Application level authorization


#1

I am designing a component to handle all the application level authorization using Istio. My current plan is to create a Mixer out of process Check Adapter in a similar fashion of :

[Mixer Out of Process Adapter Walkthrough(https://github.com/istio/istio/wiki/Mixer-Out-Of-Process-Adapter-Walkthrough]).

This adapter is going to hit an external service using gRPC. The external service is going te receive the user information and the resource information and check agains a datasource (like Redis).

My problem with this solution is that the information of what routes are secured and with for what permissions is specified as data and not as specification. I would prefer to have the definition in K8s and the relation of permissions with users in Redis.

Is there any way to achieve that?

Thanks in adavance.