Policy Enforcement on Kubernetes with Open Policy Agent

October 16, 2019
Kubernetes is a big and fast-moving project and it’s difficult to control what features or functions are available to your cluster users. Many of the managed Kubernetes offerings limit the the capability to configure the control plane, yet allow use validating and mutating admission webhooks. When your control plane is managed by a provider, you may not have ability to turn on useful Kubernetes Controllers to improve your cluster security. Aleks and Jaime will demonstrate how to leverage Open Policy Agent (OPA) admission controller to govern those requests and enable a single configuration point to enforce and validate security posture. This session will provide an introduction to Rego, the language used to describe OPA policies, recent updates to OPA, and break down sample policies for common use cases. Learn more: https://pv.tl/2oUfP1V Speakers: Aleks Saul, Senior Platform Architect, Pivotal; Jaime Gonzalez Aguilar, Advisory Platform Architect, Pivotal Filmed at SpringOne Platform Slideshare: https://www.slideshare.net/Pivotal/policy-enforcement-on-kubernetes-with-open-policy-agent
Previous
K8s at Scale in the Enterprise: Self-Service Through the View of Personas
K8s at Scale in the Enterprise: Self-Service Through the View of Personas

In this talk, Ryan Jones and Gabrielle Bufrem will share their experiences working with a wide range of ent...

Next Video
Success at Scale: It’s Hard, But Achievable
Success at Scale: It’s Hard, But Achievable

A majority of the Fortune 500 companies still follow Waterfall under the Agile umbrella. Rather than data-d...

SpringOne Platform 2019 Presentations

Watch Now