History

Rita Zhang f2550643ea Add secrets store csi meeting info (#5394 ) * Add secrets store csi meeting info Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com> * Run make Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com> * Move meeting info to the top Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com> * Apply suggestions from code review Co-authored-by: Anish Ramasekar <anish.ramasekar@gmail.com> * Address comment Signed-off-by: Rita Zhang <rita.z.zhang@gmail.com> Co-authored-by: Anish Ramasekar <anish.ramasekar@gmail.com>		2021-01-12 17:32:36 -08:00
..
archive	Archive SIG-Auth 2019 meeting notes	2020-01-14 10:06:31 -08:00
OWNERS	Updated OWNERS files to include link to docs	2019-01-30 19:37:21 +01:00
README.md	Add secrets store csi meeting info (#5394 )	2021-01-12 17:32:36 -08:00
charter.md	Rename Product Security Team to Committee	2019-03-04 11:47:21 -07:00

README.md

Auth Special Interest Group

Covers improvements to Kubernetes authorization, authentication, and cluster security policy.

"All I want is a secure system where it's easy to do anything I want. Is that so much to ask?" - xkcd

The charter defines the scope and governance of the Auth Special Interest Group.

Meetings

Regular SIG Meeting: Wednesdays at 11:00 PT (Pacific Time) (biweekly). Convert to your timezone.
- Meeting notes and Agenda.
- Meeting recordings.
Secrets Store CSI Meeting: Thursdays at 8:00 PT (Pacific Time) (biweekly). Convert to your timezone.
- Meeting notes and Agenda.
- Meeting recordings.

Leadership

Chairs

The Chairs of the SIG run operations and processes governing the SIG.

Mo Khan (@enj), VMware
Mike Danese (@mikedanese), Google
Tim Allclair (@tallclair), Apple

Technical Leads

The Technical Leads of the SIG establish new subprojects, decommission existing subprojects, and resolve cross-subproject technical issues and decisions.

David Eads (@deads2k), Red Hat
Jordan Liggitt (@liggitt), Google
Mike Danese (@mikedanese), Google

Emeritus Leads

Eric Chiang (@ericchiang)
Eric Tune (@erictune)

Contact

Slack: #sig-auth
Mailing list
Open Community Issues/PRs
GitHub Teams:
- @kubernetes/sig-auth-api-reviews - API Changes and Reviews
- @kubernetes/sig-auth-bugs - Bug Triage and Troubleshooting
- @kubernetes/sig-auth-feature-requests - Feature Requests
- @kubernetes/sig-auth-misc - General Discussion
- @kubernetes/sig-auth-pr-reviews - PR Reviews
- @kubernetes/sig-auth-proposals - Design Proposals
- @kubernetes/sig-auth-test-failures - Test Failures and Triage

Subprojects

The following subprojects are owned by sig-auth:

audit-logging

Kubernetes API support for audit logging.

Owners:

authenticators

Kubernetes API support for authentication.

Owners:

authorizers

Kubernetes API support for authorization.

Owners:

certificates

Certificates APIs and client infrastructure to support PKI.

Owners:

encryption-at-rest

API storage support for storing data encrypted at rest in etcd.

Owners:
- https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/src/k8s.io/apiserver/pkg/server/options/encryptionconfig/OWNERS
- https://raw.githubusercontent.com/kubernetes/kubernetes/master/staging/src/k8s.io/apiserver/pkg/storage/value/encrypt/OWNERS

multi-tenancy

Proposals and prototypes for introducing tenant model to enable multi-tenant cluster

Owners:
- https://raw.githubusercontent.com/kubernetes-sigs/multi-tenancy/master/OWNERS

node-identity-and-isolation

Node identity management (co-owned with sig-lifecycle), and authorization restrictions for isolating workloads on separate nodes (co-owned with sig-node).

Owners:

policy-management

API validation and policies enforced during admission, such as PodSecurityPolicy. Excludes run-time policies like NetworkPolicy and Seccomp.

Owners:

secrets-store-csi-driver

Integrates secrets stores with Kubernetes via a CSI volume.

Owners:
- https://raw.githubusercontent.com/kubernetes-sigs/secrets-store-csi-driver/master/OWNERS
Contact:
- Slack: #csi-secrets-store
- Mailing List

service-accounts

Infrastructure implementing Kubernetes service account based workload identity.

Owners: