Write Kubernetes Network Policies with Inspektor Gadget’s Network Policy Advisor (opens in new tab)

(kinvolk.io)

8 pointsblixtra6y ago2 comments

2 comments

Am I the only one who thinks this feels wrong? Shouldnt cloud services use token based auth even internally?

At our place we don't protect our backend services behind firewalls, they're protected by auth0 tokens ...

Why frame this as only an either-or? Seems like it's a cheap additional layer of security.

You also might have components you haven't written yourself that don't use tokens, e.g. databases.

j / k navigate · click thread line to collapse

Am I the only one who thinks this feels wrong? Shouldnt cloud services use token based auth even internally?

At our place we don't protect our backend services behind firewalls, they're protected by auth0 tokens ...

Why frame this as only an either-or? Seems like it's a cheap additional layer of security.

You also might have components you haven't written yourself that don't use tokens, e.g. databases.

j / k navigate · click thread line to collapse