Securing Your Kubernetes Cluster with Admission Control + CI/CD with OPA

Mia-Platform - Via Carlo Imbonati, 18 Milano - View Map Kubernetes & Cloud-Native Milano
Thu, Dec 5, 2019, 7:00 PM (CET)

About this event

Nel prossimo meetup avremo due talk in cui tratteremo OpenPolicyAgent e il suo utilizzo in cluster Kubernetes e pipeline di CI/CD. Per l'occasione avremo come speaker Ash, Software Engineer in Styra Inc. e core contributor del progetto Open Policy Agent.

Securing Your Kubernetes Cluster with Admission Control

Abstract: How do you make sure your Kubernetes resources conform to external regulations and internal policies? Whether you need to ensure that images are pulled from a specific repository or that all resources are labeled according to your organization's guidelines, these kinds of rules are essential to operating and securing your Kubernetes environments.

Kubernetes allows separation between the runtime-state and desired-state of your clusters, thereby allowing cluster administrators to enforce desired-state security policies via a mechanism called Admission Control.

Kubernetes Admission Controllers go well beyond RBAC/ABAC to help you put the necessary guardrails in place and in doing so, avoid runtime problems even before they happen. This talk will show how the Open Policy Agent (OPA) provides a declarative approach to Admission Control to enforce custom policies on Kubernetes objects without modifying any Kubernetes components.

Bio: Ash Narkar is the core contributor to the Open Policy Agent project. Ash has over 5 years of experience working on large-scale distributed systems. Ash is a Senior Software Engineer at Styra, Inc., working on OPA development and integrations. Previously he was a Principal Engineer at Verizon Labs, where he worked on their IoT platform. Ash also worked as a Software Engineer at Cyan, Inc., where he contributed to the core components of their SDN platform. Ash has presented the OPA project at KubeCon, Open Source Summit, Kubernetes meetups, and more.


Thursday, Dec 5
7:00 PM - 9:00 PM (CET)


Via Carlo Imbonati, 18 Milano


  • Jacopo Nardiello

    Jacopo Nardiello


    CEO & Founder

    View Profile
  • Diego Braga

    Diego Braga

    Kiratech S.p.A.

    Cloud Native Solution Architect

    View Profile
  • Giulio Roggero

    Giulio Roggero


    CTO & Co-Founder

    View Profile
  • Paolo Mainardi

    Paolo Mainardi



    View Profile
  • Fabrizio Pandini

    Fabrizio Pandini


    Staff1 Engineer

    View Profile
  • Natale Vinto

    Natale Vinto

    Red Hat

    Developer Advocate

    View Profile
  • Adriano Pezzuto

    Adriano Pezzuto



    View Profile
  • Chiara Muzzolon

    Chiara Muzzolon


    Marketing Team

    View Profile
  • Sara Trappetti

    Sara Trappetti

    SIGHUP srl

    Marketing Manager

    View Profile
  • Angela Salgarelli

    Angela Salgarelli

    Kiratech S.p.A.

    Digital Marketing Manager

    View Profile
  • Nikla Lazzari

    Nikla Lazzari

    Kiratech S.p.A.

    Digital Marketing Manager

    View Profile
  • Annalisa Gennaro

    Annalisa Gennaro


    Head of Marketing and Communication

    View Profile
  • Melania De Angelis

    Melania De Angelis

    Junior Inbound Marketer @SIGHUP

    View Profile
  • Pasquale Monterisi

    Pasquale Monterisi


    Mkt Operation Specialist

    View Profile