Skip to content

Example 12: Security (four layers, sidecar, policy-as-code) #14

Open
Open
Example 12: Security (four layers, sidecar, policy-as-code)#14
Labels
exampleRunnable example implementationistioRequires Istio service meshminikube-stackExample uses minikube Kubernetes infrastructure
Milestone
M4: Minikube Examples

Description

@patterncatalyst
patterncatalyst
opened on Jun 30, 2026

Chapter

_docs/12-security.md — Security

Example Path

examples/12-security/

What to demonstrate

  • Four concentric security layers (cloud, cluster, container, code)
  • Sidecar pattern with Envoy/Istio for mTLS, JWT, rate limiting
  • OPA policy-as-code enforcement
  • Trusted identity headers from sidecar

Stack

  • Infra: Minikube — Istio + OPA + LGTM
  • Language: Python (FastAPI with auth middleware)
  • Priority: Medium

Deliverables

  • K8s manifests with Istio config
  • OPA policies
  • Service with security sidecar
  • README.md
  • verify.sh
  • Flip chapter footer to verified

Metadata

Metadata

Assignees

No one assigned

    Labels

    exampleRunnable example implementationistioRequires Istio service meshminikube-stackExample uses minikube Kubernetes infrastructure

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions