Zero Trust Architecture on Kubernetes with Istio Service Mesh
In this article we will see how to implement Zero Trust Architecture on Kubernetes with Istio Service Mesh. At the end of this lecture you will know:
- What is Zero Trust Architecture
- What is a Service Mesh
- Istio Architecture
- How to enable mTLS with Istio
- How to enable access control and authorization between your microservices with Istio
What is Zero Trust Architecture?
The Zero Trust Architecture (ZTA) is an approach to the design and implementation of IT systems.
The motto is “never trust, always verify” and indicates that users and devices should not be trusted by default, but must prove their identity and validate their compliance before obtaining any access.
The ZTA is implemented by enforcing strong identity verification, validating compliance and ensuring least privilege access to only authorized resources.
So every access to the resources and the data needs dynamically:
- to be authenticated
- to be authorized
- to be compliant
- guarantee the principle of the last privilege
What is a Service Mesh?
A Service Mesh is a dedicated layer for facilitating communication between microservices using a…
