diff --git a/devops/azure/chart/templates/deployment.yaml b/devops/azure/chart/templates/deployment.yaml
index 5a967784516c2f702a62b7d4aa378e7fc3ac5f42..92ec4a61dc309200bd459539d1158d67c429be83 100644
--- a/devops/azure/chart/templates/deployment.yaml
+++ b/devops/azure/chart/templates/deployment.yaml
@@ -48,7 +48,7 @@ spec:
cpu: "300m"
readinessProbe:
httpGet:
- path: /api/legal/v1/actuator/health
+ path: /api/legal/v1/swagger-ui.html
port: 80
volumeMounts:
- name: azure-keyvault
diff --git a/devops/azure/chart/templates/istio-auth-policy.yaml b/devops/azure/chart/templates/istio-auth-policy.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..c74fcb629638cced0b6113d26ab3b58eee8ccc06
--- /dev/null
+++ b/devops/azure/chart/templates/istio-auth-policy.yaml
@@ -0,0 +1,37 @@
+# Copyright © Microsoft Corporation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: security.istio.io/v1beta1
+kind: AuthorizationPolicy
+metadata:
+ name: {{ .Chart.Name }}-jwt-authz
+ namespace: osdu
+spec:
+ selector:
+ matchLabels:
+ app: {{ .Chart.Name }}
+ action: DENY
+ rules:
+ - from:
+ - source:
+ notRequestPrincipals: ["*"]
+ to:
+ - operation:
+ notPaths: ["/","*/index.html",
+ "*/v2/api-docs",
+ "*/configuration/ui","*/configuration/security",
+ "*/swagger","*/swagger-ui.html","*/swagger-resources",
+ "*/actuator/health", "*/_ah/readiness_check", "*/_ah/liveness_check",
+ "/api/{{ .Chart.Name }}/v1/swagger-resources/*",
+ "/api/{{ .Chart.Name }}/v1/webjars/*"]