https://f0o.dev/tags/jwt/ Recent content in Jwt on Daniel 'f0o' Preussker Hugo -- gohugo.io en-us Wed, 06 May 2026 15:14:01 +0000 https://f0o.dev/posts/2026/05/zero-trust-in-gke-envoy-opa-and-workload-identity/ Wed, 06 May 2026 15:14:01 +0000 https://f0o.dev/posts/2026/05/zero-trust-in-gke-envoy-opa-and-workload-identity/ <p>I have been thinking a lot about internal traffic lately. We spend weeks locking down our perimeters and adding layers of WAFs. But what happens when a rogue pod inside the cluster decides to reach out to your billing service?</p> <p>Usually it just works. And that terrifies me.</p> <p>We blindly trust local network segments way too much. I wanted to fix this without deploying a massive heavyweight service mesh. I just needed a simple, bulletproof way to authenticate, authorize, and log every single internal request.</p>