Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Bootstrapping Service Mesh Implementations with Istio

You're reading from   Bootstrapping Service Mesh Implementations with Istio Build reliable, scalable, and secure microservices on Kubernetes with Service Mesh

Arrow left icon
Product type Paperback
Published in Apr 2023
Publisher Packt
ISBN-13 9781803246819
Length 418 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Author (1):
Arrow left icon
Anand Rai Anand Rai
Author Profile Icon Anand Rai
Anand Rai
Arrow right icon
View More author details
Toc

Table of Contents (19) Chapters Close

Preface 1. Part 1: The Fundamentals
2. Chapter 1: Introducing Service Meshes FREE CHAPTER 3. Chapter 2: Getting Started with Istio 4. Chapter 3: Understanding Istio Control and Data Planes 5. Part 2: Istio in Practice
6. Chapter 4: Managing Application Traffic 7. Chapter 5: Managing Application Resiliency 8. Chapter 6: Securing Microservices Communication 9. Chapter 7: Service Mesh Observability 10. Part 3: Scaling, Extending,and Optimizing
11. Chapter 8: Scaling Istio to Multi-Cluster Deployments Across Kubernetes 12. Chapter 9: Extending Istio Data Plane 13. Chapter 10: Deploying Istio Service Mesh for Non-Kubernetes Workloads 14. Chapter 11: Troubleshooting and Operating Istio 15. Chapter 12: Summarizing What We Have Learned and the Next Steps 16. Index 17. Other Books You May Enjoy Appendix – Other Service Mesh Technologies

Configuring RequestAuthorization

In the previous section, we configured a RequestAuthentication policy, which verifies a JWT token against the issuer and JWK details as per the JWKS location. We configured Auth0 as the authentication provider and the one that generates the bearer token. In this section, we will learn about how to make use of the information provided by authentication policies such as peer authentication and request authentication to authorize client access to the server (the requested resource, Pod, workload, service, etc.).

We will first focus on implementing an authorization policy in conjunction with the RequestAuthentication policy from the previous section.

To let curl access the envoy dummy using the access token issued by Auth0, we need to create an AuthorizationPolicy:

apiVersion: "security.istio.io/v1beta1"
kind: "AuthorizationPolicy"
metadata:
  name: "envoydummy-authz-policy"
  namespace: utilities...
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image