As the software landscape evolves towards open infrastructure and service meshes, traditional access control methods using local libraries like OmniAuth and PassportJS are becoming less practical. This guide introduces a modern approach to access control within Kubernetes clusters using Ambassador API Gateway and Ory Oathkeeper Identity and Access Proxy. By utilizing open standards and replaceable software components, developers can enhance both development speed and application security. The setup involves deploying Ambassador as a Kubernetes-native API Gateway that facilitates traffic routing and supports external authentication services, while Ory Oathkeeper evaluates incoming HTTP requests based on predefined rules to determine access permissions. The guide provides detailed steps for deploying and configuring both Ambassador and Ory Oathkeeper in a Kubernetes environment, including setting up services, creating and applying access rules, and integrating these tools to manage access to services like httpbin. This method allows for a more scalable and language-agnostic architecture, supporting diverse programming languages and distributed services, while paving the way for a comprehensive access control system with the planned introduction of Ory Hydra and Ory Keto in subsequent guides.