Service-specific AuthZ in the Cloud Infrastructure

An application in production usually cannot do without authorization checks. According to the OWASP “Defense in Depth” principle, the AuthZ checks should not only be carried out in the application code. An additional layer of authorization checks, preferably in the cloud infrastructure, is considered best practice. Application-specific declarative authz checks can be performed in the sidecar using a service mesh tool. The possibilities that Istio offers here will be looked at in more detail in this session. TLS/mTLS and authentication, as necessary prerequisites for AuthZ, are also presented in detail.

DevOpsCon:
Service-specific AuthZ in the Cloud Infrastructure

Teilen auf

Twitter Facebook LinkedIn

Michael Hofmann

Service-specific AuthZ in the Cloud Infrastructure

Teilen auf

Ihnen gefällt vielleicht auch

Was tut sich in der Java-Welt?

Umwege zum Glück - Dev(Ops) Experience Cloud-Native

Dev(Ops) Experience Cloud-Native - Detours to happiness

Dev(Ops) Experience Cloud-Native - Detours to happiness