← Back to microservices patterns mapsecurity
🚫
Microservices Pattern
Zero Trust Architecture
Authenticate and authorize every request, even inside the private network.
Detailed Description
Zero trust treats network location as insufficient proof of safety.
Every service call should carry identity and be checked against policy.
Visual Diagram
Old: internal = trusted Zero trust: verify every request identity + policy + audit
Tradeoffs
Pros
Reduces blast radius and implicit trust
Cons
Requires identity, policy, and tooling maturity
Examples: BeyondCorp, SPIFFE/SPIRE, Istio AuthorizationPolicy