Envoy filter - per_filter_config

Hi,

I try to reach via istio version 1.3.3 a situation when my service let’s say XYZ will be ignored by external authorization service configured by envoy filter too (ExtAuthz). I saw API for envoy filters has changed and I should be able to add this property for route (ExtAuthzPerRoute) but probably I did something wrong and it doesn’t work as I expect. In envoy documentation, they present a way how to add this in envoy config Per-Route Configuration. I prepared following yaml to configure this property for my app but I get an error like json: cannot unmarshal string into Go value of type map[string]json.RawMessage. My yaml looks like this:

`apiVersion: networking.istio.io/v1alpha3
kind: EnvoyFilter
metadata:
name: bypass-auth
namespace: default
spec:
configPatches:

  • applyTo: ROUTE_CONFIGURATION # http connection manager is a filter in Envoy
    match:
    context: ANY
    routeConfiguration:
    portNumber: 8080
    name: xyz-app
    vhost:
    name: xyz-svc:8080
    route: “/”
    patch:
    operation: MERGE
    value:
    per_filter_config:
    envoy.ext_authz:
    disabled: true`

What’s more I/m not sure what is correct to use as a type ROUTE_CONFIGURATION or VIRTUAL_HOST as an applyTo type.