istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/testdata/authz/path-precedence.yaml.tmpl

istio.io/istio@v0.0.0-20240520182934-d79c90f27776/tests/integration/security/testdata/authz/path-precedence.yaml.tmpl (about)

     1  # The following policy denies access to path /allow/admin.
     2  
     3  apiVersion: security.istio.io/v1beta1
     4  kind: AuthorizationPolicy
     5  metadata:
     6    name: policy-{{ .To.ServiceName }}-deny
     7  spec:
     8    selector:
     9      matchLabels:
    10        "app": "{{ .To.ServiceName }}"
    11    action: DENY
    12    rules:
    13      - to:
    14          - operation:
    15              paths: ["/allow/admin"]
    16  ---
    17  # The following policy allows access to path with prefix /allow.
    18  
    19  apiVersion: security.istio.io/v1beta1
    20  kind: AuthorizationPolicy
    21  metadata:
    22    name: policy-{{ .To.ServiceName }}-allow
    23  spec:
    24    selector:
    25      matchLabels:
    26        "app": "{{ .To.ServiceName }}"
    27    action: ALLOW
    28    rules:
    29      - to:
    30          - operation:
    31              paths: ["/allow*"]
    32  ---