Brandon LuminUniversal Workload IdentityUntangling the Multi-cloud Identity and Access Control ProblemWhen an organization moves to a multi-cloud environment, one of the first questions a developer will ask is “How do I access my S3 bucket…Sep 1, 2021Sep 1, 2021
Brandon LuminUniversal Workload IdentityShepherding your Cloud Native “cattle” with TornjakIn the cloud native world, there is a saying that we treat our workloads and services like “cattle, not pets”. This stems from the idea…Aug 23, 2021Aug 23, 2021
Brandon LumAdvancing Image Security through Encrypted Container ImagesWhen it comes to container image security, some of you may have heard about image signing, such as Docker Content Trust and Red Hat Image…Mar 26, 2020Mar 26, 2020
Brandon LumHow Encrypted Images brings about compliance in Kubernetes (via CRI-O)During the previous series of blogposts, we introduced encrypted container images, and showed how to encrypt and decrypt container images…Jan 23, 2020Jan 23, 2020
Brandon LumEncrypting container images with skopeoIn this blog post, @harche and I will bring you through how to the new Encrypted Container Images feature with skopeo! We will bring you…Jan 13, 2020Jan 13, 2020
Brandon LumYour secrets (best before 1/1/2025)A thought experiment on cryptography’s expirationDec 19, 2019Dec 19, 2019
Brandon LumEncrypting container images with containerd imgcrypt!Just recently, we upstreamed encrypted container images officially as a non-core containerd project! In this blogpost, we will introduce…Nov 13, 20194Nov 13, 20194