Thanks so much for this presentation - I agree w/ MH that (even though it might not be the best marketing name) "IAM for Pods" instead of IRSA makes more sense
I have just started with AWS and exploring it's security side, this might sound a simple question but I cannot figure out how to map the actual user that gave the request for node group creations. Since in cloudtrail the node group is created by eks by assuming the role. All the resources provisioned are mapped under eks as username, how do I identify which user actually gave the command for node group creation.
Man I found this presentation poor. The security guys either mumbling or just not explaining themselves very well. The workshop content is not easy to follow which is daft as this is in the beginner section.
"Meat" starts @ 15:00 min
Thanks so much for this presentation - I agree w/ MH that (even though it might not be the best marketing name) "IAM for Pods" instead of IRSA makes more sense
I have just started with AWS and exploring it's security side, this might sound a simple question but I cannot figure out how to map the actual user that gave the request for node group creations. Since in cloudtrail the node group is created by eks by assuming the role. All the resources provisioned are mapped under eks as username, how do I identify which user actually gave the command for node group creation.
Where I can find that diagram? :D
Man I found this presentation poor. The security guys either mumbling or just not explaining themselves very well. The workshop content is not easy to follow which is daft as this is in the beginner section.
You guys gave up on the containersfromthecouch.com site? it just redirects to youtube
It was more overhead to manage the separate static site with limited benefits. RUclips search works well and is always up to date.