From the course: DevOps Foundations: Microservices
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Service-to-service authentication - Kubernetes Tutorial
From the course: DevOps Foundations: Microservices
Service-to-service authentication
- [Instructor] Next, they considered using the same technology as implemented for single sign-on. In the case of Connect Eco, this was OpenID Connect. In this form of authentication, just like all external client requests, all service-to-service traffic would route through the single sign-on gateway. The advantages of this approach are that existing infrastructure can be reused. Additionally, it centralizes all access controls. However, it also means that each microservice must be given its own separate credentials which raises the question, where should these credentials be stored? Additionally, it can be tedious to code the client implementation for some implementations of single sign-on but fortunately for Connect Eco, it is not difficult for OpenID Connect. That said, the Connect Eco team also considered client certificates for their authentication. With this approach, both the client and the server use SSL/TLS to verify their identities. The big advantage of this approach is that…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
-
Overview of KinetEco case study2m 36s
-
(Locked)
Greenfield services3m 26s
-
(Locked)
Splitting the monolith3m 47s
-
(Locked)
User-facing authentication and authorization2m 24s
-
(Locked)
Service-to-service authentication antipatterns2m
-
(Locked)
Service-to-service authentication4m 42s
-
(Locked)
Challenges adopting microservices3m 3s
-
-