Overview
Explore the challenges of enforcing fine-grained authorization in a microservices architecture and learn how Open Policy Agent (OPA) can be integrated with Kubernetes and ISTIO to address these challenges. Discover how the shift from monolithic applications to microservices has complicated API authorization, and why traditional API gateway approaches are no longer scalable. Gain insights into using OPA for programmatic, fine-grained authorization at both endpoint and data levels while maintaining interoperability with OAuth. Compare how Kubernetes as a platform enables external, programmatic authorization enforcement. Walk away with practical knowledge on implementing OPA for authorization policies in Kubernetes/ISTIO environments and for Kubernetes API authorization. This 54-minute conference talk, presented by Sitaraman Lakshminarayanan, Senior Security Architect at Pure Storage, offers valuable insights for developers and security professionals working with microservices and cloud-native platforms.
Syllabus
AppSecCali 2019 - Authorization in Micro Services World Kubernetes, ISTIO and Open Policy Agent
Taught by
OWASP Foundation