You're reading from Microservices with Spring Boot 3 and Spring Cloud, Third Edition Build resilient and scalable microservices using Spring Cloud, Istio, and Kubernetes

Product type Paperback

Published in Aug 2023

Publisher Packt

ISBN-13 9781805128694

Length 706 pages

Edition 3rd Edition

Languages

Java

Tools

Istio

Concepts

Microservices

Author (1):

Magnus Larsson AB

View More author details

Table of Contents (26) Chapters

Preface

1. Introduction to Microservices

2. Introduction to Spring Boot FREE CHAPTER

3. Creating a Set of Cooperating Microservices

4. Deploying Our Microservices Using Docker

5. Adding an API Description Using OpenAPI

6. Adding Persistence

7. Developing Reactive Microservices

8. Introduction to Spring Cloud

9. Adding Service Discovery Using Netflix Eureka

10. Using Spring Cloud Gateway to Hide Microservices behind an Edge Server

11. Securing Access to APIs

12. Centralized Configuration

13. Improving Resilience Using Resilience4j

14. Understanding Distributed Tracing

15. Introduction to Kubernetes

16. Deploying Our Microservices to Kubernetes

17. Implementing Kubernetes Features to Simplify the System Landscape

18. Using a Service Mesh to Improve Observability and Management

19. Centralized Logging with the EFK Stack

20. Monitoring Microservices

21. Installation Instructions for macOS

22. Installation Instructions for Microsoft Windows with WSL 2 and Ubuntu

23. Native-Complied Java Microservices

24. Other Books You May Enjoy

25. Index

Securing the system landscape

To secure the system landscape as described in the introduction to this chapter, we will perform the following steps:

Encrypt external requests and responses to and from our external API using HTTPS to protect against eavesdropping.
Authenticate and authorize users and client applications that access our APIs using OAuth 2.0 and OpenID Connect.
Secure access to the discovery server, Netflix Eureka, using HTTP basic authentication.

We will only apply HTTPS for external communication to our edge server, using plain HTTP for communication inside our system landscape.

In the chapter on service meshes (Chapter 18, Using a Service Mesh to Improve Observability and Management) that will appear later in this book, we will see how we can get help from a service mesh product to automatically provision HTTPS to secure communication inside a system landscape.

For test purposes, we will add a local OAuth 2.0 authorization...