Posts

Showing posts from August, 2019

End-user authentication with Istio and KeyCloak on the AWS EKS environment

Image
When evaluating Istio to use in our AWS EKS clusters environment, I found it is a little bit confusing with end-user authentication which cost me a couple days to set up a running scenario. Moreover, most of the blog posts and online documents only mention end-user authentication with Auth0 (a proprietary authentication solution) or very limited to other software such as KeyCloak. This article describes how I did the configuration to make it work with KeyCloak as well as briefly explaining the authentication flow of Istio.

As you may know, Istio introduces two types of authentication which are Transport Authentication and Origin Authentication [0]. Transport Authentication is used for the service to service authentication while Origin Authentication is used for end-user authentication. But, when it comes to real configuration, it looks like I have to apply both types if I want to set up the scenario as follows:

Figure 1: Expected scenario What I expected to have are:
End-user requests …

Counting all items of a DynamoDB table using aws cli

This following command will return the total number of records of a DynamoDB table:

aws dynamodb scan --table-name <TABLE_NAME> --select "COUNT"