Community Presentations

Resources presented by the SPIFFE community

The following presentations, podcasts, and blog posts demonstrate how people have used SPIFFE and SPIRE to address complex software infrastructure challenges.

Introductions

These presentations are designed to give some background for those who are not familiar with SPIFFE and SPIRE.

 

In this lightboard video Evan Gilman, an engineer at Scytale, provides an overview of CNCF’s SPIFFE and SPIRE Projects.

By Evan Gilman on 13-Feb-2020.

 

Presented by Andrew Jessup at KubeCon EU 2018 on 4-May-2019.

 

Presented by Andrew Jessup at KubeCon EU 2018 on 4-May-2019.

 
Zero-Trust Networks (Stripe, Scytale)

By Doug Barth & Evan Gilman on 22-October-2019.

 

By Evan Gilman in Software Engineering Daily on 14-November-2018.

 

Andrew and Andrés review the history of SPIFFE and SPIRE from 2016 to 2019 and showcase how applications can use SVIDs to interact with databases and cloud platform.

Presented by Andrew Jessup and Andrés Vega at KubeCon NA 2019 on 19-Nov-2019.

 

The first public presentation of the SPIFFE and SPIRE projects at KubeCon 2017.

Presented by Evan Gilman at KubeCon NA 2017 on 15-Dec-2017.

 

Presented by Evan Gilman at KubeCon EU 2019 on 24-May-2019.

 
SPIFFE & SPIRE panel (VMware, Scytale, Google, Amalgam Insights, QAware)

Presented by Krishna Ganugapati, Andrew Jessup, Maya Kaczoworski, Tom Petrocelli, Andreas Zitzelsberger at KubeCon Europe on 10-May-2018.

 
SPIFFE Overview (Scytale)

SPIFFE is the Secure Production Identity Framework for Everyone. Craig hates the name. Andrew Jessup, co-founder and VP of Product at Scytale (with a C) tells him and Adam why they should look past that and how Jason Bourne fits into the world of Cloud Native.

By Andrew Jessup on 21-March-2019.

 

Presented by Madhukesh Wali at Easy Bay Cloud Native Meetup on 25-Nov-2018.

 

Joe Beda gives a background on the motivation behind SPIFFE and SPIRE, and then livestreams installing it onto a Kubernetes cluster.

Presented by Joe Beda at TGI Kubernetes on 18-Oct-2019.

Case Studies

These presentations from end-users of SPIFFE and SPIRE showcase how the projects are being used in practice.

 

Andreas from QAWare explains how they used SPIRE as the foundation of a secure workload identity management system for a client.

Presented by Andreas Zitzelsberger at KubeCon EU 2018 on 4-May-2018.

 

Presented by Tyler Julian at KubeCon EU 2019 on 24-May-2019.

 

Presented by Matthew McPherrin at SPIFFE Community Day on 3-May-2019.

 

Presented by Charles Strahan at SPIFFE Community Day on 11-October-2019.

 

By Jeremy Krach on 23-March-2019.

 

How to use CNCF's SPIFFE and SPIRE projects along with other Cloud Native technologies to build a solid foundation for operating Zero Trust security models.

Presented by Bobby Samuels, Frederick Kautz, Emiliano Berenbaum, and Madhu Wali at Cloud Native Computing Foundation Webinar on 29-Apr-2020.

 

How the TransferWise financial services company is using SPIRE to move away from shared secrets and easily establish strong trust between software systems running across different domains

Presented by Jonathan Oddy at SPIFFE Community Day on 24-Apr-2020.

 

Why ByteDance decided to use SPIRE and how they are deploying SPIRE

Presented by Eli Nesterov at SPIFFE Community Day on 24-Apr-2020.

 

How Square deployed SPIRE and Envoy on a bare metal/multicloud hybrid environment

Presented by Matthew McPherrin at SPIFFE Community Day on 24-Apr-2020.

 

A brief overview of how GitHub is using SPIRE

Presented by Eric Lee at SPIFFE Community Day on 24-Apr-2020.

 

A brief overview of how doc.ai and Anthem are implementing zero-trust authentication using SPIRE

Presented by Frederick Kautz, Bobby Samuel at SPIFFE Community Day on 24-Apr-2020.

 

A brief overview of how Frontdoor is using SPIRE

Presented by Domingo Kiser at SPIFFE Community Day on 24-Apr-2020.

 

A brief overview of how the open source project Network Service Mesh is integrating SPIFFE/SPIRE

Presented by Ed Warnicke at SPIFFE Community Day on 24-Apr-2020.

Advanced Topics

 

In this talk, Sabree demonstrates how to use Envoy proxy and SPIRE to protect your telemetry endpoints, in both push and pull use cases, utilizing fluentd, Prometheus, and OpenTracing & Jaeger.

Presented by Sabree Blackmon at KubeCon NA 2018 on 15-Dec-2018.

 

Presented by Andrew Harding at KubeCon NA 2019 on 20-Nov-2019.

 

In this deep dive, Tyler covers how SPIRE scales to meet the needs of hundreds of thousands of workloads. And, despite a requirement for high, efficient throughout, the system must remain resilient in the face of failure.

Presented by Tyler Julian at KubeCon NA 2019 on 21-Nov-2019.

 

Evan and Oliver discuss how SPIFFE Federation works, and use it to show how a SPIRE- and Istio- identified workload can establish trust to each other.

Presented by Evan Gilman and Oliver Liu at KubeCon NA 2019 on 20-Nov-2019.

 

Presented by Max Lambrecht & Eugene Weiss at SPIFFE Community Day on 3-May-2019.

 

Presented by Eugene Weiss at SPIFFE Community Day on 11-October-2019.

 

Presented by Yonggang (Oliver) Liu & Wencheng Lu at KubeCon China on 5-July-2019.

 

Presented by Spike Curtis at SPIFFE Community Day on 3-May-2019.

 

Presented by Tyler Dixon at SPIFFE Community Day on 3-May-2019.

 

Presented by Peyton Walters at SPIFFE Community Day on 11-October-2019.

 

Presented by Agustín Martínez Fayó at SPIFFE Community Day on 11-October-2019.

 

Presented by Faisal Memon at SPIFFE Community Day on 11-October-2019.

 

How you can enable decoupled authentication and authorization with SPIRE and OPA using the go-spiffe v2 library

Presented by Ash Narkar at SPIFFE Community Day on 24-Apr-2020.

 

How to implement telemetry with SPIRE Agents deployed on over 10,000 nodes

Presented by Andrew Moore at SPIFFE Community Day on 24-Apr-2020.