Tag: Policy Enforcement

  • Thumbnail for Istio External Authorization via OIDC

    Istio External Authorization via OIDC

    Istio service mesh allows application developers to offload non-core features to infrastructure layer. We explored authentication and authorization with Istio in a basic lab. In…

    Read
  • Thumbnail for Istio Authentication and Authorization

    Istio Authentication and Authorization

    Applications running on Kubernetes platform seeks to offload common non-business features to the platform. Istio helps Kubernetes bridge that gap. It can enforce mTLS communication,…

    Read
  • Thumbnail for Traffic Segmentation on Kubernetes Platform

    Traffic Segmentation on Kubernetes Platform

    When operating Kubernetes as a platform for multiple tenants, one of the concerns is controlling the network traffic. This is sometimes referred to as traffic…

    Read
  • Thumbnail for Kubernetes Admission Control

    Kubernetes Admission Control

    This post discusses admission control, and its implementation – the OPA Gatekeeper. I also discuss Azure Policy as a different Gatekeeper implementation. Admission Webhooks Admission…

    Read