-coded secrets, and that’s where tools like Vault or practices like environment variables have come into play. When it comes to Kubernetes, most organizations use Kubernetes secrets by default to secure their private keys and data. However, by design and even in the docs it is clearly stated that these are stored unencrypted in the API server’s underlying data store etcd. Because we have learned the hard way that we need to protect our secrets at all costs, we will take a deep dive on the Secret Store CSI Drive. We’ll understand how it works under the hood, and with multiple credential provider support we’ll demonstrate through code examples how the CDI Driver ensures robust security, least privilege access, and integrates seamlessly into code.

avatar for Gal Cohen

Gal Cohen

Backend Engineer, Firefly
Gal Cohen is a Software Engineer at Firefly. With years of experience in Cloud and Engineering, Gal has earned a reputation of an expert in her field. Prior to Firefly, Gal served in the Elite Intelligence unit 8200.
avatar for Liav Yona

Liav Yona

Engineering Team Lead, Firefly
Liav Yona is a Software Development Team Lead at Firefly. With years of experience, Liav earned a reputation as a Cloud Native and Cybersecurity expert. Prior to Firefly, Liav served for several years in the elite intelligence unit 8200 and worked at CyberArk. Liav is a passionate... Read More →

Friday April 21, 2023 16:55 - 17:30 CEST
Hall 7, Room C | Ground Floor | Europe Complex
  Security + Identity