End-to-End Security With gRPC in Kubernetes - Shiva & Abhishek Agrawal, Google
Abstract
As cloud-native architectures continue to scale, ensuring secure communication across microservices is a critical challenge. gRPC is widely adopted for its high performance and efficiency, but achieving end-to-end security in Kubernetes-based deployments introduces unique complexities. This session will explore best practices for securing gRPC applications in Kubernetes environments. We will cover the implementation of TLS and MTLS for encrypted communication, authentication using JWT and OAuth2. Special focus will be given to leveraging Kubernetes-native tools like Cert-Manager and Secrets for certificate management and integrating service meshes such as Istio for automated security configurations.