I am trying to work out what the most suitable way of identifying if a request came from a specific internal service, or from the outside world (or indeed a different service).
I can write application level code to manage this of course, but was wondering what the simplest solution using Istio would be. The goal is to avoid writing extra layers of code if they're not necessary.
I have JWT on the perimeter for most endpoints, but there are some open (eg. auth).
Thanks!
For this specific scenario, I assumed that you are using http, so you can use Envoy and two http headers to determine the traffic source from internal or external.
Option 1: With x-envoy-internal you will be able to determine whether a request is internal origin or not.
Option 2: You can also check x-forwarded-for which indicates the IP addresses that a request has generated.
I hope this helps.