Styra Academy, our online training portal for free courses on OPA, Rego, and Styra Declarative Authorization Service, has a new course available - Microservice Authorization! Before diving in, let’s get a better understanding of microservices and some of the authorization challenges developers need to consider.
Microservices are everywhere — and securing them presents a unique set of challenges. As a company dedicated to authorization, we specialize in fine-grained access world of who-can-do-what and what-can-do-what part for deeper security. This course is built with developers in mind to help them be successful with authorization in a microservices world.
Over the past decade, microservices have become a widely adopted application architecture. This architecture brings many important advantages along with some new challenges. To secure microservices, developers need an authorization solution that addresses all of them, including:
Velocity: New microservices, versions, teams, languages, and technologies emerge every day. Authorization must be decoupled from application code to keep up with this diversity and velocity needed for the business.
Complexity: Microservices bring with them a great number and diversity of endpoints, APIs, and users. An authorization solution must be rich and flexible to define precisely who can do what in each unique context. Support for RBAC, ABAC and context-dependency are often required.
Performance: Each end-user request may be served by a series of microservices. To avoid impacting performance, authorization decisions for each microservice must happen fast.
Governance: One microservice and one insecure policy can compromise the overall security of an organization. An authorization solution must support a governance structure to ensure every policy and every policy change satisfies both local application requirements and broader organizational compliance.
In this new Styra Academy course, developers will learn how to solve these challenges using Open Policy Agentwith Styra DAS. You will see how to deploy scalable, distributed authorization for your microservices and handle many day-2 operations, including security, maintenance, governance and DevOps. Our new free course “Microservices Authorization”on Styra Academy will walk you through:
Validation and deployment
Hands-on labs with Kuma and Istio service mesh
Try other courses on Styra Academy, including “OPA Policy Authoring,” and check back as we continue the learning journey!