From developers for developers. You may be asking yourself: “How can I make my application (more) secure?”
What you will learn
In this workshop you will learn Application Security from two perspectives:
- Platform security
- Authentication and Authorization implementation
We will show you with an example application:
- How to secure external access to a Kubernetes cluster with TLS
- How to secure communication between Microservices with Istio and mTLS
- How to implement authorization and authentication with the Open Source Identity and Access Management system Keycloak and JSON Web Tokens (JWT)
Pre-requirements
Create a IBM Cloud account via the following link: https://ibm.biz/Bdfb8b
The technology
Microservices: A microservice is a service-oriented application component that is tightly scoped, strongly encapsulated, loosely coupled, independently deployable and independently scalable.
Eclipse MicroProfile: Optimizing Enterprise Java for a Microservices Architecture https://microprofile.io/
Kubernetes: also known as K8s, an open-source system for automating deployment, scaling, and management of containerized applications https://kubernetes.io/
Istio: Working with both Kubernetes and traditional workloads, Istio brings standard, universal traffic management, telemetry, and security to complex deployments https://istio.io/
Keycloak: Open Source Identity and Access Management for modern applications and services https://www.keycloak.org/
We will use our open source Cloud Native Starter on GitHub: https://developer.ibm.com/series/cloud-native-starter/ which is built with Quarkus and Microprofile.
Speakers: Thomas Südbröcker and Liam Hampton
We are looking forward to seeing you there!
Your IBM Developer Advocacy Team
Berlin, Germany