menu
arrow_back

Managing Policies and Security with Istio and Citadel

—/100

Checkpoints

arrow_forward

Deploy the application Pods along with injected proxy sidecars

Deploy the Istio service mesh configuration

Enable mTLS for one service: frontend

Enable mTLS for an entire namespace: default

Enable authorization for one service: frontend

Managing Policies and Security with Istio and Citadel

1 jam 7 Kredit

GSP657

Google Cloud Self-Paced Labs

Overview

This lab demonstrates how to leverage Istio's identity and access control policies to help secure microservices running on GKE.

You will use the Hipstershop, an Istio-enabled multi-service sample application to understand and practice:

  • Incrementally adopting Istio mutual TLS authentication across the service mesh

  • Enabling end-user (JWT) authentication for the frontend service

  • Using an Istio access control policy to secure access to the frontend service

Objectives

In this lab you learn how to perform the following tasks:

  • Complete cluster configuration

  • Download open source Istio with sample configs, and istioctl

  • Deploy Hipster Shop, an Istio-enabled multi-service application

  • Understand authentication and enable service to service authentication with mTLS

  • Enable end-user JWT authentication alongside mTLS

  • Understand Istio authorization and enable frontend authorization

Bergabunglah dengan Qwiklabs untuk membaca tentang lab ini selengkapnya... beserta informasi lainnya!

  • Dapatkan akses sementara ke Google Cloud Console.
  • Lebih dari 200 lab mulai dari tingkat pemula hingga lanjutan.
  • Berdurasi singkat, jadi Anda dapat belajar dengan santai.
Bergabung untuk Memulai Lab Ini