Understanding security in the context of a microservices architecture
Microservices architectures encourage decomposing an application into small (in scope), autonomous units that can be managed and deployed independently. If we compare this with a traditional monolithic application, one major difference is that a microservices architecture opens the security of the platform to a wider surface area. In a monolithic application, most of the communication happens within the application itself inside the same server and runtime, hence it does not require any advanced security for internal communication. But in the world of microservices, we need to secure the communication coming into the services (North-South traffic) as well as within the services (East-West traffic). The following diagram depicts this concept of two types of security that need to be handled in a microservices architecture: