Virtual Event
May 4 - May 7
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2021 Virtual to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

Back To Schedule
Wednesday, May 5 • 13:10 - 13:45
Secrets Store CSI Driver: Keeping Secrets Secret - Anish Ramasekar, Microsoft & Tommy Murphy, Google

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Applications running on Kubernetes require access to sensitive information (passwords, SSH keys and authentication tokens). But how do you configure your applications when the source of truth for these secrets is an external secret store? What if you need to store, retrieve and perform zero touch rotation of these secrets securely? Meet the Secrets Store CSI Driver, a sig-auth subproject providing a simple way to retrieve secrets from enterprise-grade external stores such as Azure Key Vault, Google Secret Manager and HashiCorp Vault. In this session, Anish and Tommy will demonstrate how to use the Secrets Store CSI Driver to mount and rotate sensitive information from external secrets stores in the Kubernetes application. They will also discuss trade-offs of the CSI driver versus other solutions to accessing external secret stores and how CRDs are used to make pod portability across Kubernetes environments possible.

avatar for Anish Ramasekar

Anish Ramasekar

Senior Software Engineer, Microsoft
Anish Ramasekar is a software engineer at Microsoft. He is on the Azure Cloud Native Compute team building features for Kubernetes upstream and for Azure Kubernetes Service.
avatar for Tommy Murphy

Tommy Murphy

Software Engineer, Google
Tommy Murphy is an engineer at Google Cloud working on Key and Secret management. Previously he worked at DigitalOcean, ShopKeep, and the US Air Force. Tommy is passionate about providing developers with the tools to make the secure option the easiest option.

Wednesday May 5, 2021 13:10 - 13:45 CEST
Storage Theater