Play all

Introduction

Pod Security

PSP Security Emission

PSP Security Recommendations

Why use Kyverno

Kyverno Policy Library

Kyverno Validation Policy

Kyverno Autogen

Kyverno Enforce Policy

Kyverno Policy Report

Grandfather Dashboard

Mutate Policy

Conclusion

Description:

Explore effective strategies for maintaining cluster security in the absence of PodSecurityPolicy (PSP) in this 26-minute conference talk from KubeCon + CloudNativeCon Europe 2022. Learn how to leverage Kyverno, a Kubernetes-native admission controller, to set and validate security contexts for pods and pod controllers. Discover Kyverno's audit mode capabilities for identifying security violations without impacting existing clusters, and its Command Line Tool for executing policies in CI/CD pipelines. Follow along as Shuting Zhao demonstrates how to generate policy reports, enforce Pod security best practices, and improve overall cluster security posture using Kyverno's features, including policy libraries, validation policies, autogen functionality, and mutation policies.

Replacing PSPs - Keep Bad Pods out of Your Cluster Using Kyverno

CNCF [Cloud Native Computing Foundation]

Add to list

#Conference Talks #Computer Science #DevOps #Kubernetes #Kubernetes Security #Admission Controllers #Kyverno

0:00 / 0:00