Guides
Secure RPC

Secure RPC

AZTP provides secure RPC (Remote Procedure Call) capabilities for authenticated agent-to-agent communication.

Understanding Secure RPC

In AZTP, secure RPC:

  • Authenticates both caller and target agents
  • Verifies trust domain relationships
  • Enforces policy checks
  • Provides audit trails

RPC Flow

When an agent makes a secure call:

  1. Caller's identity is verified
  2. Target's identity is verified
  3. Policy is checked
  4. Call is executed
  5. Events are logged

Best Practices

  1. Target Identification

    • Use consistent target IDs
    • Include environment in ID
    • Follow SPIFFE ID patterns

  2. Action Naming

    • Use descriptive action names
    • Follow a consistent pattern
    • Match policy rules

  3. Error Handling

    • Handle authentication failures
    • Handle policy denials
    • Handle network issues

Common Patterns

Basic RPC Call

// Make a secure call to another agent
const result = await securedAgent.secureCall(
  'finance-agent',    // Target agent ID
  'calculate-tax',    // Action to perform
  { amount: 1000 }    // Payload data
);

Environment-Aware Calls

// Development setup
const devResult = await securedAgent.secureCall(
  'dev/finance-agent',
  'calculate-tax',
  { amount: 1000 }
);

Error Handling Pattern

try {
  const result = await securedAgent.secureCall(
    'finance-agent',
    'calculate-tax',
    { amount: 1000 }
  );
} catch (error) {
  if (error.code === 'IDENTITY_ERROR') {
    // Handle identity verification failure
  } else if (error.code === 'POLICY_DENIED') {
    // Handle policy denial
  } else {
    // Handle other errors
  }
}
Policy EnforcementSecurity Monitoring