book

Hands-On Microservices with Kubernetes

by Gigi Sayfan

July 2019

Intermediate to advanced

502 pages

14h

English

Packt Publishing

Read now

Unlock full access

Content preview from Hands-On Microservices with Kubernetes

Authorizing requests with Istio

Services usually expose multiple endpoints. Service A may be allowed to call only specific endpoints of service B. Service A must first authenticate against service B, and then the specific request must be authorized as well. Istio supports this by extending the role-based access control (RBAC) that Kubernetes uses to authorize requests to its API server.

It's important to note that authorization is turned off by default. To turn it on, you can create a ClusterRbacConfig object. The mode controls how authorization is enabled, as follows:

OFF means authorization is disabled (the default).
ON means authorization is enabled for all the services in the entire mesh.
ON_WITH_INCLUSION means authorization is enabled ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Start your free trial

Publisher Resources

ISBN: 9781789805468Supplemental Content

Hands-On Microservices with Kubernetes

by Gigi Sayfan

Authorizing requests with Istio

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

You might also like

Kubernetes Microservices

Bootstrapping Microservices with Docker, Kubernetes, and Terraform

Cloud Native DevOps with Kubernetes

Microservices: Up and Running

Publisher Resources