Today, many organisations are moving from monolithic applications to microservices-based applications to accelerate innovation. However, digital transformation journeys come with challenges, and the transition to microservices is no different. Teams need to ensure that services are connected reliably with minimal latency, while also preventing unauthorised access and minimising risk of data breach. Organisations can leverage OPA and Kong Mesh as open source options to manage traffic flow between services, but these solutions require teams to design and deploy integrations themselves and lack a framework for management, monitoring or collaboration.
Styra and Kong now offer a turnkey solution for deploying OPA and Kuma that delivers the service proxies and policy-as-code controls needed to establish or deny traffic to, from or between individual microservices and apps. With the new integration of Styra DAS and Kong Mesh, individuals have the collaboration tools and visibility required to manage policy-enabled traffic control at scale. Styra DAS and Kong Mesh enable IT, security, and governance, risk management and compliance (GRC) teams to:
• Reduce operational overhead with automated policy-as-code based control of multiple service meshes.
• Govern, monitor and audit traffic flow and policy decisions for real-time verification of performance and risk.
• Increase application reliability with policy-based traffic management.
• Manage microservices policy lifecycle from initial authoring all the way through deployment and monitoring.
• Rapidly implement leading open-source solutions OPA and Kuma at global scale.
“When teams embrace a microservice architecture, they need to manage what those services can do. Styra and Kong both believe that microservices are the future of application development, and that controlling those services is critical to both performance and security,” said Styra co-founder and chief technology officer Tim Hinrichs. “This partnership makes perfect sense – since Kong’s API gateway and service mesh solutions provide the modern network control points for APIs and microservices, and Styra solutions provide the authorisation policy to control how and when those APIs are called.”
Styra and Kong enable seamless authorisation policy enforcement
Through this partnership, Styra and Kong are responding to their customers’ evolving needs. The combination tightly controls traffic between services, based on dynamic context, to prevent unauthorised access and limit the risk of data exfiltration. Additionally, customers also architect traffic flow to ensure application components work together appropriately so end users have the correct level of access based on their level of privilege within the app.
Styra DAS and Kong Mesh give teams the tooling required to govern, monitor and audit traffic flow and policy decisions across all API-based traffic control points using a single management plane for OPA and Kuma. This empowers disparate development teams to unify best-of-breed open source solutions from Styra and Kong, as well as to break down silos and innovate faster, with less overhead or custom tooling.
“At Kong, our aim is to ensure that companies’ connectivity across APIs, hybrid and multi-cloud environments is reliable and runs seamlessly as their use of cloud-native applications increases,” said Kong CTO and co-founder Marco Palladino. “We are excited to work with Styra to advance policy scalability across our solutions, ensure that traffic flow is governed by policy, and meet the needs of developers and security teams alike.”
The Kong Mesh integration with Styra DAS is currently available to all Styra DAS Free and DAS Enterprise customers.
Learn more about securing your cloud-native solutions with Styra.
Styra, the founders of Open Policy Agent (OPA), provides open source and commercial solutions that enable enterprises to define, enforce and monitor authorisation policy across their cloud-native applications, as well as the infrastructure they run on. Styra policy-as-code solutions let developers, DevOps and security teams mitigate risks, reduce human error and accelerate application development.
Kong creates software and managed services that connect APIs and microservices natively across and within clouds, Kubernetes, data centres and more using intelligent automation. Built on an open source core, Kong’s service connectivity platform enables digital innovation by allowing organisations to reliably and securely manage the full lifecycle of APIs and services for modern architectures, including microservices, serverless and service mesh. By providing developer teams with unprecedented architectural freedom, Kong accelerates innovation cycles, increases productivity, and seamlessly bridges legacy and modern systems and applications. For more information about Kong, please visit konghq.com or follow @thekonginc on Twitter.