Make a submission
Accepting submissions till 31 Dec 2020, 11:59 PM
DevOps and Dev-Oops sessions cover:
Rootconf is a forum for:
Contact information: If you have questions, call Rootconf on 7676332020 or email rootconf.editorial@hasgeek.com
Gaurav Chaware
@gchaware
Submitted May 4, 2020
Authorization is the key challenge in a microservices architecture. For each API call, users need to be authenticated and authorized. While authentication can be taken care of centrally at the API gateway layer, authorization is left for each microservice. Each microservice will need to validate the user permissions and the entity it is trying to access. Problem of course is to ensure decoupled authorization can be implemented without compromising the security of the application.
Open Policy Agent (OPA) makes it easy to write fine-grained, context-aware policies to implement API authorization. This talk will focus on various architectural patterns to implement microservices API authorization with Open Policy Agent. We will cover how OPA can decouple the policy enforcement from implementation and integrate with external data sources to add context for authorization decisions (e.g. with LDAP).
The target audience for this talk are the Microservices Solution Architects, Security Architects and Application Developers. Whether you have already implemented a microservices based application or looking to move to microservices, or even if you are looking for Authorization solutions for APIs in your monolithic application, this talk is for you.
Key takeaways are :
I will start with a basic implementation to introduce the concepts and progressively, take advanced architectural patterns.
No special requirements for the session. If you want to try out the demo as I explain it, bring along a laptop with git client, minikube / kind, and opa binaries installed.
I am working with InfraCloud Technologies as a Senior Technology Architect. I have been working in the Software Services industry (previously with Infosys and Cognizant) for 14 years and have vast experience in Microservices and cloud native architecture.
I am currently involved in projects involving OPA setup at multiple medium and large organisations. And, active in the OPA community with Slack handle @Gaurav. I have also given presentations about OPA at Kubernetes Forums, 2020 for both Delhi and Bengaluru.
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}