Alex Olivier
Un-complicate authorization maintenance
#1about 2 minutes
Differentiating between authentication and authorization
Authentication verifies a user's identity, while authorization determines what actions that verified user is allowed to perform.
#2about 15 minutes
How authorization logic evolves into spaghetti code
As a product grows, simple role checks escalate into complex, hardcoded logic for packaging, regions, enterprise features, and compliance, creating a maintenance bottleneck.
#3about 2 minutes
Why microservices exacerbate authorization maintenance issues
In a microservices architecture, authorization logic must be re-implemented and maintained across multiple services, languages, and teams, increasing complexity and risk.
#4about 5 minutes
A modern approach using a decoupled authorization service
Decoupling authorization logic into a central, policy-based service separates it from application code, enabling independent evolution and management.
#5about 8 minutes
Implementing decoupled authorization with the sidecar pattern
Deploying the authorization service as a sidecar in Kubernetes co-locates it with your application for low-latency checks while keeping the logic centralized.
#6about 3 minutes
Evaluating the advantages and disadvantages of decoupling
Decoupling provides centralized logic, language agnosticism, and consistent audit trails, but requires managing an additional service and potentially learning a new DSL.
#7about 1 minute
Using the open source project Cerbos for authorization
Cerbos is an open-source, self-hosted authorization service that implements the decoupled, policy-based approach for managing complex permissions.
#8about 19 minutes
Answering audience questions on authorization best practices
The discussion covers implementing authorization at different OSI layers, ensuring changes are tested, identifying complexity, and handling compromised credentials.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
03:06 MIN
The challenges of embedding authorization in application code
Decoupled Authorization using Policy as Code
01:57 MIN
The challenges of traditional in-code authorization logic
Keymate – Modern Authorization for Developers
00:53 MIN
Externalizing authorization with service mesh and API gateways
Keymate – Modern Authorization for Developers
05:39 MIN
Enhancing applications with observability and authorization
30 powerful AWS hacks in just 30 minutes: Boost your developer productivity
06:29 MIN
Introducing Policy as Code and Open Policy Agent
Decoupled Authorization using Policy as Code
04:16 MIN
Enabling developer autonomy with GitOps and CRDs
Software Engineering Social Connection: Yubo’s lean approach to scaling an 80M-user infrastructure
03:11 MIN
Exploring other use cases for OPA beyond web APIs
Decoupled Authorization using Policy as Code
01:21 MIN
Automating policy enforcement with admission controllers
Kubernetes Security Best Practices
Featured Partners
Related Videos
32:16Decoupled Authorization using Policy as Code
Anderson Dadario & Denys Vitali
06:04Keymate – Modern Authorization for Developers
Halil Özkan
![Policy as [versioned] code - you're doing it wrong](https://customer-goifxnzhrq3d0d54.cloudflarestream.com/23fa4a514c18f0a9b39573f31d96ba54/thumbnails/thumbnail.jpg?time=33000ms)
45:57Policy as [versioned] code - you're doing it wrong
Chris Nesbitt-Smith
23:29Delay the AI Overlords: How OAuth and OpenFGA Can Keep Your AI Agents from Going Rogue
Deepu
43:12Full-stack role-based authorization in 45 minutes
Bartosz Pietrucha
26:23OPA for the cloud natives
Philipp Krenn
23:42Delegating the chores of authenticating users to Keycloak
Alexander Schwartz
45:19Security Challenges of Breaking A Monolith
Reinhard Kugler
Related Articles
View all articles
From learning to earning
Jobs that call for the skills explored in this talk.
Peter Park System GmbH
München, Germany
Senior
Python
Docker
Node.js
JavaScript
SMG Swiss Marketplace Group
Canton de Valbonne, France
Senior
SYSKRON GmbH
Regensburg, Germany
Intermediate
Senior
.NET
Python
Kubernetes
