Security in Kyma
To ensure a stable and secure work environment, the Kyma security component uses the following tools:
- Predefined Kubernetes RBAC roles to manage the user access to the functionality provided by Kyma
- Istio Service Mesh with the global mTLS setup and ingress configuration to ensure secure service-to-service communication
- ORY Oathkeeper and ORY Hydra used by API Gateway to authorize HTTP requests and provide the OAuth2 server functionality.