►
Description
Join us for Kubernetes Forums Seoul, Sydney, Bengaluru and Delhi - learn more at kubecon.io
Don't miss KubeCon + CloudNativeCon 2020 events in Amsterdam March 30 - April 2, Shanghai July 28-30 and Boston November 17-20! Learn more at kubecon.io. The conference features presentations from developers and end users of Kubernetes, Prometheus, Envoy, and all of the other CNCF-hosted projects
Knative - The Security Platypus? - Ariel Shuper, Aqua Security
Knative provides a way to extend Kubernetes to run serverless workloads. Although it runs as pods, given the nature of those workloads it requires an approach to security that is distinct from standard Kubernetes security practices. As 18th century explorers were wondering when they first encountered the platypus, is it a duck? an otter? or something else? In this talk Ariel reviews the serverless threat landscape, which is quite differentiated from the container equivalent, using examples of how coding mistakes may expose applications despite the extremely ephemeral workloads. This talk will show how combining preventative methods and more "offensive" methods such as tripwires can provide much better visibility and reduce the risk of Knative workloads being used as attack vehicles to reach other areas of the cluster or application. Finally, the platypus question will be resolved.
https://sched.co/Uaa9
A
It's
great
to
be
here
in
cube
cone,
and
especially,
you
know,
to
see
this
interest
knowing
I'm
the
last
presentation
of
today,
the
only
one
who
stops
you
from
going
to
the
party
I
hope
the
party
happens,
and
let's
talk
about
key
native
and
the
security
platypus
before
we
talk
about
platypus.
Let
first
I
give
you
a
quick
introduction
about
myself,
so
my
name
is
Arielle
Shope
I'm
working
today,
it's
porch
shift
in
porch.
A
If
we're
working
out
with
East
UN
service
mesh
to
create
you
know,
identity
based
runtime
protection,
I
used
to
work
in
aqua
security
or
was
responsible
there
for
the
server
less
security
solution.
A
lot
of
experience
working
with
different
service
environments
like
a
dibelius
lambda
as
your
function
google's
and
before
that
I
work
in
checkpoint
security
and
I
was
responsible
for
the
public
cloud,
like
Amazon,
etc.
A
A
B
A
A
Thank
you.
Thank
you
for
the
answer.
So
this
is
a
platypus,
so
Firefox
is
a
sometimes
referred
to
a
duck-billed,
platypus
semi-aquatic,
egg-laying
mammal.
So
it's
a
hybrid
combination
of
a
duck
and
a
mammal
or
you
can
consider
it
as
the
ancient
version
of
hybrid
cloud,
something
which
is
both
things
together.
So
this
is
a
platypus
and
before
we
talk
about
if
key
native
as
a
platypus,
and
we
now,
we
know
what
a
platypus
is.
Let's
talk
about
what
services
and
to
see
how
can
a
live
fits
into
this
environment?
So
I'm
not
gonna.
A
Talk
about
this
philosophically
question.
What
exactly
services
I'm,
just
giving
you
know
on
a
rule
of
thumb
or
the
main
guidelines
of
serverless,
so
service
usually
typically
relates
to
an
obstruction
of
the
infrastructure.
So
know
one
thing
that
several
ice
runs
without
servers,
but
the
assumption
is
that
you
don't
need
to
worry
about
those
servers.
There
is
some
obstruction
layer.
You
don't
need
to
deal
with
it.
You
don't
need
to
configure
it.
You
don't
need
to
mean.
If
you
write
your
code,
you
define
your
triggers.
A
You
found
the
inputs,
the
outputs
and
from
there
and
on
someone
else
taking
care
of
it.
So
this
as
those
of
you
experienced
with
Kennedy
or
with
Cooper's
in
general.
This
is
not
really
the
case
when
you're
dealing,
you
know
with
both
kubernetes
and
Kennedy,
which
comes
on
top
of
it
and
all
touch
Eliminator,
that's
more
about
key
native
now.
Another
element
of
service
is
the
fact
that
it's
event-driven
or
event
based
architecture.
There
is
an
event,
then
I
only
then
execute.
A
If
there
is
no
event,
I
don't
need
to
execute,
I
can
scale
up,
I
can
scale
down,
and
it's
only
based
on
the
actual
demand
in
the
usage.
So
this
is
great,
and
this
is
maintained
also
in
K
native,
so
it
didn't
say,
scan
if
it
again
great,
like
service,
and
the
last
pillar
is
only
never
pay
for
idle,
only
pay
for
execution
time
sub
building
execution
time.
All
those
significant
cost,
saving
buzzwords,
which
are
probably
relevant
where
you
charge
for
the
compute.
A
If
you're
running
your
kubernetes
running
in
containers,
probably
less
relevant
could
be
in
some
cases
where
your
container
is
is
on
demand,
but
in
general
they're
also
less
relevant
in
our
space.
So
when
you
ask
about
the
server
less
and
can
I
leave,
let's
talk
about
try
to
understand
why
what
key
native
is,
and
why
do
we
call
it
platypus?
A
So
a
quick
recap
about
key
native,
so
looking
in
the
documentation
of
K
native
Canadian,
extends
kubernetes
to
a
set
of
middleware
components
to
be
to
build
to
modern
container
based
applications,
or
you
can
look
at
it
as
committees.
Native
API
is
for
deploying
server
lifestyle
functions,
applications
and
containers,
or
to
make
it
even
more
simpler.
Let's
call
it
this
way
is
the
ability
to
create
an
event
based
architecture
for
containers,
so
something
that
take
containers
and
make
them
look
and
feel
and
behave
like
service
functions.
A
Now
the
main
building
block
in
Kennedy's
our
build
serving
and
inventing
will
touch
more,
but
it's
running
in
a
minute
build
was
replaced
lately
with
Tecton.
So
it's
not
depreciated
in
alt
text
on
is
the
project
that,
let's
see
I
CD
the
composition
of
the
code
into
an
image
that
can
be
used
to
build
container
serving
and
inventing
are
the
main
building
blocks
of
Canada
at
the
moment.
A
So
when
you
go
more
deeply
into
what
the
serving
and
the
inventing
the
main
building
block
off
Canadians
so
serving
is
the
platform
which
responsible
for
scaling
up
and
scaling
down,
allow
you
to
define
and
a
service
or
a
container
or
anything
that
you
want,
and
then
you
also
define
its
primitive.
What
are
what
are
the
configurations
that
it
will?
What
trigger
will
scale
up?
Why
I
went
will
scale
down?
What
is
the
maximum?
A
What
is
the
minimum
all
the
things
that
you
need
in
order
to
skip
it
down
for
every
container
that
you
deployed
there
is
a
revision
ever
even
create
a
route,
and
then
you
can
define
the
weights
and
in
obviously
the
system
detective.
What
revision
is
not
being
used
Fortuna
Peter
of
time
it
will
terminate
it
into
a
minimizing
deployment.
So
all
you
know
it
keeps
the
scaling
up
and
scaling
down
very,
very
efficient.
A
They
give
it
a
lot
of
flexibility
to
do
a
lot
of
things
that
you
cannot
even
do
it
today
in
I
would
say
commercial
service
platforms.
The
eventing
is
also
a
very
nice
architecture,
meets
the
triggering
system.
It
is
based
on
the
cloud
native
cloud
events
allow
you
to
define
loosely
coupled
services
that
you
have
event
source.
You
have
a
consumer
and
a
producer
there's
a
producer
which
produces
the
event
the
consumer
consume
the
event.
They
don't
necessarily
need
to
sit
on
the
same
cloud
or
to
share
the
same
cluster.
A
That
obviously,
can
be
different
clouds
on
different
clusters,
and
then
there
is
a
broker
which
is
a
listener,
listens,
detect
those
events
when
this
event
happens
triggers
the
service
and
all
those
elements
using
both
kubernetes
as
an
underlying
technology
and
can
use
east.
You
issue
that
mandatory
it
can
simplify
all
things,
but
there
are
other
commercial
or,
let's
say,
other
options
to
be
used
which
created
the
gateway.
The
routing
allow
you
to
stitch
everything
together
to
make
it
happen,
so
all
in
all,
it's
very
nice
architecture
looks
very
promising.
A
The
question
is:
is
this
really
service?
It's
something
which
I'm
going
to
touch
a
little
bit
later
on.
Now,
let's
talk
about
the
security
side
of
K
native.
So
or
why
did
we
call
it
platypus
right?
So
security
aspects
are
not
addressed
independently
in
K
native
okay,
that
there
is
no
like
direct
part
or
project
or
anything
which
addresses
it
specifically,
but
it
does
relies
on
the
underlying
technology.
A
So,
if
you
using
kubernetes,
it
has
many
security
tools,
all
based
access,
control,
network
policies,
secrets-
and
you
can
see
the
legendary
book
that
my
colleague
inequalities
rice
wrote
about
crazy
security
and
Easter
fusing
Easter.
Is,
you
also
add
its
own?
You
know
additional
security
to
cause
like
encryption
and
I.
Think
more
powerful
is
the
service
authentication
employees
ation,
which
really
allow
you
to
authenticate
and
authorize
who's
communicating
with
and
who
triggers
those
functions
which
will
see
is
gonna,
be
critical
in
a
minute
now
in
order
to
get
better
understanding.
A
A
So
when
you
analyze,
you
know,
when
first
service
was
came
out
to
the
market,
it
was
perceived
as
the
most
secured
cloud
service
and
the
main
reason
was
because
it's
ephemeral,
ok
and
its
last
five
minutes
or
10
minutes
depends
on
the
cloud
vendor.
But
when
something
is
ephemeral,
it's
very
hard
to
construct
an
attack
against
it,
because
most
attacks
require
some
persistence.
Ii.
Keep
in
mind
that
you
know
your
typical
when
you
trying
to
attack
something
you
want
to
first,
you
know
penetrate,
then
you
want
to
find.
A
Where
is
the
sensitive
data
is
or
what
is
worse,
exfiltrating
and
all
this
work
takes
some
time.
So
if
your
entire
cycle
is
limited
to
five
minutes,
it's
very
very
hard
to
do
something
effective
or
it's
very,
very
hard
to
get
into
some
real
thing
when
it
keeps
changing
all
the
time
now.
Another
critical
element
is
that
in
service
functions,
when
you
write
in
public
clouds,
you
have
no
access
to
the
hosts
file
system,
so
you
cannot
write
anything
into
it.
A
So,
even
if
you
find
great,
you
know,
vulnerabilities
and
you
create
a
great
exploit,
then
you
have
no
way
to
use
it
so
in
service.
The
classical
attacks
you
know,
are
really
it's
very
hard
to
exploit
them
and
there's
also
there's
no
fixed
Network,
because
your
function
can
always
come
in
a
different.
No,
there
is
no
guarantee
which
oh,
it's
gonna
come
on
and
it
cannot
create
a
persistent
I
would
say
networking
attack
or
personal
protection
when
your
keep
changing
target
is
keep
moving
from
between
different
nodes
and
between
different
IP
addresses.
A
So
overall,
the
threat
landscape
is
very,
very
small
in
server
less
but
then
took
some
time
until
it
was
discovered
there.
Even
in
surveys,
there
are
potential
security
pitfalls,
so
obviously
the
app
SEC
application
code
takes
a
front
seat
and
all
the
application
code,
vulnerabilities
and
potential
tags
here
become.
You
know
the
first-class
citizens
and
some
money
pollution
on
the
cloud
infrastructure
can
whole
can
also
reach
and
create
some
potential
pitfalls
and
those
are
the
main
attack
vectors.
A
When
you
talk
about
server
lists
landscape,
let's
go
a
little
bit
more
into
the
details,
so
there
are
a
few
frameworks
that
addresses
the
server
less
risk
and
mitigations.
There's
the
OS,
the
open
web
application
security
project
so
they're
doing
a
lot
of
work
and
doing
other
things.
Everything
is
open
on
what
are
the
risk
of
application?
They
they
usually
publish
their
top
ten
and
they
created
at
top
ten
interpretation
to
server
less
and
the
Cloud.
A
Security
Alliance
also
created
a
nice
framework,
the
twelve
most
critical
risk
for
server
list
and
those
firm
works
really
analyze.
What
are
the
risk
why
they
happened?
What
are
the
mitigation
and
how
you
can
address
them?
Let's
take
a
quick
look
at
those
frameworks
so
having
the
cloud
security,
especially
which
personally
I
think
has
more
accurate
and
as
but
knowledge,
and
they
list
the
twelve
different
factors
when
you
kind
of
trying
to
make
it
a
little
bit
our
analysis,
you
can
see
that
some
relate
to
the
code.
A
If
your
function
event,
data
injection
in
your
function
doesn't
violate
your
inputs
and
yourself
event.
Data
I
managed
to
send
a
malicious
input
or
malicious
code
or
I
can
manipulate
your
function.
I
can
maybe
exit
rate.
Some
data
and
I'll
show
an
example
of
it
in
a
minute.
So
this
is
something
that
it's
a
problem
in
your
code.
A
In
the
way
you
write
your
application,
if
using
insecure
third-party
dependencies,
I
can
perhaps
exploit
them
and
if
using
secrets
or
denial
of
service
or
business
logic
evasion,
all
that
is
relative
to
the
way
you
wrote
your
code
and
while
you're
trying
to
access
your
sensitive
data.
If
you
had
on
top
of
it
the
other
parts
you
can
see,
it
are
more
related
to
the
cloud
infrastructure.
A
So
if
the
authentication
doesn't
work
because
you
have
many
functions
and
each
function
is
trying
to
access
different
things
like
do
everything,
making
an
authorization
mechanism
is
very
hard
to
rely
on
the
cloud
or
Thor
Edition.
For
that
unsecure
deployment,
configuration
or
over
privilege
function
permission.
Something
which
happens
a
lot
in
public
cloud,
the
area
that
you
need
to
define
permissions
for
every
function,
specifically
most
people's,
try
to
stitch
few
things
together
and
bind
it
and
copy
it,
and
then
you
end
up
having
over
privileged
function.
A
So
this
is
something
which
is
classical
for
public
clouds.
If
you
look
at
the
wasp,
they
put
it
in
a
different
order.
But
if
you
look
carefully
pretty
much,
this
looks
very
similar.
Those
are
the
same
attacks
and
again
you
can
classify
them
into
those
two
different
categories.
One
category
relate
to
your
application
code,
whether
it's
the
injection
or
lack
of
input,
validation,
the
other,
if
using
vulnerability,
sensitive
data,
exposure,
cross-site
scripting
expression
handling
and
the
other
related
a
cloud
infrastructure
right,
so
syndication
doesn't
work.
A
So
now,
let's
take
a
quick
demo
and
I'll
just
give
you
like
a
quick
demo
of
potential
attacks
on
server
lists
in
public
clouds.
This
is
this
demo
is
based
on
the
OS
service,
good
vulnerability,
app
it's
well
in
github.
Let's
make
a
quick
jump
to
it.
So
this
is
the
this
is
the
repo
where
you
can
find
it
it's
public
by
the
OWASP
they
published
it.
You
can
use
it.
If
you
want
to
deploy
it,
you
need
to
go
to
AWS.
A
It's
save
us
today,
probably
the
most
probably
the
most
popular
are
so,
let's
step
this
is
the
application
you
press
deploy
to
deploy
your
network
already
prepared.
It
is
already
deployed
for
you.
It's
a
simple
application
consists
of
two
functions,
one
every
bucket
one
DynamoDB
table
and
an
api
gateway.
Pretty
much.
You
know
when
you
use
it,
you
have
a
simple
application.
You
put
in
a
URL
of
a
Word
document.
A
B
A
A
A
It's
it's
gonna
be
challenging
to
do
it
post
this
way.
So
when
you
deploy
to
get
an
application
that
is
using
having
an
every
bucket
if
two
functions,
API
gateway
in
a
dynamo
DB
table
and
then
now,
let's
find
that
I
use
this
application.
Whatever
end
wait,
a
second
will
deployed
it.
Where
is
my
cursor.
A
Okay
cool,
so
what
do
you
put
in
a
URL
of
a
document?
Press
Enter,
I'm
gonna
risk
and
do
it
and
then
you
get
the
content
of
the
duck.
The
content
of
this
document
very
simple
application
based
on
two
functions
and
the
content
is
stored.
Obviously
in
a
database.
Okay,
great.
So
now,
let's
see
what
happens
when
your
function
is
insecure.
A
So
let's
say
that
instead
of
putting
a
valid
URL
temper
it
a
little
bit
and
we're
gonna
put
something
different
right.
Let's
first
start
with
this
one:
okay,
I'll
save
the
time
to
know
how
I
know
it's.
You
know
no
GS
function,
but
in
general,
if
you
put,
if
it
doesn't
fight
the
inputs,
then
I
can
get.
You
know
simple
command.
I
can
get
all
the
function
code.
A
A
Right
so
I
can
get
the
code
I
put
it
in
my
ID
I
saw
it
all
type,
I
organized
it
and
then
I
can
see
all
the
flow
of
the
function.
I
try
to
show
you
it
I
even
prepared
it
I
hope.
I'm
gonna
manage
to
do
it.
Yeah
it's
not
gonna
work.
It's
not
gonna
work.
All
right.
Let's
try
to
see
if
I
can
close
it
is
it
nice.
A
A
So
when
you
analyze
the
code,
you
can
see
them
using
environment,
variable
I'm,
calling
from
them
at
the
table.
Name:
I
list
the
IP
at
least
the
bucket
name
right
over
here.
I
call
it
and
then
tell
me
that
there
is
a
reason
to
check
the
environment
Horrible's,
which
is
great,
so
I'm
gonna.
Do
now
I'm
gonna
check
my
environment,
Horrible's.
Okay,
all
right
a
minute.
A
Let's
check
it
out
and
I
get
all
the
environment
variables
of
the
functions.
So
if
you
are
looking
it
carefully,
you
can
see
the
session
token'.
You
can
see
the
XS
key.
Okay,
you
can
see
the
access
key
over
here.
You
can
see
the
secret
key
down
there
and
you
know
those
who
you
work
with
Amazon
know
that
you
have
the
session
token'
the
access
key,
the
secret
key
is
game
over
you're
gone
you're
going
in
and
you
can
activate
the
function
that
some
small
one
more
trick,
then
something
new.
A
Rate
will
stall
this
command,
and
now
you
get
all
the
data
base,
ok
managed
to
still
in
extra
stress
all
the
day.
All
the
table
gets
all
thing.
Nothing
important
here,
don't
worry
it's
only
the
URLs
which
are
just
used.
But
again,
this
is
an
example.
If
you
don't
secure
your
function,
I
managed
to
inject
I.
Can
inject
code
in
and
I
can
get
all
this
information
back
to
me
great.
So
now,
let's
go
back
to
our
presentation.
A
Hopefully
you
gonna
manage
to
do
it
and
let's
see
how
much
we
relevant
back
to
our
key
native
and
see
what
of
that
can
also
be
applicable
in
our
case,
yeah
works
great.
Ok.
So
let's
talk
about
the
security
angle
of
key
native.
My
assumption
is,
of
course
you
can
question
them
that
using
your
underline
community's
infrastructure
configured
using
role
based
access
control,
using
secrets
and
if
using
east
yo
for
eventing-
and
you
configure
easier
with
traffic
rules
and
authorization
policies.
I'm
saying
this
is
the
assumption.
A
A
A
Okay,
great
so
now,
if
we
look
back
all
those
servers
who
dreaded
risk,
we
had
coal
injection
vulnerable
codes.
If
data
crochet,
stripping
I
think
you
know,
you
can
argue,
but
I
would
assume
that
code
injection
again
is
relevant
even
for
Canada.
If
you
need
to
validate
the
inputs
of
your
code,
whether
it's
running
on
a
function
or
in
a
container,
if
you
don't
value
the
inputs,
I
can
definitely
do
bad
things,
but
horrible
code,
I,
can
argue
and
say
it's
not
really
relevant
for
Canada.
A
Why?
Because,
today,
the
best
practice
in
any
container
in
any
registry
and
anything
that
you
do
today
in
containers
is
to
just
do
this
vulnerability
scanning
and
you
can
always
get
it
for
free
from
Google.
You
can
get
it
in
many
other
free
sources
and
I
think
it's
common
best
practice
to
so
that
your
container
images
are
being
scanned.
So
I
would
dare
to
say
that
the
vulnerable
code
is
not
really
an
issue
in
K
native
I
would
say
that
sensitive
data
exposure.
A
If
you
think
very
secrets,
it's
not
totally
perfect,
but
you
know
you
can
brush
it,
but
again,
mostly
in
most
cases.
It's
really
being
taken
care
of
its
secure
cross-site
scripting,
when
using
mutual
TLS
is
not
relevant
anymore
and
exception.
Handling
messages
is
not
again
not
a
real
option
or
not
a
real
source
of
information.
When
you
try
to
attack
containers,
if
you
talk
about
the
cloud
infrastructure
itself
so
again,
I
think
broken
authentication.
The
kubernetes
Rob
Isis
control
can
be
used
very
nicely
in
security
point
configuration
again.
A
This
is
also
relevant
if
you
deploy
your
containers
in
a
wrong
way,
so
you
put
in
the
wrong
way,
then
nothing
gonna
help
you
over
privileged
permissions.
It's
really
relevant
when
you're
working
in
cloud
environment,
you
need
to
define
for
every
function,
its
own
yam
rules
and
it's
very
complex,
and
then
you
tend
to
make
mistakes
probably
less
relevant
in
containerized
environment,
in
adequate
monitoring
logging.
Naturally,
decay
is
fusing
Easter,
it's
definitely
not
the
case.
Denial
of
service,
which
is
maybe
negligible
or
close,
will
be
negligible
in
regular
service
functions
here
it
might
be.
A
The
case
like
just
like
a
naught
point
out
to
a
recent
you
know
is
to
security
notice
that,
and
we
tested
it
internally,
we
realize
it's
really
can
be
any
issue
that
some,
if
they
don't
delete
connections,
you
can
create
flat
connections
which
are
very
heavy
and
then
they
can
really
reach.
You
can
reach
saturation
of
your
node,
and
this
can
be.
Something
which
can
be
in
container
is
painful,
because
if
you
really
bring
the
node
you're,
you
know
you're
know
down
not
just
the
pod.
A
The
entire
node
can
come
down
or
you
cannot
get
any
more
CPU.
You
can
block
other
con
other
pods,
which
are
running
on
the
same
node.
This
is
something
which
can
really
be
problematic
in
this
case.
So
in
this
case
it's
it's
a
challenge,
even
your
regular
environment.
It
might
not
be
a
challenge
now.
This
is
all
ready
to
serve
less
risky
native
security
itself
is
kind
of
secure.
So
we
look
at
this
diagram,
say
well,
amazing.
A
You
know
I
have
kubernetes
underneath
a
VC
on
top
amazing,
it's
definitely
secure,
but
when
you
go
more
details
of
the
eventing
or
the
you
know,
the
both
the
venting
and
the
serving
seho.
This
might
have
some
potential
pitfalls.
So
if
we
examine
the
eventing
mechanism,
then
we
see
that
you
know
Kenny
live,
doesn't
perform
or
configure
any
additional
security
controls.
A
Now,
when
we
talked
about
that
cloud
event
are
loosely
coupled
and
we
can
use
different
platforms,
I
can
use
vm's
I
can
use,
containers,
I
can
use
a
so
fast,
but
I'm
saying
whoa
those
authentication
authorization
can
really
become
challenging.
Now,
if
you
ask
me
ok,
so
what
what
can
happen
then
think
about
that.
If
there
is
unauthorized
event
subscription,
so
I
can
get
out
of
information.
It
is
not
intending
to
me.
I
can
create
false,
invent
injection,
so
I
can
do
some
kind
of
manipulation
that
can
make
your
life
more
challenging.
A
I
would
say
in
this
sense
to
say
the
least.
So
now,
how
do
we
solve
that
and
can
easkey
can
East
you
be
our
rescue
right?
Can
we
use
Easter
for
this
purpose?
No
doubt
it
is
to
can
reduce
the
kinetic
security
concerns,
I'm,
not
going
to
say
solve
everything,
but
definitely
can
reduce.
You
can
use
authentication
authorization
and
can
mitigate
all
those
eventing
sourcing
concerns
traffic
controls.
Network
policies
can
also
mitigate
additional
concerns,
but
then
then
come
the
issue
that
Easter
has
performance
consideration
right,
especially
first
invocation
won't
win.
A
We
want
to
create,
you
know
we
listen,
we
create
the
listener.
There
is
an
event.
Now
we
want
to
trigger
ready
to
trigger
the
container.
We
also
need
to
trigger
the
proxy.
It
takes
some
time
the
cold
call,
which
is
a
challenge
in
public
cloud.
It's
a
much
bigger
challenge.
When
you
working
is,
you
know
there
are
techniques
which
can
solve
it.
You
can
definitely
solve
it.
You
can
bypass
it.
You
can
avoid
scaling
to
zero.
A
You
can
do
something
that
will
keep
your
continuous
your
invoice
up
with
ease,
even
in
in
kubernetes
one
that
they,
these
issues
really
take
being
taken
care
of.
But
again
this
is
in
general,
you
can
argue
and
say,
but
I
want
a
real
service
experience.
I
want
something
which
is
real,
something
that
is
carrying
to
zero
I.
Don't
want
to
have
my
containers
up
if
I
don't
need
them
just
to
make
sure
that
the
next
call
the
next
event
will
happen.
A
So
again,
we
can
argue,
can
talk
about
it,
but
you
need
to
ask
yourself
at
the
end
what
what
do
you
want
in
any
way,
as
I
said
before?
It's
not
that
the
key
media
is
going
to
replace
lambda
function.
It's
not
something
in
place,
it's
a
great
way
to
do
an
event
based
scaled
up
or
scaled
down,
containerized
application,
and
if
you
look
at
in
this
context,
you're
saying
you
know
maybe
perhaps
to
keep
it
secure.
It
was
for
me
to
do
some.
A
Other
mechanism
will
not
avoid
this,
because
otherwise
I
can
the
loss
or
the
damage
can
be
much
bigger.
So
this
is
my
personal
thought:
I'd
love
to
hear
what
the
guys
in
the
audience
think
about
it.
Just
to
wrap
up
the
talk
pretty
much.
The
time
is
over
creative
is
the
kubernetes
service
platform
service.
Apps
has
unique
risks.
Key
native
is
kind
of
a
security
platypus,
because
some
of
the
risks
are
applicable.
A
Some
of
the
risks
still
exist
and
some
of
the
risks
are
really
unique
to
key
native
using
East,
York
and
Eve,
with
sto
can
reduce
most
of
those
risk
challenges.
But
again
there
are
obviously
performance
drawbacks
and
you
need
to
balance
where
you
want
to
be
at
one
time
perfect.
Thank
you
very
much
any
questions.
Any
food
bags
without
to
here
please.
B
This
is
pretty
much
completely
accurate.
This
is
Evan
Anderson
on
the
K
native
TOC,
so
a
lot
of
this
stuff
is
totally
accurate.
The
is
TOC
n
I
can
start
help
with
a
little
bit
of
the
cold
start
if
you're
interested
in
the
eventing
security
aspects
issue,
one
four,
four,
nine
and
issue
705
in
Kenya
venting
are
talking
about
the
security
model.
It's
not
done
yet,
and
so
yes,
today,
there
are
a
lot
of
these
things
and
I.
Think
it's
great
for
calling
these
out.
Thank
you.