Many people know that Kubernetes can report API activity to logging back ends and that auditing is a powerful security tool, but what happens in the real world when you have:

  • Multiple API servers
  • Mutating Admission Controller Webhooks
  • Aggregated APIs
  • Webhook audit log backends
  • Massive API throughput requirements

The short answer is, things get tricky. In this short seminar, we’ll take a brief look at the more complex and deeper issues faced by Kubernetes operators when seeking to implement comprehensive, efficient, and secure Kubernetes auditing.