This post explains how Open Policy Agent can be used in microservices architecture to implement policy driven authorization.
With microservices development, I often came across a problem with implementing Authentication and Authorization (A&A). We want a robust and centrally managed authentication and authorization strategy. But, the distributed nature of the application makes it difficult to implement. In this post, I will explore how Open Policy Agent can help simplify the authorization problem.
Let’s take a quick look at the definition for Authentication and Authorization. Authentication refers to identifying the user (“who”), whereas Authorization refers to determining the level of access an authenticated user has (“what”).
My focus for this post is the Authorization part. For simplicity sake, I have created a sample application with a set of microservices. There is a basic user interface where we can carry out various operations and see the results. The only purpose of this application is to show how various authorization scenarios are handled by Open Policy Agent. In the subsequent posts, we will extend this application to cover increasingly complex use cases, and policy administration.
So, let’s get started!
First, some context about the application. I am taking an example of a CPQ application commonly used by sales teams to configure quotes for customers.
Below are the roles we'll be creating for our app:
Our original Kubernetes tool list was so popular that we've curated another great list of tools to help you improve your functionality with the platform.
Microservices and its security patterns. A developer's view on common security patterns used in most of the API-architecture practices in the industry to make API and Application, as safe as possible.
This recently published book on microservices security highlights the patterns and best practices of ensuring microservices are safe and secure.
Top Web & Mobile Application Development Company in India & USA. We specialize in Golang, Ruby on Rails, Symfony, Laravel PHP, Python, Angular, Mobile Apps, Blockchain, & Chatbots
Myth: Kubernetes dashboard, in general, is a security risk Fact: The security concern is not directly related to the dashboard itself, but it accounts for how well you deploy it.