The idea of service mesh has been proposed that injects high-level networking functionality in Kubernetes’ deployments by interposing Istio proxies in a transparent or semi-transparent fashion. Istio auth leverages Istio proxies to enable strong authentication and data security for the services’ inbound and outbound traffic, without or with little change to the application code.
- Secure service to service communication and end-user to service communication via Istio proxies.
- Provide a key management system to automate key generation, distribution, and rotation.
- Expose the authenticated identities for authorization, rate limiting, logging, monitoring, etc.
Bazel is used for build and dependency management. The following commands build and test sources:
$ bazel build //...
$ bazel test //...Bazel uses BUILD files to specify package dependencies and how targets are
built from the source. The
gazelle
tool is used to automatically generate and update BUILD files:
$ gazelle -go_prefix "istio.io/auth" --mode fix