Search

SPIFFE and SPIRE Projects

Inspired by production infrastructure at Facebook, Google, Netflix, and more, SPIFFE is a set of open-source standards for securely authenticating software services in dynamic and heterogeneous infrastructures through platform-agnostic, cryptographic identities. SPIRE is an open-source system that implements the SPIFFE specification in a wide variety of environments.

Together, the projects deliver a foundational capability, service identity, for cloud- and container-deployed microservices. They enable organizations to deploy consistent, fine-grained cross-service authentication via a “dial-tone” API across heterogeneous environments.

These projects recently moved into the CNCF incubator and have received contributions from Bloomberg, Google, Pinterest, Square, Uber, and others. SPIFFE and SPIRE have grown to become a foundational layer within the cloud native ecosystem. These projects integrate with multiple cloud native technologies and projects, such as Istio, Envoy, gPRC, and OPA (Open Policy Agent).

Introduction to SPIFFE and SPIRE

GitHub repositories

  • spiffe: This repository includes the SPIFFE ID, SVID and Workload API specifications, example code, and tests, as well as project governance, policies, and processes.
  • spire: This is a reference implementation of SPIFFE and the SPIFFE Workload API that can be run on and across varying hosting environments.
  • go-spiffe: Golang client libraries.
  • java-spiffe: Java client libraries
  • py-spiffe: Python client libraries
  • c-spiffe: C client libraries

Documentation and tutorials

Tutorial on how to configure the Envoy proxy with SPIFFE and SPIRE

Tutorial on how to configure Istio with SPIRE

Download the eBook: Solving the Bottom Turtle

SPIFFE/SPIRE on Katacoda

Workshops-on-Demand

Take advantage of our free, Jupyter-Notebook based Workshops-on-Demand available in the Hack Shack. These technical workshops provide you with an in-depth, hands-on learning experience where you can interact with and learn from the experts. Designed to fit your schedule, these workshops are available 24/7 – any time, from anywhere. SPIFFE and SPIRE workshops are available today.

Any questions on SPIFFE?

Join the SPIFFE Slack Workspace and start a discussion.

Related Blogs

Dale Rensing

Service Mesh Security Hardening – using SPIRE with Istio

Jun 27, 2022
Dale Rensing

SPIRE Maintainer, Agustín Martínez Fayó, Reveals His Passion for Information Security

Mar 2, 2021
Prashant Sachdeva

HPE achieves gold for large-scale enterprise Kubernetes deployments

Jun 17, 2020
Umair Khan

Top 13 Capabilities Within SPIFFE and SPIRE Released In 2019

Apr 21, 2020

HPE Developer Newsletter

Stay in the loop.

Sign up for the HPE Developer Newsletter or visit the Newsletter Archive to see past content.

By clicking on “Subscribe Now”, I agree to HPE sending me personalized email communication about HPE and select HPE-Partner products, services, offers and events. I understand that my email address will be used in accordance with HPE Privacy Statement. You may unsubscribe from receiving HPE and HPE-Partner news and offers at any time by clicking on the Unsubscribe button at the bottom of the newsletter.

For more information on how HPE manages, uses, and protects your personal data please refer to HPE Privacy Statement.