3 Deploying a microservice behind an API gateway

 

This chapter covers

  • The role an API gateway plays in a microservices deployment
  • Why OAuth2.0 is the de facto standard for securing microservices at the edge
  • How to deploy a microservice behind the Zuul API gateway and secure it with OAuth 2.0
 

3.1   The need for an API gateway in a microservices architecture

 

3.1.1   Decoupling security from the microservice

 

3.1.2   The inherent complexities of microservice deployments make them harder to consume

 
 

3.1.3   The rawness of the microservices does not make them ideal for external exposure

 
 
 

3.2   Security at the edge

 
 

3.2.1   Understanding the consumer landscape of your microservices

 
 
 

3.2.2   Delegating access

 
 
 
 

3.2.3   Why not basic authentication?

 
 
 

3.2.4   Why not Mutual TLS?

 
 
 

3.2.5   Why OAuth 2.0?

 
 
 

3.3   How to pick the correct OAuth 2.0 grant type?

 

3.3.1   Client credentials grant type

 
 
 
 

3.3.2   Resource owner password grant type

 
 
 
 

3.3.3   Refresh token grant type

 
 

3.3.4   Authorization code grant type

 
 

3.3.5   Implicit grant type

 
 

3.4   Setting up an API gateway with Zuul

 

3.4.1   Compiling and running the Order Processing microservice

 
 

3.4.2   Compiling and running the Zuul proxy

 
 

3.4.3   Enabling OAuth2.0-based security at the Zuul gateway

 
 
 

3.5   Securing communication between Zuul and the microservice

 
 

3.5.1   Preventing access through the firewall

 
 

3.5.2   Securing the communication between the API gateway and microservices by using mutual TLS

 

3.6   Summary

 
 
sitemap

Unable to load book!

The book could not be loaded.

(try again in a couple of minutes)

manning.com homepage
test yourself with a liveTest