Building Secure Microservices in Azure - Jimmy Bogard - NDC Oslo 2022
Vložit
- čas přidán 28. 12. 2022
- Building microservices can be easy, but securing them is hard. We have external and internal applications, APIs, queues, users, and more. Each might use a different authentication and authorization strategy, depending on customer and system needs. The stakes are high and there is no margin for error!
In this talk, we’ll look at the different categories of applications and users, and what possibilities we have for securing them. We’ll also look at what Azure provides for securing internal users and applications, and an external provider for external users and applications. We’ll also cover different authentication and authorization strategies, and how we can map these to our various communication scenarios.
Finally, we’ll look at a full end-to-end example using .NET 6 and Azure, building out a playbook for the common and not-so-common scenarios we encounter.
Check out more of our featured speakers and talks at
ndcconferences.com/
ndcoslo.com/ - Věda a technologie
Good luck to anyone doing 1000 of things to build a secure api on azure!
I miss the old days of secure cookies 😞
21:18 - does anyone else have trouble reading that ?
How do you impersonate the logged in user.
As an example a micro service might have record level security. So user 1 and user 2 might see diffrent results/responses for the same API request?
To do this the API needs to know who is making the request.
Can't see code in mobile.