This book just released (hosted by Hewlett Packard, includes folks from Netflix, VMWare etc):
This book presents the SPIFFE standard for service identity, and SPIRE, the reference implementation for SPIFFE. These projects provide a uniform identity control plane across modern, heterogeneous infrastructure. Both projects are open source and are part of the Cloud Native Computing Foundation.
As organizations grow their application architectures to make the most of new infrastructure technologies, their security models must also evolve. Software has grown from one monolith on one box, to dozens or hundreds of tightly linked microservices that may be spread across thousands of virtual machines in public clouds or private data centers. In this new infrastructure world, SPIFFE and SPIRE help keep systems secure.
This book strives to distill the experience from the foremost security experts and SPIFFE community members to provide a deep understanding of the identity problem and how to solve it. With these projects, developers and operators can build software using new infrastructure technologies while allowing security teams to step back from expensive and time-consuming manual security processes.
Available under a creative commons license.