Overview
Syllabus
Intro
Istio manages your microservices
Istio 30,000-foot view
Security risks for service meshes
Solution: Istio security Beyond Corp
Example flow of context-aware access
Demo: Istio context-aware access control • A user must be in a specific group to • The access must be protected by TS . May also control the caling path
Demo: authorization policies
Demo: authentication policy
Certificate Provision Flow
Integration with external CAS
Signing-key-injection
Citadel-integration
Nodeagent-integration
Prototype: Istio CA Vault integration
Taught by
CNCF [Cloud Native Computing Foundation]