October 25-27, 2017 - Prague, Czech Republic
Click Here For Information & Registration
Back To Schedule
Thursday, October 26 • 16:30 - 17:30
mesos2iam: IAM Credentials for Containers Running Inside a Mesos Cluster - Zain Malik, Schibsted Media Group

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

IAM instance profiles are used to limit access to AWS resources by an instance. In this presentation, Zain Malik will show you how to use IAM profile with Mesos tasks.

Right now the alternative is to use same IAM instance profile for all tasks in Mesos. Or saving AWS credentials inside the containers.

The problem comes when one container requires broader permissions or access to different resources than the original instance profile had. Without a proper isolation solution in place, all other tasks can access the resources, which is not a very desirable situation in some cases.

In this presentation, Zain will show how to have isolated IAM profiles for each task, without saving the credentials inside the container. To do that, he will use mesos2iam (https://github.com/schibsted/mesos2iam) to retrieve credentials in a transparent way for the tasks running in Mesos cluster.

avatar for Zain Malik

Zain Malik

Senior Software Engineer, Mesosphere
Zain Malik is a software engineer with 5 years of experience in building backends heavily based on noSQL databases. Now is working in Schibsted CRE team, helping to pave a smooth way to deploy containers inside mesos and kubernetes cluster. Prior to Schibsted, Zain worked... Read More →

Thursday October 26, 2017 16:30 - 17:30 CEST
Congress Hall 3