This week in Cloud Native 008

# This week in Cloud Native 008 Date: Aug 30th, 2021 Host: @mauilion ### COC This is an official livestream of the CNCF, and as such is subject to the CNCF Code of Conduct. Please do not add anything to the chat or questions that would be in violation of that code of conduct; basically, please be respectful of all of your fellow participants and presenters. ### "Registration for KubeCon + CloudNativeCon North America 2021 is now open for in-person and virtual! To explore all registration options, click the link here: https://bit.ly/2SkSzIT. Hope to see you there!" * Schedule is [live](https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/program/schedule/) ### This week on cloudnative.tv! #### [Playlists for your favorite shows.](https://www.youtube.com/c/cloudnativefdn/playlists) #### New content every day of the week ### Kubernetes! * SIG-Docs is looking for contributors, particularly folks interested in becoming reviewers, and eventually Chairs. If you like writing, SIG-Docs is the place for you! * [KubeCon + CloudNativeCon North America co-located event schedules are live!](https://events.linuxfoundation.org/kubecon-cloudnativecon-north-america/program/colocated-events/?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-8viK-eVPBxkMJhpg1pWLH4-Erhnqvp9jIC7l3jLhPAUL0TWc5BFdVjOY3KaFJSRFmGo8si#co-located-event-attendees) * [Easy, secure Kubernetes authentication with pinniped](https://community.cncf.io/e/mb9gdg/?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-8viK-eVPBxkMJhpg1pWLH4-Erhnqvp9jIC7l3jLhPAUL0TWc5BFdVjOY3KaFJSRFmGo8si) Matt Moyer & Margo Crawford, VMware ### Kubernetes CVEs * [The security announce group](https://groups.google.com/g/kubernetes-security-announce) ### CNCF Things! * [Kubernetes Weekly](https://www.cncf.io/kubeweekly/) * [A chat about returning to kubecon this year!](https://twitter.com/CloudNativeFdn/status/1432372401816444928?s=20) * [cosign and distroless example](https://www.infracloud.io/blogs/secure-containers-cosign-distroless-images/?utm_source=hs_email&utm_medium=email) * [kubescape is the first tool for testing if Kubernetes is deployed securely as defined in Kubernetes Hardening Guidance by to NSA and CISA](https://github.com/armosec/kubescape?utm_source=hs_email&utm_medium=email&_hsenc=p2ANqtz-8viK-eVPBxkMJhpg1pWLH4-Erhnqvp9jIC7l3jLhPAUL0TWc5BFdVjOY3KaFJSRFmGo8si) ## Playtime! * [blog post for seccomp!](https://kubernetes.io/blog/2021/08/25/seccomp-default/) * [runtime default seccomp!](https://kubernetes.io/docs/tutorials/clusters/seccomp/) * issues.k8s.io/104299 * https://medium.com/@LachlanEvenson/how-to-enable-kubernetes-container-runtimedefault-seccomp-profile-for-all-workloads-6795624fcbcc Shout out to Lachie! ![](https://i.imgur.com/vsEfOqt.png) https://github.com/kubernetes/enhancements/blob/master/keps/sig-auth/2579-psp-replacement/README.md https://kubernetes.io/docs/concepts/security/pod-security-standards/ ### References: https://github.com/JimBugwadia/pod-security-tests