menu
arrow_back

Managing Policies and Security with Istio and Citadel

Managing Policies and Security with Istio and Citadel

1시간 15분 크레딧 7개

GSP657

Google Cloud Self-Paced Labs

Overview

Introduction

This lab demonstrates how to leverage Istio's identity and access control policies to help secure microservices running on GKE.

You will use the Hipstershop sample application to understand and practice:

  • Incrementally adopting Istio mutual TLS authentication across the service mesh.
  • Enabling end-user (JWT) authentication for the frontend service.
  • Using an Istio access control policy to secure access to the frontend service.

Objectives

In this lab, you will learn how to perform the following tasks:

  • Complete cluster configuration.
  • Download open source Istio with sample configs, and istioctl.
  • Deploy Hipster Shop, an Istio-enabled multi-service application.
  • Understand authentication and enable service to service authentication with mTLS.
  • Enable end-user JWT authentication alongside mTLS.
  • Understand Istio authorization and enable frontend authorization.

이 실습의 나머지 부분과 기타 사항에 대해 알아보려면 Qwiklabs에 가입하세요.

  • Google Cloud Console에 대한 임시 액세스 권한을 얻습니다.
  • 초급부터 고급 수준까지 200여 개의 실습이 준비되어 있습니다.
  • 자신의 학습 속도에 맞춰 학습할 수 있도록 적은 분량으로 나누어져 있습니다.
이 실습을 시작하려면 가입하세요
점수

—/100

Deploy the application Pods along with injected proxy sidecars

단계 진행

/ 20

Deploy the Istio service mesh configuration

단계 진행

/ 20

Enable mTLS for one service: frontend

단계 진행

/ 20

Enable mTLS for an entire namespace: default

단계 진행

/ 20

Enable authorization for one service: frontend

단계 진행

/ 20