Virtual Event
November 17, 2020
Learn More and Register to Attend This Event

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2020 - Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Standard Time (UTC–05:00). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Tuesday, November 17 • 4:15pm - 5:00pm
Enabling Autonomous Teams With Policy Enforcement at Yubico - James Alseth & John Reese, Yubico

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

In this talk, we will discuss the tools and processes created by Yubico to enable autonomous teams through policy.  Initially, Kubernetes RBAC and peer reviews from our Platform team allowed teams to adopt Kubernetes for their services. However, we knew that a dependency on a single team was not a scalable solution.  To give teams more autonomy over their services, and rely less on manual reviews, we began to enforce policies in our pipelines and clusters by leveraging the Open Policy Agent. The Open Policy Agent and its surrounding projects were the perfect fit for us; they are open source, flexible, performant, and have seen widespread adoption throughout the ecosystem.  We'll also discuss the tooling that was built that enabled us to test policies, automatically generate supporting documentation and audit how each policy is being used so that they can be safely promoted through our environments. Best of all? They are all open source!

avatar for James Alseth

James Alseth

Security Engineer, Yubico
James Alseth is a Security Engineer at Yubico, currently focused on cloud infrastructure security. He works on building self-service security solutions that enable engineers to be more confident in their design, implementation, and deployment decisions and strategies.
avatar for John Reese

John Reese

Software Engineer, Yubico
John Reese is a Software Engineer at Yubico, who specializes in Kubernetes and Go. He is an active open source contributor and a core maintainer for Conftest, a tool that helps you write tests against structured configuration data. In his free time, he enjoys playing hockey and video... Read More →

Tuesday November 17, 2020 4:15pm - 5:00pm EST