Give every service a strong X.509 identity and control who can do what — zero-trust, fine-grained, at scale — with Athenz.

Welcome to Athenz: Service Identity and Access Control.

A practical, in-depth guide to Athenz, the open-source platform for service authentication and fine-grained, role-based access control. Learn how Athenz secures dynamic infrastructure with identity instead of network location: the ZMS and ZTS architecture, domains, roles and policies (RBAC), X.509 service identity and certificate bootstrapping, mutual TLS and tokens, authorization and least privilege, Kubernetes and multi-cloud integration, and operating Athenz as critical zero-trust security infrastructure.

This title is part of the ShriIra library and is free to read in full, right here — our small contribution to making world-class knowledge easy to reach.

A note on reading it: open the Contents menu at the top of the reader to jump between chapters, use the Aa menu to set a comfortable text size, theme (light, sepia, or night), and single- or two-page layout. Your place is saved automatically, so you can always pick up where you left off.

We hope it serves you well.

— Shriira Press

Contents

1. Chapter 1 — What Athenz Is
2. Chapter 2 — Identity and Access in Dynamic Infrastructure
3. Chapter 3 — Architecture
4. Chapter 4 — Domains, Roles, and Policies
5. Chapter 5 — Service Identity and X.509 Certificates
6. Chapter 6 — Authentication — Mutual TLS and Tokens
7. Chapter 7 — Authorization — Access Decisions
8. Chapter 8 — Athenz in Kubernetes and the Cloud
9. Chapter 9 — Operations and Observability
10. Chapter 10 — Athenz in Practice