Hi, there's multiple ways to approach this. Introducing a service mesh when you only need JWT validation might be overkill (as it's an abstraction over kubernetes that needs understanding and maintentance as well). You could still use an API gateway with lambda authorizers in front of your services that run on EKS. But it may also depend on your application technology/framework, e.g. in the Java/Spring eco system JWT validation comes out of the box, so depending on what you're optimizing for it may not be an issue to include it in every micro service.