⚡️ Enlightning - Flexible Authorization with OpenFGA

January 20, 2024

OpenFGA is a flexible authorization engine built for developers and designed to make it easy for them to model their application permissions and add and integrate fine-grained authorization into their applications. Its modeling flexibility allows developers the ability to use it for various complex use-cases, whether it is to easily enable sharing, to support nested entities (documents in nested folders), or quickly enable multi-tenancy and much, much more. It offers HTTP and gRPC APIs, SDKs for multiple languages and several tools to make modeling easier. In this session, we’ll go into why OpenFGA was built, where it fits into the authorization space, what makes it different from other authorization methods like Role-Based Access Control and some of the many use-cases that it covers. We’ll also go over some of the tools available to make modeling easier and give devs confidence that they’re not introducing a security risk, as well as some helpful tips for modeling and integrating with OpenFGA. Join host Whitney Lee and guest Raghd Hamzeh for ⚡️ Enlightning!

Demystifying the Software Bill Of Materials (SBOM) and why everyone's talking about them

Tanzu Developer Advocate and Enlightning host Whitney Lee speaks with Tanzu Solutions Architect, Alex Barba...

Next Video

⚡️ Enlightning - Open Policy Containers: The What, Why, and How

The Open Policy Containers project provides a secure software supply chain for Open Policy Agent (OPA) poli...

⚡️ Enlightning - Flexible Authorization with OpenFGA

Previous

Next Video

Related content in this Stream

SOPS (Secrets OPerationS) is an editor of encrypted files and is a simple way to secure and manage sensitive assets. SOPS supports YAML, JSON, ENV, INI, and binary formats. By being able to integrate

Tanzu Developer Advocate and Enlightning host Whitney Lee speaks with Tanzu Solutions Architect, Alex Barbato to unpack the Software Bill of Material (SBOM). SBOMs have gained a lot of attention in th

The Open Policy Containers project provides a secure software supply chain for Open Policy Agent (OPA) policies, enabling a policy-as-code workflow for maintainers and consumers of policies to easily

Yahoo developed and open sourced a service authentication and role-based authorization system called Athenz to address the core zero trust principles. Yahoo uses Athenz to bootstrap their instances de

Network Service Mesh takes concepts from traditional L7 application service meshes and brings them down to L3 payloads, enabling your workloads to get the connectivity, security, and observability the

Confidential Containers allow users to run sensitive cloud native workloads in an untrusted cloud. We'll explore how this is possible and how you can use the project with your own workloads. Join h

Explore SPIFFE (Secure Production Identity Framework For Everyone), a CNCF project revolutionizing identity management in cloud-native systems. This session introduces you to SPIFFE’s approach to

As Kubernetes becomes the backbone of modern infrastructure, securing multi-tenant clusters becomes a top priority for platform engineering teams. In this lightboard session, we will delve into the

Keycloak is an open source Identity and Access Management (IAM) solution for modern applications and services. It is designed to secure applications with modern industry standards like OAuth2, OpenID

Hexa Policy Orchestration enables you to manage disparate access policy formats across cloud providers, IAM systems, networks, and data. Join host Whitney Lee and guest Gerry Gebel to learn more!

Security is something we all need, and something we would all love to forget about. 🙂 Kubescape is a CNCF project that helps to secure your clusters easily and quickly. It helps you validate the c

Many kinds of identity providers utilize different architectures and protocols existing in this world. The commonly-spread standard among cloud native applications (including Kubernetes) is now the Op

Now that we have learned so much about networking and service mesh solutions, let’s look at what Cilium can do. Cilium has an answer for each use case that folks adopt a service mesh for, as well as a

Istio is a Graduated CNCF Project that provides application networking for a distributed microservices architecture with built-in traffic engineering, observability, identity, policy, AAA, and encrypt

Service mesh is the future of application connectivity, offering immediate enhancements to your application traffic’s security, reliability, and observability. In this episode of ⚡️ Enlightning, disc

Linkerd is the first service mesh, and it is still - by far - the least stressful way to add security, reliability, and observability to any Kubernetes cluster. Using a mesh to add these critical func

VMware Tanzu Developer Advocate and Enlightning host Whitney Lee speaks with Denee Lake, a modern compliance architect with VMware Tanzu Labs, about continuous authority to operate (ATO), a term commo

Let’s demystify Kubernetes Networking and Container Network Interfaces (CNIs) with Duffie Cooley and Whitney Lee. We will discuss the Kubernetes networking model and how a CNI makes all the magic happ

Software vendors use digital signatures to ensure authenticity and integrity of their distributed software. Cloud native workloads require support for signature delivery mechanisms, agility to address