Expose and secure a workload with Istio

This tutorial shows how to expose and secure a workload using Istio's built-in security features. You will expose the workload by creating a VirtualService. Then, you will secure access to your workload by adding the JWT validation verified by the Istio security configuration with Authorization Policy and Request Authentication.

Prerequisites

Expose your workload using a Virtual Service

Follow the instructions in the tabs to expose the HttpBin workload or the Function using a VirtualService.

  • Expose the HttpBin workload
  • Expose the Function

Secure a workload or the Function using a JWT

To secure the HttpBin workload or the Function using a JWT, create a Request Authentication with Authorization Policy. Workloads with the matchLabels parameter specified require a JWT for all requests. Follow the instructions in the tabs:

  • Secure the Httpbin workload
  • Secure the Function