01
Require Strict mTLS Across a Namespace
The canonical PeerAuthentication: require mutual TLS for every workload in a namespace. With no selector, the policy is the namespace default, so all in-mesh traffic to those workloads must arrive...
Loading...
Ready-to-deploy configuration presets for Peer Authentication. Each preset is a complete manifest you can copy, customize, and deploy.
2 presetsThe canonical PeerAuthentication: require mutual TLS for every workload in a namespace. With no selector, the policy is the namespace default, so all in-mesh traffic to those workloads must arrive...
Require mTLS for a single selected workload, while exempting one port that must stay plaintext -- for example a health-check, metrics-scrape, or legacy port that a non-mesh client probes directly.