DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Securing Istio Workloads with Auth0

3 years ago thenewstack.io
Securing Istio Workloads with Auth0

Summary: This is a summary of an article originally published by The New Stack. Read the full original article here →

This article takes a stab at explaining access control in Istio, what authentication and authorization means and how the different Istio resources work together to answer the access control question: Can a subject perform an action on an object? If we translate the above question to the Istio and Kubernetes world, it would be “Can service X perform an action on service Y?”

The identity in the certificate is encoded in the Subject alternate name field of the certificate, and it looks like this: spiffe://cluster.local/ns//sa/

If we want to enable strict mutual TLS between services, we can use the PeerAuthentication resource to set the mTLS mode to STRICT.

This is because now we are authenticated and because we have an access token, we are authorized to call the customers workload.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com