Setup for Istio Authorization Policies
General MR
Summary
Set up Istio Authorization Policies
Relevant logs/screenshots
Testing Instructions:
- Deploy bigbang with the following overrides file:
clusterAuditor:
enabled: false
gatekeeper:
enabled: false
istioOperator:
enabled: true
istio:
enabled: true
jaeger:
enabled: false
kiali:
enabled: false
elasticsearchKibana:
enabled: false
eckOperator:
enabled: false
fluentbit:
enabled: false
monitoring:
enabled: true
twistlock:
enabled: false
addons:
sonarqube:
enabled: true
git:
tag: null
branch: "78-implement-istio-authorization-policies"
values:
istio:
enabled: true
hardened:
enabled: true
-
Go to sonarqube.bigbang.dev, and verify sonarqube comes up.
-
Delete the allow-http policy with the following command:
kubectl delete authorizationpolicy allow-http-policy -n sonarqube
- Refresh sonarqube.bigbang.dev, and confirm that app goes down.
Linked Issue
Upgrade Notices
N/A
Edited by Robert Massey