KubeCon + CloudNativeCon North America 2017

Compliance with what? Depends on your industry. As k8s continues to expand into regulated enterprises such as government, health care and financials deployments will need to understand how managing users and their access relates to compliance obligations. This session will focus on how identity management can be approached for solving this issue. How do you onboard users? Authorize their access to a namespace? Offboard them? Is there a need to differentiate between a privileged user and an unprivileged user? I'll go beyond the technical implementation in k8s and tie it to specific compliance requirements in FISMA and demo how solving the compliance issue can also improve the usability and security of your k8s deployment. This talk will follow a similar form to https://www.tremolosecurity.com/openshift-compliance-and-identity-management/ but specifically on k8s.