com/dapr/dapr/pkg/grpc 30 FuzzInvokeService github.com/dapr/dapr/pkg/grpc 31 FuzzBulkPublishEventAlpha1 github.com/dapr/dapr/pkg/grpc 32 FuzzStateEndpoints github.com/dapr/dapr/pkg/grpc 33 FuzzActorEndpoints FuzzActorEndpoints github.com/dapr/dapr/pkg/grpc 34 FuzzGetConfiguration github.com/dapr/dapr/pkg/grpc 35 FuzzDubboSerialization github.com/dapr/components-contrib/bindings/dubbo 36 FuzzAddTopic github.com/d 29: FuzzPublishEvent Tests the PublishEvent() GRPC endpoint with a request body specified by the fuzzer. 30: FuzzInvokeService Tests the InvokeService() GRPC endpoint with a request body specified by the

runs as a separate sidecar process. In both cases, the application and Dapr interact through HTTP or gRPC calls: If the user has multiple applications running with Dapr, each has a sidecar next to it: Dapr microservice-based applications. The user application interacts with these components via HTTP or gRPC API endpoints. Dapr groups components into building blocks; A building block is a high-level category has ten building blocks: # Name Description 1 Service-to-service invocation A series of HTTP or gRPC endpoints for applications to communicate with each other. 2 State management A key/value-based state

blocks Cloud + Edge Sidecar architecture Sidecar architecture Standard APIs accessed over http/gRPC protocols from user service code e.g. http://localhost:3500/v1.0/state/inventory Runs as local “sidecar and subscribe Resource bindings and triggers Actors Distributed tracing Extensible HTTP API gRPC API Application code Dapr self-hosted Sidecar architecture State stores Publish and subscribe Placement Pod C O N T A I N E R Sidecar injector Pod C O N T A I N E R Operator Dapr API HTTP or gRPC Use components C O N T A I N E R Sidecar C O N T A I N E R Application code Service-to- service

language or framework Sidecar Architecture Sidecar architecture Standard APIs accessed over http/gRPC protocols from user service code e.g. http://localhost:3500/v1.0/invoke/myapp/method/neworder Dapr Dapr runs as local “side-car library” dynamically loaded at runtime for each service HTTP/gRPC Application code Distributed tracing State management Publish and subscribe Resource bindings & triggers Publish and subscribe Resource bindings & triggers Actors Distributed tracing Extensible… HTTP/gRPC APIs Any cloud or edge infrastructure Dapr self-hosted State stores Publish and subscribe Resource

Dapr locally, the ID parameter is resolved with MDNS to an IP address that will be interpreted as the gRPC API of a Dapr sidecar. This introduces the risk of an attacker probing the presence of specific services