terrywbrady
commented
2 years ago Martin researched "zero trust microservices".
Options to consider.
- Have services share JWT header (shared secrets) to authenticate
- AWS App Mesh - seems complicated
Open terrywbrady opened 2 years ago
terrywbrady
commented
2 years ago Martin researched "zero trust microservices".
Options to consider.
terrywbrady
commented
2 years ago I found this to be more useful:
https://jaxlondon.com/blog/zero-trust-with-microservices-its-easier-than-you-think/
And finally, one of the pages Jim referenced mentions AWS App Mesh, which you can learn about here: https://aws.amazon.com/app-mesh
I'll close this ticket for now, but if Kevin happens to chime in I'll add his response.
--Martin
terrywbrady
commented
2 years ago Per our brief conversation, you might find these docs of interest:
https://docs.aws.amazon.com/whitepapers/latest/microservices-on-aws/microservices.html
https://docs.aws.amazon.com/whitepapers/latest/microservices-on-aws/service-discovery.html
Since we were talking generally, it is hard to detail. So, the latter link, is focused on a Kubernetes environment. Another approach is to use Lambda for your code, which then you could keep that within your VPC and talk to service endpoints via Private Link, if necessary for service connections.
So, this is a bit variable depending on your direction.
Let me know your thoughts on these approaches – or if you have more detail on how the development team will progress with code in the future
Also, let me know if this does not quite address your question.
Discussed with IAS on 5/3. IAS will raise the question to Colin and to the AWS reps.
Question: what is an AWS best practice for securing trust between microservices?
Background
Todo for Merritt