CPC H04L 63/0876 (2013.01) [H04L 63/0236 (2013.01); H04L 63/20 (2013.01); H04L 67/561 (2022.05)] | 17 Claims |
1. A method for providing access to a cloud service, comprising:
receiving, by a request forwarder hosted on a compute instance of the cloud service, a request for access to the cloud service including a container credential, the request received from a container hosted on the compute instance;
determining, by the request forwarder, an identification of the container using the container credential;
verifying, by the request forwarder, that the container requesting access to the cloud service is authorized based at least in part on one or more stored policies; and
based at least in part on a determination that the container requesting access to the cloud service is authorized:
requesting, by the request forwarder from a metadata service hosted on the compute instance, an instance credential for the compute instance;
receiving the instance credential for the compute instance from the metadata service hosted on the compute instance;
including the instance credential to the request; and
sending the request with the instance credential to the cloud service.
|