Whenever I deal with istio service mesh, I used to come accross this particular word/term "Mutating webhooks"
At first, I assumed they were just another Kubernetes feature. But when i dig more I got to know that they're actually solving a very pract...
One of the most common mistakes I see in Kubernetes environments is this:
A pod needs access to AWS services, so teams simply attach permissions to the EC2 worker node and call it a day.
It works.
Until one compromised pod suddenly has access to e...