►
Description
Learn more: https://bit.ly/37iaJjM
A
Let's
say
I'm
on
a
development
team
and
I'm
using
the
kong
api
gateway
to
deploy
common
logic
for
my
micro
services.
Well,
I
have
to
be
able
to
integrate
and
deliver
kong
as
part
of
the
pipeline
used
to
deploy
my
application
and
for
security
reasons.
I
want
to
make
sure
that
I'm
enforcing
governance
around
the
api
management
using
role-based
access
control,
the
kong
admin
api
combined
with
role-based
access
control,
empowers
your
pizza
teams
to
work
autonomously,
so
they
can
deliver
their
services
without
you
having
to
give
them
too
much
access.
A
Let's
take
a
look
at
how
this
works
you're
going
to
see
that
I've
enabled
role-based
access
control,
so
my
administrator
only
has
access
to
his
specific
project.
Workspace
then
you're
going
to
see
me
programmatically,
add
kong
objects
to
add
services,
routes
and
plug-ins,
because
I
need
those
for
my
services.
A
Go
into
my
con
manager
notice.
I
have
three
workspaces
here:
one
for
default
workspace,
one
for
product
x
and
one
for
product
y.
Now,
let's
say
I'm
an
administrator
that
works
on
product
x,
so
I
don't
really
need
to
see
all
of
these
workspaces
and
I
shouldn't
be
able
to
create
objects
in
these
workspaces.
A
Well,
let
me
switch
screens
here
and
show
you
what
the
login
looks
like
when
role-based
access
control
controls
enabled
right
here,
I'm
logged
in
as
manny,
and
I
can
only
see
my
product
x
workspace.
So
when
I
view
that
workspace,
I
can
now
see
all
the
kong
objects,
but
only
specific
to
the
workspace
I'm
supposed
to
have
access
to
now.
Let's
say
I'm
deploying
a
you
know:
service,
I'm
building
a
new
microservice
and
I
want
kong
to
apply
policy.
A
Well,
I'm
going
to
programmatically
tell
kong
how
to
do
this,
because
I
don't
necessarily
I
want
to
you
know:
do
it
as
part
of
my
automation,
scripting,
let's
see
a
script!
That
actually
does
this.
If
I
open
up
my
code,
editor
you'll
see
that
I
actually
have
a
script
here.
That's
going
to
call
the
kong
admin
port
and
it's
going
to
authenticate
with
the
admin
token,
which
tells
kong
who
the
user
is,
and
it
tells
kong
exactly
what
role
based
access
control
they
have
access
to.
A
So
with
this
script,
I'm
going
to
create
a
workspace
clients,
services
and
plugins
so
that
I
don't
have
to
build
it
into
my
service
code.
Let's
go
ahead
and
see
what
this
looks
like
when
I
run
it,
I'm
going
to
go
ahead
and
call
this
script,
and
then
I'm
going
to
go
ahead
and
go
back
into
kong.
As
my
administrator
and
just
refresh
the
screen
and
what
you
should
see
is
now
I
have
created
an
order
service.
I've
created
a
couple:
consumers.
I've
applied
some
policy.
I've
exposed
this
service
via
orders
route.
A
So
what
did
I
just
show
you
well
as
a
developer,
I'm
now
able
to
configure
kong
to
route
and
apply
common
logic.
I
can
configure
programmatically
as
part
of
my
build
process
and
as
the
person
that's
responsible
for
api
governance,
I
can
make
sure
that
my
developer,
that's
creating
these
scripts
only
has
access
to
the
environment
and
workspace
that
they
need
permissions
to
work
on.
A
A
Well,
com
makes
it
very
easy
for
your
developers
to
automate
the
delivery
of
kong.
Alongside
your
application
code
using
declarative
configuration
as
well
as
an
ingress
controller
for
kubernetes
environments,
I
can
configure
an
entire
com
cluster,
a
specific
workspace.
I
can
make
incremental
changes
and
I
can
use
drift
detection
to
make
sure
my
con
configuration
does
not
drift
from
my
git
source
of
truth.
A
A
First
of
all,
you
saw
my
workspace
here,
and
you
saw
that
in
my
workspace
I
only
have
access
to
productx
and
I
have
services,
consumers
and
plugins
created.
Well,
let's
say
I
now
want
to
deploy
an
environment
into
this
environment.
I
want
to
deliver
that
because
it's
already
been
tested
and
it's
ready
to
move
into
qa.
Well,
if
I
go
back
into
vs
code,
you
can
see
a
declarative
configuration
of
an
entire
kong
cluster,
so
this
is
for
the
workspace
product
x.
I
can
manage
it
with
tags
and
I
can
create
services.
A
A
To
do
that,
I
can
simply
call
the
deck
sync
command.
I
have
an
alias
that's
going
to
do
it
for
me
and
what
you'll
see
it
do
is
it's
going
to
create
22
different
kong
objects?
So
now,
if
I
go
back
into
kong
into
my
con
manager-
and
I
refresh
you'll-
see
that
a
number
of
new
services
will
be
created,
so
you
can
see
the
three
services
that
were
in
development
before
are
now
in
my
qa
environment.
A
A
So
what
have
I
just
shown
you?
Well,
you
saw
how
you
can
use
the
admin
api
to
empower
your
teams,
but
what
we
just
went
through
was
similar
to
the
kong
admin
api.
I
can
actually
enable
automated
delivery
of
configuration
as
code.
So
now
I
can
put
an
entire
configuration
for
kong
or
kong
workspace
in
a
file
and
use
a
source
of
truth
like
github
to
manage
the
delivery
so
whether
you're
using
the
admin,
api
or
dec
or
kubernetes,
manifest
to
configure
kong.
A
The
benefit
here
is
that
automation
is
going
to
reduce
the
manual
processes
and
human
mistakes,
and
it's
going
to
give
you
a
reliable,
secure
and
predictable
release
cycle.
Many
customers
use
kong
to
automate
the
delivery
of
routing
and
supporting
logic
to
their
microservices,
so
they
can
get
new
features
out
faster,
using
agile
development
methodologies.