Introducing microservices security
For securing microservices, we must consider these two situations and approaches:
- Controlling external access: The access to microservices from (external) clients or producers such as a Django app
- Controlling inter-service access: The access to microservices from other microservices such as the match address microservice calling the mail microservice
Because of its vertical flow direction, external access security is called north-south security. So, we use the term east-west security for horizontal inter-service access security. In the following subsections, we’ll look at how these apply to the microservices architecture and start with north-south security.
North-south security for microservices
If application requirements state that producers (clients) must authenticate themselves when offloading tasks to workers (microservices), we can apply set-up north-south security. We call this type of security measurement north...