Istio recommends using a "deny by default" approach to AuthorizationPolicies through policies like allow-nothing. The logic is that it is safest to restrict everything and then explicitly allow the traffic you want. I'm having trouble implementing this same approach with ambient mode. With sidecar-enforced policies this felt straightforward, since L4 and L7 policy decisions were made by the same entity and defined by the same AuthorizationPolicy. For ambient, however, we have two enforcement points: ztunnel (L4) and the waypoint (L7).

What are the recommendations for this approach in ambient?

For example, a typical allow-nothing policy that we'd use from sidecar configurations:

apiVersion: security.istio.io/v1
kind: AuthorizationPolicy
metadata:
  name: allow-nothing
spec:
  action: ALLOW
  # the rules field is not specified, and the policy will never match.

will block all traffic as an L4 policy, including waypoint->destination traffic, which means if I have:

• a waypoint servicing target
• the above allow-nothing policy
• an allow-source-to-target L7 policy

The traffic is still rejected because waypoint->target is not allowed. I can address that case by:

1. creating an L4 policy allowing waypoint->target
2. creating an L4 policy allowing waypoint->any service it is working for
3. enabling PILOT_AUTO_ALLOW_WAYPOINT_POLICY=true, which effectively creates (2) automatically

(1) works but feels tedious (doubles the number of AuthorizationPolicies)

(2) and (3) allow source->target traffic, but because all traffic goes through the waypoint now they also allow source->target2 if target2 uses the same waypoint and target2 doesn't already have an existing L7 AuthorizationPolicy.

I think I could create a policy for each waypoint that is an L7 allow-nothing, which brings things back to always requiring an allow even in cases (2) and (3), but I don't see a way without an extra policy per waypoint. And I don't see a way of doing this without creating policies specific to each waypoint. The beauty of the allow-nothing policy above is that it can be global