The Kubernetes project has exploded in popularity in recent years as the preferred environment for deploying server software. That growth has been accompanied by a shift to microservice architectures, in which complex applications are split into separate components communicating over service-to-service APIs. In this part of the book, you’ll see how to deploy microservice APIs in Kubernetes and secure them from threats.
Chapter 10 is a lightning tour of Kubernetes and covers security best practices for deploying services in this environment. You’ll look at preventing common attacks against internal APIs and how to harden the environment against attackers.
After hardening the environment, chapter 11 discusses approaches to authentication in service-to-service API calls. You’ll see how to use JSON Web Tokens and OAuth2 and how to harden these approaches in combination with mutual TLS authentication. The chapter concludes by looking at patterns for end-to-end authorization when a single user API request triggers multiple internal API calls between microservices.