Kubernetes is more than ever at the center of projects.

Workloads hosted in Kubernetes thus need to interact with various other systems.
Managing authorizations can be complex, especially when limiting the use of credential in Kubernetes secrets is a strong constraint.
In Azure cas, we usually leverage managed identity with RBAC assignment.
Problem: a pod has no knowledge of Managed Identity.

In this session we'll have a look at how Azure AD workload Identity can help to federate various Identity provider to manage access in Azure and take the case of workload identity to manage granular authorization at the pod level.
We will dtail a use case with the Key Vault CSI Secret provider which will definitely help to reduce the global footprint of Kubenetes secrets.

Take away: a better grasp of Identity management for Kubernetes hosted workloads and an implementation of the Key Vault CSI Secret provider.