Managing Policies and Security with Istio and Citadel
You will use the Hipstershop sample application to understand and practice:
- Incrementally adopting Istio mutual TLS authentication across the service mesh.
- Enabling end-user (JWT) authentication for the frontend service.
- Using an Istio access control policy to secure access to the frontend service.
In this lab, you will learn how to perform the following tasks:
- Complete cluster configuration.
- Download open source Istio with sample configs, and
- Deploy Hipster Shop, an Istio-enabled multi-service application.
- Understand authentication and enable service to service authentication with mTLS.
- Enable end-user JWT authentication alongside mTLS.
- Understand Istio authorization and enable frontend authorization.
Join Qwiklabs to read the rest of this lab...and more!
- Get temporary access to the Google Cloud Console.
- Over 200 labs from beginner to advanced levels.
- Bite-sized so you can learn at your own pace.
Deploy the application Pods along with injected proxy sidecars
Deploy the Istio service mesh configuration
Enable mTLS for one service: frontend
Enable mTLS for an entire namespace: default
Enable authorization for one service: frontend