I’m trying to define authorization policies, but don’t work as expected. I have 4 services called dummy-service1,2,3,4 and want to limit the connection between them.
What I want to do: dummy-service1 should accept requests only from dummy-service2 and dummy-service4, I have created the below authorization policies but not working I get access denied.
apiVersion: security.istio.io/v1beta1 kind: AuthorizationPolicy metadata: name: service1-deny-post-policy namespace: default spec: selector: matchLabels: run: dummy-service1 action: ALLOW rules: - from: - source: principals: [ "dummy-service4.default.svc.cluster.local", "dummy-service2.default.svc.cluster.local" ]
Do you have any idea why is not working in this way?