A flat cluster network is a single compromised pod away from lateral movement across everything. Zero trust means every workload proves who it is and is allowed to talk to exactly what it needs, nothing more.
Start with default-deny
The single highest-leverage change: deny all pod-to-pod traffic in a namespace, then allow the specific paths back.
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata: { name: default-deny, namespace: payments }
spec:
podSelector: {}
policyTypes: [Ingress, Egress]
---
apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata: { name: api-to-db, namespace: payments }
spec:
podSelector: { matchLabels: { app: postgres } }
ingress:
- from: [{ podSelector: { matchLabels: { app: api } } }]
ports: [{ port: 5432 }]Identity, not IP
IPs are recycled and spoofable. Give every workload a cryptographic identity with SPIFFE/SPIRE (or a mesh) and enforce strict mTLS so traffic is authenticated and encrypted by default:
apiVersion: security.istio.io/v1
kind: PeerAuthentication
metadata: { name: default, namespace: payments }
spec:
mtls: { mode: STRICT }
---
apiVersion: security.istio.io/v1
kind: AuthorizationPolicy
metadata: { name: only-api, namespace: payments }
spec:
selector: { matchLabels: { app: postgres } }
action: ALLOW
rules:
- from:
- source:
principals: ["cluster.local/ns/payments/sa/api"]Least-privilege RBAC
The service account a pod runs as becomes an API key for an attacker if it is over-scoped. Grant verbs on named resources, never *:
apiVersion: rbac.authorization.k8s.io/v1
kind: Role
metadata: { name: api-reader, namespace: payments }
rules:
- apiGroups: [""]
resources: ["configmaps"]
resourceNames: ["api-config"]
verbs: ["get", "list"]The checklist
Default-deny NetworkPolicy in every namespace
STRICT mTLS mesh-wide; no plaintext east-west traffic
Workload identity via SPIFFE, authorization by service-account principal
No wildcard RBAC; automount service-account tokens off unless needed
Secrets from an external store (Vault/CSI), never baked into images
Zero trust is not a product you buy. It is the removal of every implicit of-course-they-can-talk-to-each-other.
Assume the perimeter is already breached and design so a single popped pod goes nowhere. Default-deny, verified identity, and least privilege turn lateral movement from trivial into a very bad day for the intruder.



