SPIRE
SPIRE (SPIFFE Runtime Environment) is the reference implementation of the SPIFFE standard, providing a toolchain for establishing trust between software systems across a wide variety of hosting platforms through automated attestation and workload identity distribution. SPIRE manages a certificate au
5 channels
across 1 AsyncAPI spec
· Provider profile
Channels
-
Streaming channel for receiving JWT trust bundles (JWKS) for all configured trust domains. Used by services that need to validate incoming JWT-SVIDs from workloads in the local or federated trust domaSPIRE Workload API Events
-
Unary-style channel for requesting JWT-SVIDs for a specific audience. The workload requests a JWT for a target service and receives a short-lived token. JWT-SVIDs have a TTL of typically 5 minutes andSPIRE Workload API Events
-
Streaming channel for receiving X.509 trust bundles for all trust domains the workload needs to validate peer identities. Delivers the local trust domain bundle and all federated trust domain bundlesSPIRE Workload API Events
-
Streaming channel through which SPIRE Agent delivers X.509-SVIDs to workloads. After attestation, the agent sends the initial set of X.509-SVIDs the workload is authorized to hold, then proactively reSPIRE Workload API Events
-
Unary channel for delegating JWT-SVID validation to the SPIRE Agent. Services can send incoming JWT-SVIDs to the Agent for validation rather than implementing token validation themselves.SPIRE Workload API Events