tests/integration/security/testdata/requestauthn/global-jwt.yaml.tmpl - dubbo-go-pixiu - Git at Google

 apiVersion: security.istio.io/v1beta1
 kind: RequestAuthentication
 metadata:
   name: "default"
   namespace: "{{ .RootNamespace }}"
 spec:
   jwtRules:
   - issuer: "test-issuer-1@istio.io"
     jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
   - issuer: "test-issuer-2@istio.io"
     jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
 ---
 apiVersion: security.istio.io/v1beta1
 kind: AuthorizationPolicy
 metadata:
   name: authz-ingress
   namespace: "{{ .RootNamespace }}"
 spec:
   selector:
     matchLabels:
       istio: ingressgateway
   rules:
   - to:
     - operation:
         hosts: ["example.com"]
     from:
     - source:
         requestPrincipals: ["test-issuer-1@istio.io/sub-1"]
   - to:
     - operation:
         hosts: ["any-request-principlal-ok.com"]
     from:
     - source:
         requestPrincipals: ["*"]
   - to:
     - operation:
         paths: ["/healthz"]
	apiVersion: security.istio.io/v1beta1
	kind: RequestAuthentication
	metadata:
	name: "default"
	namespace: "{{ .RootNamespace }}"
	spec:
	jwtRules:
	- issuer: "test-issuer-1@istio.io"
	jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
	- issuer: "test-issuer-2@istio.io"
	jwksUri: "https://raw.githubusercontent.com/istio/istio/master/tests/common/jwt/jwks.json"
	---
	apiVersion: security.istio.io/v1beta1
	kind: AuthorizationPolicy
	metadata:
	name: authz-ingress
	namespace: "{{ .RootNamespace }}"
	spec:
	selector:
	matchLabels:
	istio: ingressgateway
	rules:
	- to:
	- operation:
	hosts: ["example.com"]
	from:
	- source:
	requestPrincipals: ["test-issuer-1@istio.io/sub-1"]
	- to:
	- operation:
	hosts: ["any-request-principlal-ok.com"]
	from:
	- source:
	requestPrincipals: ["*"]
	- to:
	- operation:
	paths: ["/healthz"]