Explore the challenges of microservice security and learn how to fortify your architecture using SPIRE and OPA in this informative conference talk. Delve into the unique authentication and authorization challenges posed by microservice environments, especially when dealing with large-scale systems handling thousands of API calls per second. Discover how SPIRE creates an identity plane across diverse infrastructure, delivering cryptographically verifiable identities to workloads. Understand the role of OPA as a policy engine for enforcing fine-grained authorization policies throughout the stack. Learn how to leverage SPIRE-issued JWT SVID claims, created using OIDC Federation, in conjunction with OPA to implement robust service-to-service and end-user access control without compromising performance or availability. Gain valuable insights into securing your microservices architecture effectively and efficiently.
Fortifying Microservice Security with SPIRE and OPA
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Fortifying Microservice Security with SPIRE and OPA - Ash Nakar
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
No More Moats - Protecting Your Cloud Native Infrastructure with Zero Trust
-
Introduction to Open Policy Agent (OPA) for Security and Authorization
-
Insecure Transit - Microservice Security Challenges and Solutions
-
Uniform Workload Identity Everywhere - SPIRE Integrations and Extensibility
-
Securing Your Healthcare Data with OPA
-
Practical Microservice Security
