Networking

Control access to microservices with gRPC and Traffic Director

traffic director.jpg

We are excited to announce Traffic Director’s general availability of client authorization by proxyless gRPC services. This release, in conjunction with Traffic Director’s capability for managing mutual TLS (mTLS) credentials for Google Kubernetes Engine (GKE), enables customers to centrally manage access between workloads using Traffic Director.

D Proxyless Authz Block Diagram.jpg

With the new authorization support, you can explicitly permit access to servers from specific clients and ensure that non-authorized clients will be denied access. You can match clients by their identity as verified with mTLS and limit clients to certain IP addresses. You can also match against an HTTP header for custom approaches.

Check out the user guide to get started! Or jump directly to the REST documentation to see the authorization policy format.