In chapter 6, we discussed how to secure service-to-service communications with certificates; and in chapter 7, we extended that discussion to use JWTs to secure service-to-service communications. Then in chapters 10 and 11, we discussed how to deploy a set of microservices as Docker containers in Kubernetes and to secure service-to-service communications with JWT over mTLS. In all of these cases, each microservice by itself had to worry about doing security processing. Or in other words, each microservice embedded a set of Spring Boot libraries to do security processing. This violates one key aspect of microservices architecture, the single responsibility principle, under which a microservice should be performing only one particular function.