At Oath, we have developed and open sourced a service authentication and role-based authorization system called Athenz to address zero trust principles, including situations where authenticated clients require explicit authorization to be allowed to perform actions, and authorization needs to always be limited to the least privilege required. We are using Athenz to bootstrap our instances deployed in both private and public clouds with service identities in the form of short-lived x.509 certificates that allow one service to securely communicate with another. At Oath, every OpenStack instance is powered by Athenz identities at scale. In this talk, we will discuss Athenz and its integration with OpenStack for RBAC and identity provisioning.
*MOVED TO 4:20 - 5:00PM IN HALL A2*