Part 9: Serverless functions - Who responded?
In our previous blog posts in the Kong Gateway series, we explored various security aspects, particularly focusing on token-related issues and their solutions involving both Kong and custom-built plugins. Today, we dive deeper into another coding variant within the gateway: Kong serverless functions. We will use a real-world “Who Responded?” example to demonstrate how effectively a root cause analysis approach can be supported with minimal effort.Reproducible and consistent development environments with DevContainers
As a developer in an agile world it becomes quite normal to be involved in more than one activity (projects, trainings and some research) at a time. Each of these activities may require a specific setup of development environments in terms of programming languages, compiler and library versions. Installing and maintaining all this with a classical approach is error-prone and requires a lot of effort. Using task-specific virtual machines would solve the problem, but it consumes a lot of resources and causes a lot of maintenance as well, because one also needs to keep VM’s operating system up to date. This article shows, how DevContainers can help you create and maintain reproducible development environments leveraging the benefits of modern container technology.Part 8: Plugin Cloning
This time we explore how plugin cloning of the Access Control List (ACL) Plugin enhances API security within a zero-trust architecture. We address the challenge of executing the ACL plugin twice, first for a consumer authenticated via an mTLS client certificate and then for a consumer authenticated via an OAuth2 token in the same processing pipeline, as the Kong’s architecture prevents the same plugin from running multiple times in a single request-response cycle. To meet this challenge, we introduce the Kong supported Priority-Updater tool, which enables cloning and priority configuration of existing plugins. This blog provides a comprehensive guide to implementing multi-layer authentication by plugin cloning.Visit NTT DATA
NTT DATA is your Innovation Partner anywhere around the world. Headquartered in Tokyo, with business operations in more than 50 countries and regions, we emphasize long-term commitment and combine global reach and local intimacy to provide premier professional services from consulting, system development to business IT outsourcing.