Term · 32. Workload Identity & Cloud-native
SPIRE (SPIFFE Runtime Environment) SPIRE
Definition
SPIFFE Runtime Environment — open-source reference implementation of SPIFFE. Provides workload attestation (verify workload identity at runtime), SVID issuance (X.509 certs or JWTs), trust domain management. CNCF graduated project. Deployed at scale by major enterprises (Bloomberg, Pinterest, Square, ByteDance).
- Synonyms
-
- SPIRE platform
- Application
- Regulatory: CNCF — SPIFFE / SPIRE specs
- Standards & regulations
-
- CNCF
- Sources
-
- SPIRE — SPIFFE Runtime Environment primary source
Related terms
-
SPIFFE (Secure Production Identity Framework For Everyone) (SPIFFE)
Secure Production Identity Framework For Everyone — CNCF standard for cryptographic workload identity. Defines SPIFFE ID …
-
Cluster Identity
Identity assigned to a Kubernetes cluster or cluster-level service — used for authentication to external services (cloud …
-
Ephemeral Credentials
Credentials with very short lifetime (minutes) issued just-in-time and revoked after use. Replaces long-lived secrets in …
-
OIDC for Cloud (Workload OIDC)
Pattern using OIDC tokens issued by cloud platforms (AWS IRSA, Azure Workload Identity, GCP Workload Identity Federation …
-
Service Account (SA)
Non-human account used by applications, services, or scheduled tasks to authenticate to other systems. Common categories …
-
Service Mesh Identity
Identity model for microservices within service mesh — each service has cryptographic identity (SPIFFE ID, X.509 cert) a …