Policies

Istio lets you configure custom policies for your application to enforce rules at runtime such as:

• Rate limiting to dynamically limit the traffic to a service
• Denials, whitelists, and blacklists, to restrict access to services
• Header rewrites and redirects

Istio also lets you create your own policy adapters to add, for example, your own custom authorization behavior.

You must enable policy enforcement for your mesh to use this feature.

See also

Security

Describes Istio's authorization and authentication functionality.

App Identity and Access Adapter

Using Istio to secure multi-cloud Kubernetes applications with zero code changes.

Mixer and the SPOF Myth

Improving availability and reducing latency.

Mixer Adapter Model

Provides an overview of Mixer's plug-in architecture.

Control Headers and Routing

Shows how to modify request headers and routing using policy adapters.

Denials and White/Black Listing

Shows how to control access to a service using simple denials or white/black listing.