Space Cloud allows you to whitelist the downstream services which are allowed to communicate with the current service in an effortless manner.
Space Cloud whitelists all services within the same project by default.
Whitelisting uses Istio’s Authorization Policies to enforce policy control. This helps you safeguard your sensitive services from internal attacks.
Let’s say you have a Customer Identity Service which deals with personally identifiable information. By whitelisting the services which have access to this service, you can prevent customer data from leaking within the organization.
Space Cloud requires two parameters to configure whitelisting.
Space Cloud allows you to whitelist services from different projects.
Whitelisting services from different projects works inside the same cluster only.
*
in the project id field indicates that the provided service can be accessible by all services in all projects.*
in the service id field indicates that the provided service can be accessible by all services in the provided project.