Microservices Security Concerns

Security is always a concern. Microservices make some things easier to secure and somethings need to be paid attention to. List of security issues to think about Network Layer of each service needs protection for exposed ports DNS, NTP are critical infrastructure resources when everything hinges on service discovery Each service requires transport layer security, request authentiaction and based on requirement additional authorization information Logs etc. required for audit trails need to be captured, stored and observed If services are geographically distributed, enabling TLS on them exposes the services to OSINT due to certification transparency logs Network, Transport and Ports Typically all services listen on TCP ports providing high level functionality wrapped in HTTP or RPC