azure-istio-auth-policy.yaml 1.3 KB
Newer Older
Rostislav Vatolin's avatar
Rostislav Vatolin committed
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
#  Copyright © Microsoft Corporation
#
#  Licensed under the Apache License, Version 2.0 (the "License");
#  you may not use this file except in compliance with the License.
#  You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
#  Unless required by applicable law or agreed to in writing, software
#  distributed under the License is distributed on an "AS IS" BASIS,
#  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
#  See the License for the specific language governing permissions and
#  limitations under the License.

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
18
  name: {{ .Chart.Name }}-v2-jwt-authz
Rostislav Vatolin's avatar
Rostislav Vatolin committed
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
  namespace: osdu
spec:
  selector:
    matchLabels:
      app: {{ .Chart.Name }}
  action: DENY
  rules:
    - from:
        - source:
            notRequestPrincipals: [ "*" ]
      to:
        - operation:
            notPaths: ["/","*/index.html",
                       "*/v2/api-docs",
                       "*/swagger","*/swagger-resources","*/swagger-ui.html",
                       "*/actuator/health", "*/health",
                       "*/configuration/ui","*/configuration/security",
36
37
                       "/api/entitlements/v2/swagger-resources/*",
                       "/api/entitlements/v2/webjars/*" ]