You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
What is the stand of Spiffe, on using of Security Groups/Firewall rules? Does SPIFFE wanna eliminate these concepts(eventually)? Or SPIFFE complements existence of Firewall rules?
I had checked a talk at KubeCon NA '17. It looks that SPIFFE addressing limitations of Firewall rules. I created this issue, so that community gets aware of SPIFFE stand.
The text was updated successfully, but these errors were encountered:
Evan Gilman [3 days ago]
IMO they are complimentary... just because you have security groups doesn't mean you shouldn't use SPIFFE, and vice versa. That said, I personally view security mechanisms like SPIFFE as primary protection mechanisms, which can be shored up through the use of L3/L4 network controls.
Savankumar Gudaas [3 days ago] @evan2645 yeah it makes sense.
What do mean by SPIFFE as primary protection mechanism? Can you plz expand.
Apart from Authentication, it’s possible to use for Authorization. If authorization pushed to SPIFFE, then SPIFFE can be a primary mechanism. What’s your opinion?
Evan Gilman [2 days ago]
When I said "mechanisms like SPIFFE", what I meant was pervasive authentication and authorization. SPIFFE itself doesn't provide authorization, but it provides a great place to
Hello Awesome Spiffies!
What is the stand of Spiffe, on using of Security Groups/Firewall rules? Does SPIFFE wanna eliminate these concepts(eventually)? Or SPIFFE complements existence of Firewall rules?
I had checked a talk at KubeCon NA '17. It looks that SPIFFE addressing limitations of Firewall rules. I created this issue, so that community gets aware of SPIFFE stand.
The text was updated successfully, but these errors were encountered: