kubernetes
/
community
mirror of https://github.com/kubernetes/community.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
community/sig-auth
History
Maciej Szulik 0fd4560c71
Generate 2024 annual report boilerplates 
Signed-off-by: Maciej Szulik <soltysh@gmail.com>
 		2025-01-08 18:52:32 +01:00
..
archive Archive 2020 SIG-Auth meeting notes 2021-04-14 15:40:55 -07:00
CONTRIBUTING.md fix: use https instead of http 2024-06-09 23:37:06 +09:00
OWNERS Updated OWNERS files to include link to docs 2019-01-30 19:37:21 +01:00
README.md Add externaljwt repo to service-accounts project 2024-11-07 08:57:38 -05:00
annual-report-2020.md Rename annual reports to match calendar year 2021-06-04 14:48:48 -04:00
annual-report-2021.md sig-auth: 2021 annual report 2022-03-27 23:26:00 -07:00
annual-report-2022.md add project health details for q1 and q6 2023-08-08 16:27:02 +00:00
annual-report-2023.md sig-auth: 2023 annual report 2024-07-09 12:41:44 -07:00
annual-report-2024.md Generate 2024 annual report boilerplates 2025-01-08 18:52:32 +01:00
charter.md Rename Product Security Team to Committee 2019-03-04 11:47:21 -07:00

README.md

Auth Special Interest Group

Covers improvements to Kubernetes authorization, authentication, and cluster security policy.

"All I want is a secure system where it's easy to do anything I want. Is that so much to ask?" - xkcd

The charter defines the scope and governance of the Auth Special Interest Group.

Meetings

Joining the mailing list for the group will typically add invites for the following meetings to your calendar.

Leadership

Chairs

The Chairs of the SIG run operations and processes governing the SIG.

Technical Leads

The Technical Leads of the SIG establish new subprojects, decommission existing subprojects, and resolve cross-subproject technical issues and decisions.

Emeritus Leads

Contact

Working Groups

The following working groups are sponsored by sig-auth:

Subprojects

The following subprojects are owned by sig-auth:

audit-logging

Kubernetes API support for audit logging.

authenticators

Kubernetes API support for authentication.

authorizers

Kubernetes API support for authorization.

certificates

Certificates APIs and client infrastructure to support PKI.

encryption-at-rest

API storage support for storing data encrypted at rest in etcd.

hierarchical-namespace-controller

Controller to manage hierarchical namespaces

node-identity-and-isolation

Node identity management (co-owned with sig-lifecycle), and authorization restrictions for isolating workloads on separate nodes (co-owned with sig-node).

policy-management

API validation and policies enforced during admission, such as PodSecurityPolicy. Excludes run-time policies like NetworkPolicy and Seccomp.

secrets-store-csi-driver

Integrates secrets stores with Kubernetes via a CSI volume.

secrets-store-sync-controller

This is a Kubernetes controller that watches for changes to a custom resource and syncs the secrets from external secrets-store as Kubernetes secret.

service-accounts

Infrastructure implementing Kubernetes service account based workload identity.

sig-auth-tools

Tooling to automate the SIG Auth project boards