-1

Can somebody explain what this policy means, i have been trying for full day but didnt get in the proper way

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
 name: test-dev-only-authorized-api
 namespace: istio-system
spec:
 action: DENY
 rules:
 - from:
   - source:
        notRequestPrincipals: ["*"]
   to:
   - operation:
       paths: ["/message/ping"]

Request to pls mention namespace relevance too. thanks in advance.

Jithin Kumar S
  • 701
  • 2
  • 9
  • 20

1 Answers1

1

It's a deny policy that denies any request from any namespace to any workload in the istio-system namespace that does not have any request principal like jwt token when the path is /message/ping.

Chris
  • 5,109
  • 3
  • 19
  • 40