First Person Platform Episode 2 - Andrew Moore on Uber Workload Identity and Authorization

Welcome back to First Person Platform, a new podcast for platform engineers. We kick off with a brief series of episodes featuring engineers who have either spearheaded or led teams in building tools for secure workload and service access. Each episode takes a deep dive into the motivation behind building the system, its origin story, lessons learned throughout the process, and provides an opportunity to get to know the brilliant minds working behind the scenes!

Joining me for this second episode is Andrew Moore. Andrew is a Staff Software Engineer leading the Platform Authentication team at Uber and sits on the SPIFFE Steering Committee. Prior to Uber, Andrew was a Software Engineer for various US and foreign Defense and Civil contracts with Lockheed Martin, Leidos, and Earth Resources Technology. Outside of work, Andrew homebrews beer, mead, kombucha, and Dungeons and Dragons campaigns.

In this episode, we’ll be talking about Uber’s use of SPIFFE/SPIRE and Charter for Workload Identity and Authorization. Learn about the design choices, motivations, and lessons learned that led to this setup. Plus, we’ll chat about Kubernetes, how to keep an abstract design mindset over a particular tech choice, and fads and fashion in software fads, and sprinkle in some hot takes and anime references for fun! ;)

Listen or watch below. Keep scrolling for links from the episode:

Uber blog posts mentioned in the podcast:

• Adopting SPIFFE/SPIRE: https://www.uber.com/blog/our-journey-adopting-spiffe-spire/ 

• Uber's policy management tool, Charter: https://www.uber.com/blog/attribute-based-access-control-at-uber/

• Moving to a monorepo: https://www.uber.com/blog/go-monorepo-bazel/

You can get in touch with Andrew on the SPIFFE Slack, or on LinkedIn.