Spiffe and Spire is an open-source universal identity control plane for distributed systems. It allows users to secure microservices communication automatically with Envoy, X.509, or JWT. 

Spiffe is a Secure Production Identity Framework For Everyone which works to offer a secure identity to every workload in a modern production environment. It also removes the need for application-level authentication as well as complicated network-level ACL configuration.

Spire is a Spiffe Runtime Environment and an extensible system that implements the principles in the Spiffe standards. It manages platform and workload attestation, offers an API for controlling attestation policies, and coordinates issuance and rotation.

This open-source offering enables organizations to authenticate securely to common databases or platforms without the need for passwords or API keys.  

After its entrance into the Cloud Native Computing Foundation (CNCF) Sandbox in 2018 and its move into the CNCF Incubator in 2020, Spiffe and Spire is now a graduated project. 

RELATED: SPIFFE and SPIRE projects graduate from CNCF Incubator

Lastly, with Spiffe and Spire, the building, bridging, and extending of service mesh across organizations can be done without sharing keys. 

For more information, visit the website