From the course: Advanced Spring: Deploy Spring Boot Applications to AWS, Azure and GCP
Join today to access over 25,300 courses taught by industry experts.
Securing your Spring Cloud Gateway on Google Cloud Platform - Spring Tutorial
From the course: Advanced Spring: Deploy Spring Boot Applications to AWS, Azure and GCP
Securing your Spring Cloud Gateway on Google Cloud Platform
- [Instructor] Now, let's learn how to deploy a Spring Cloud gateway deployment on GCP, focusing on best practices and GCP-specific features. For authorization and authentication, you want to leverage Cloud IAM and enforce lease privilege. When you integrate Spring Cloud Gateway with Cloud IAM using libraries like Google Cloud IM Credentials or Spring Security GCP, you also want to implement token introspection. So you could use the Google Cloud JWT Verifier to validate JWTs issued by Cloud IAM before forwarding requests. Also, consider OAuth 2.0 flows like authorization code grant for user authentication if Cloud IAM doesn't suit your needs. Spring Security provides comprehensive OAuth 2.0 support. For enforcing lease privilege, utilize Spring Securities access control capabilities or at preauthorized annotations to define, find-grained authorization rules for each microservices endpoint and expose to the gateway. Integrate with Cloud IAM roles to map specific IAM rules to allowed…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.