Deploy the SPIRE server with a trust domain name (e.g., example.org), configure a datastore (SQLite for testing, PostgreSQL for production), and generate the server CA or configure an upstream CA
Deploy a SPIRE agent on each node, configuring it to join the server using a join token or node attestor (e.g., aws_iid for EC2, k8s_sat for Kubernetes); the agent presents node identity to receive a certificate
Register workload entries on the SPIRE server mapping a SPIFFE ID (e.g., spiffe://example.org/service/frontend) to selectors that identify the workload process (e.g., Kubernetes namespace, service account, or UNIX UID)
The SPIRE agent continuously attests running workloads by comparing their process attributes against registered selectors and delivers SVIDs via the Workload API socket
Verify workload identity by using the SPIRE CLI (spire-agent api fetch x509) on the node to confirm the expected SVID is delivered
Configure SPIRE bundle federation if workloads in different trust domains need to authenticate each other; exchange bundle endpoints between server deployments
Known gotchas
Node attestors are critical to the security of SPIRE; a compromised node attestor can allow a malicious workload to obtain any SVID associated with that node — choose attestors appropriate for your threat model
Workload selectors must be specific enough to uniquely identify the intended workload; overly broad selectors (e.g., matching all pods in a namespace) can allow unintended workloads to receive a privileged SPIFFE ID
SPIRE server is a critical PKI component; it should be deployed with high availability, persistent storage, and its own backup and recovery procedures
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp