SPIFFE in Practice: Universal Identity for WebAssembly Workloads - Joonas Bergius & Colin Murphy
Joonas Bergius, Colin Murphy
KubeCon + CloudNativeCon Europe 2025 · Session
This talk, presented by Joonas Bergius and Colin Murphy, delves into the practical application of **SPIFFE** (Secure Production Identity Framework For Everyone) for establishing universal identity in **WebAssembly (Wasm)** workloads, particularly within the **WasmCloud** ecosystem. Colin Murphy, drawing from his challenging experiences managing infrastructure for Adobe Sign for GovCloud, highlights the critical need for robust workload identity and the significant burden of **CVE** (Common Vulnerabilities and Exposures) management in traditional containerized environments. He posits WebAssembly as a transformative technology that can address these inefficiencies and security concerns.
AI review
This talk delivers on its promise, offering a profound and practical exploration of integrating SPIFFE with WebAssembly in the WasmCloud ecosystem. It brilliantly addresses the critical need for robust workload identity in hyper-distributed environments, showcasing a truly novel application of Spire's delegated identity API to provide attested identities to individual Wasm components. The speakers, clearly experts in their field, demonstrate a secretless interaction with AWS Bedrock, effectively eliminating the operational burden of managing long-lived secrets and drastically reducing the…