« Previous 1 2 3 4
Secure microservices with centralized zero trust
Inspired
Conclusion
In this article I covered the important concepts of SPIFFE and SPIRE and deployed a simple application that uses SPIRE to implement mTLS between workloads. However, I haven't touched on many interesting aspects, such as integration with Open Policy Agent (OPA) policies, AWS OpenID Connect (OIDC), HashiCorp Vault, and the creation of your own dedicated attestation plugins. All of these subjects are covered by the documentation, and the helpful SPIRE Slack community is always willing to discuss these concepts, too.
Infos
- Feldman, Daniel, et al. Solving The Bottom Turtle. 2020: https://spiffe.io/book]
- Deploying a federated SPIRE architecture: https://spiffe.io/docs/latest/architecture/federation/readme/
- PIFFE and SPIRE's home on the Internet: https://spiffe.io/
- SPIRE: https://spiffe.io/docs/latest/try/
- Quickstart for Kubernetes: https://spiffe.io/docs/latest/try/getting-started-k8s/
- SPIRE tutorials: https://github.com/spiffe/spire-tutorials
- SPIFFE CSI driver: https://github.com/spiffe/spiffe-csi
- SPIRE docs: https://github.com/spiffe/spire/blob/v1.5.1/doc/plugin_server_nodeattestor_k8s_psat.md
« Previous 1 2 3 4
Buy this article as PDF
(incl. VAT)