Sign in to confirm you’re not a bot
This helps protect our community. Learn more

Securing container deployments on Azure Kubernetes Service with open-source tools | BRK264H

Microsoft Developer
588K subscribers
<__slot-el>
<__slot-el>
672 views 1 year ago #MSBuild
Containers have revolutionized the way applications are deployed and managed. With increased adoption comes a pressing need for container security. It is crucial to ensure only trusted images are deployed. In this talk, discover two crucial technologies - Notation and Ratify. Learn how to configure them to secure container deployments on AKS. Notation provides image signing and verification capabilities, while Ratify is an external data provider for Gatekeeper admission controller used to validate container image signatures prior to deployment. To learn more, please check out these resources:  ...more
...more
These chapters are auto-generated

Introduction

0:00

Story

0:38

Statistics

2:57

Recap

5:15

Demo

7:21

Scan with Trivia

8:50

Scan with Severity of High

11:57

Notation

12:44

Azure Container Registry

14:10

Update Azure Database Manifest

17:27

Install Gatekeeper

18:32

Install ratify

19:13

Deploy ratify constraint

20:52

Demonstration of Deploy ratify constraint

22:20

Deployment logs

23:15

Logs command

23:49

Search command

24:16

GitHub Actions

24:42

Check Kubernetes manifests

26:06

Check out the code

27:17

GitHub action

27:43

Login to Azure

28:32

Docker push

29:52

Notation setup

30:27

Notation sign

31:12

Logs

32:46

Container Registry

34:09

Create ACR token

34:46

Questions

35:18

Trivia

37:34

Trivia Vulnerability Report

38:34

Summary

39:24

GitHub repository

39:58

Related sessions

40:48
Securing container deployments on Azure Kubernetes Service with open-source tools | BRK264H
17Likes
672Views
2023May 25
Containers have revolutionized the way applications are deployed and managed. With increased adoption comes a pressing need for container security. It is crucial to ensure only trusted images are deployed. In this talk, discover two crucial technologies - Notation and Ratify. Learn how to configure them to secure container deployments on AKS. Notation provides image signing and verification capabilities, while Ratify is an external data provider for Gatekeeper admission controller used to validate container image signatures prior to deployment. To learn more, please check out these resources: Speakers:
  • Joshua Duffney
  • Toddy Mladenov
  • Nannette Sperling
  • Aaron Wislang
Session Information: This video is one of many sessions delivered for the Microsoft Build 2023 event. View the full session schedule and learn more about Microsoft Build at https://build.microsoft.com BRK264H | English (US) | DevSecOps & SRE #MSBuild

Follow along using the transcript.

Microsoft Developer

588K subscribers