-
Notifications
You must be signed in to change notification settings - Fork 494
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CyberArk: Application Identity in Cloud Foundry and Kubernetes, from the Perspective of an External Service #6
Comments
I assume this is related to OSB API right ? Either way I’d be interested in hearing this.
…-Doug
Sent from my iPhone
On Apr 6, 2018, at 10:31 AM, izgeri ***@***.***> wrote:
CyberArk Conjur recently built two new integrations with Pivotal Cloud Foundry / Cloud Foundry and OpenShift (RedHat's implementation of Kubernetes). Through that process, we learned a lot about how applications are uniquely identified in these two systems, and how external services might leverage the internal app identities to reliably privilege appropriate applications to utilize their services.
I am proposing to speak to the SAFE working group about the current state of each of these systems with respect to application identity, and some lessons learned about potential improvements that could be made.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
For one of these integrations we used the OSB API, but I wasn't actually thinking I'd talk much about that. I'm actually more interested in the emerging standards around certificate-based app identity, such as the SPIFFE standard and CF instance identity. |
@izgeri Scheduled for 2018-06-08 |
Slides are available here |
Meeting notes: https://docs.google.com/document/d/10iJ3wA7uVI6JMyvIv9qXdxdLCyQeS-djYsTqL_JG3d0/edit Meeting video recording: |
CyberArk Conjur recently built two new integrations with Pivotal Cloud Foundry / Cloud Foundry and OpenShift (RedHat's implementation of Kubernetes). Through that process, we learned a lot about how applications are uniquely identified in these two systems, and how external services might leverage the internal app identities to reliably privilege appropriate applications to utilize their services.
I am proposing to speak to the SAFE working group about the current state of each of these systems with respect to application identity, and some lessons learned about potential improvements that could be made.
The text was updated successfully, but these errors were encountered: