Changes for data plane AuthN/Z in PaaS (!65) · Merge requests · OSDU Software / OSDU Data Platform / Deployment and Operations / helm-charts-azure · GitLab

Abhishek Patil requested to merge abpatil/oep-august-21 into oep-august-21 Aug 26, 2021

Updated istio rules to allow pod identity tokens.
Updated EnvoyFilters to extract appid from pod identity tokens and populate in x-user-id header.
Onboarded podIdentityAuthEnabled flag. This will enable the use of pod identity for token generation instead of SPN credentials if set to true.
Onboarded oidAuthEnabled flag. This will enable the use of oid for x-user-id header instead of upn and unique_name if set to true.

Edited Sep 01, 2021 by Abhishek Patil