From the course: Kubernetes: Service Mesh with Istio
Join today to access over 24,900 courses taught by industry experts.
Authentication - Kubernetes Tutorial
From the course: Kubernetes: Service Mesh with Istio
Authentication
- [Instructor] Now that we've talked about Istio security, let's focus on one key part, authentication. Authentication is simply about asking are you really who you say you are? In the service mesh, this ensures services only communicate with trusted ones. In Istio ambient mesh, there are two main ways authentication works. First, peer authentication. This makes the service send them the requests and the one receiving it to trust each other. It's like a handshake. For example, when the product page talks to review service, both services check each other's identity using mutual TLS. Then there is request authentication which verifies who is making the request. It does this by looking at something called JWT. That's JSON web token, which is that long string you see in headers, starting with bearer. Istio checks the JWT against trusted sources, like Keycloak or Google Auth, and if the token is valid, the request is allowed. If not, it gets denied. Now let's talk about mTLS modes in…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.