Dedicated VPC

Agent workloads in isolated VPC. No peering to prod. Limited egress via NAT with allowlist.

Advertisement

Kubernetes NetworkPolicy

Deny all by default. Explicit allow: agent → LLM API, agent → sanctioned tools. No pod-to-pod within cluster.

Advertisement

Service mesh

mTLS between all services. Identity per pod. Attribution + revocation on compromise.

Egress gateway

All outbound through single gateway. Logs + inspects. Consistent policy.