This talk explores how Mercedes-Benz secures their massive Kubernetes environment (over 900 clusters!). While Pod Security Policies (PSPs) were previously used, they’ve been deprecated. The new Pod Security Standards (PSS) lack the flexibility needed for Mercedes-Benz’s complex setup.
Watch the video to learn:
- Why traditional PSPs weren’t ideal for Mercedes-Benz’s needs
- How they implemented Pod Security using Kyverno, OPA, and Validating Admission Policies (VAPs)
- The benefits of a native VAP solution over open-source tools
- Practical examples and lessons learned
This talk is ideal for anyone managing large Kubernetes deployments and seeking robust security solutions.
