Fortifying Microservice Security with SPIRE and OPA

Explore the challenges of microservice security and learn how to fortify your architecture using SPIRE and OPA in this informative conference talk. Delve into the unique authentication and authorization challenges posed by microservice environments, especially when dealing with large-scale systems handling thousands of API calls per second. Discover how SPIRE creates an identity plane across diverse infrastructure, delivering cryptographically verifiable identities to workloads. Understand the role of OPA as a policy engine for enforcing fine-grained authorization policies throughout the stack. Learn how to leverage SPIRE-issued JWT SVID claims, created using OIDC Federation, in conjunction with OPA to implement robust service-to-service and end-user access control without compromising performance or availability. Gain valuable insights into securing your microservices architecture effectively and efficiently.

Fortifying Microservice Security with SPIRE and OPA - Ash Nakar