SA-301f · Module 1
Service Mesh Security
3 min read
Zero-trust networking assumes that no network communication is inherently safe — even within the cluster. The service mesh implements zero trust through mutual TLS (mTLS) between every service pair, authorization policies that control which services can communicate, and certificate rotation that happens automatically without application changes. This security model is stronger than perimeter-based security because a compromised service cannot communicate with unauthorized services even if it is inside the network.
Do This
- Enable mTLS mesh-wide — every service-to-service call is encrypted and mutually authenticated
- Define authorization policies that explicitly allow communication paths — deny by default, allow by policy
- Automate certificate rotation with short-lived certificates — 24-hour certificates that rotate automatically eliminate the expired-certificate incident
Avoid This
- Rely on network segmentation alone for inter-service security — a compromised pod in the network has access to everything on the network
- Allow all-to-all communication and plan to restrict later — the mesh provides default-deny; use it from the start
- Manage certificates manually — manual certificate management at microservices scale is a full-time job that will eventually miss a renewal