A common use case for Open Policy Agent (OPA) is to decouple authorization from the application. This enables policies and decisions to be managed centrally and lifecycled independently to the application. For application use cases, OPA can be integrated at the API Gateway, Service Mesh or Microservices layer or any combination of these.

DevOps and platform teams are more strained than ever, and as a result, need better tools than ever. These teams are required to develop, provide access to, and secure a number of resources — while remaining good stewards to application developers. Beyond that, they are often tasked with overseeing their organization’s shift to the cloud. And as that shift takes place, DevOps teams will need to shift their compliance standards to the cloud.

Today, web and mobile applications and API-based microservice endpoints are becoming the default. These applications are reachable through the HTTP web protocol. The encryption provided by a Secured Socket Layer or Transport Layer Security (SSL/TLS) is a must to secure the communication between client and server and across API back-ends. SSL/TLS are certificate-based encryption mechanisms. SSL has been the standard for over 20 years.

The many benefits of microservices architecture, such as improved scalability and agility, explain why organizations are migrating from the traditional monolithic architecture. However, these benefits come at the cost of increased complexity, especially regarding security. According to an O’Reilly survey, 56% of respondents considered increased complexity the greatest challenge in developing microservices.

A first of its kind survey looks at the relationship between open-source and K8s security. Today DevOps and security teams who deploy Kubernetes are forced to make a difficult choice between two security realities. They can either commit to a proprietary solution that they can’t adapt, access its code, influence the roadmap or contribute to its future. Or they can use open-source tools. But then they’ll end up attempting to integrate several of these tools together.

Modern containerized applications are increasingly born in the cloud and the big three managed Kubernetes services – Azure Kubernetes Service (AKS), Amazon Elastic Kubernetes Service (EKS), and Google Kubernetes Engine (GKE) – rule the skies. With more users picking managed services in public cloud as their preferred platform, self-managing a backup infrastructure in the cloud is an antithesis.

Kubernetes clusters consist of multiple resources and API objects interacting dynamically—which typically makes cluster management via the CLI overwhelming. Kubernetes Dashboard was built to simplify cluster operations by providing a unified, human-friendly interface. The web-based dashboard enables cluster operators to deploy applications, access running workloads, and correlate logs with cluster events. This article demonstrates how to install and use Kubernetes Dashboard.

As organizations rapidly transform the way they build and deploy applications in pursuit of greater business agility and increased speed to market, they face significant challenges implementing effective authorization controls throughout microservices environments and the infrastructure they run on. For Identity and Access Management (IAM) teams, stitching together different data sources and transforming them for authorization purposes is complex and time-consuming.