Автор: Prabath Siriwardena and Nuwan Dias
Издательство: Manning Publications
Год: 2020
Формат: true pdf
Страниц: 616
Размер: 10.9 Mb
Язык: English
Microservices Security in Action teaches you how to secure your microservices applications code and infrastructure. After a straightforward introduction to the challenges of microservices security, you’ll learn fundamentals to secure both the application perimeter and service-to-service communication. Following a hands-on example, you’ll explore how to deploy and secure microservices behind an API gateway as well as how to access microservices accessed by a single-page application (SPA).
Along the way, authors and software security experts Prabath Siriwardena and Nuwan Dias shine a light on important concepts like throttling, analytics gathering, access control at the API gateway, and microservice-to-microservice communication. You’ll also discover how to securely deploy microservices using state-of-the-art technologies including Kubernetes, Docker, and the Istio service mesh. Lots of hands-on exercises secure your learning as you go, and this straightforward guide wraps up with a security process review and best practices. When you’re finished reading, you’ll be planning, designing, and implementing microservices applications with the priceless confidence that comes with knowing they’re secure!
what's inside
Key microservices security fundamentals
Securing service-to-service communication with mTLS and JWT
Deploying and securing microservices with Docker
Using Kubernetes security
Securing event-driven microservices
Using the Istio Service Mesh
Applying access control policies with OPA
Microservices security best practices
Building a single-page application to talk to microservices
Static code analysis, dynamic testing, and automatic security testing