A presentation by Nick Taylor (Developer Advocate at Pomerium) explains how zero trust security principles can be applied to Kubernetes to replace traditional perimeter-based security. The talk covers why VPNs and credential-based access fail, and how identity-aware proxies can secure Kubernetes at three levels: ingress controllers for internal services, the Kubernetes API for kubectl and K9s access, and SSH node access using short-lived certificates. Core zero trust components include an identity provider, a policy engine with context-based rules, and a layer-7 reverse proxy that validates every request, enabling micro-segmentation and real-time access revocation.
Table of contents
How identity-aware proxies eliminate credential headaches.Key takeawaysMore from We Love Open SourceAbout the AuthorSort: