Pablo Lopez Zaldivar
Pablo is a Computer Science student and a Training Engineer at Sysdig. He is highly interested in tools to trace the behaviour of a given system. He also holds a MS in Functional Analysis of Behaviour (Psychology) and is passionate about teaching and all the tools that help us automate and increase the scope of new technologies.
Easing the burden of the Kubernetes Pod Security Policy setup
A Pod Security Policy defines what conditions a pod must meet to be accepted into the system. Defining these objects at a Kubernetes cluster is not always easy. Will it be too restrictive or too loose? But, is there any alternative to copy-pasting from previous deployments? Which RBAC permissions should I create?
Some tools exist that ease the process of deploying PSPs in your Kubernetes cluster. From generating the most restrictive PSP (principle of least privilege) for your deployment pod spec with kube-psp-advisor to creating RBAC definitions with rbac-manager. We will take some demo example applications and will generate PSP and RBAC permissions for them in a real use case scenario.