I am using the CUSTOM action in authz policy to implement external authorization, as in Better External Authorization.
Specifically, I implemented a grpc
AuthorizationServer, listed it as an extension provider in the mesh, and configured VirtualServices. To verify it does work, I also added some logging. The logging basically prints out the received
The deployment is shown in the picture below. The
AuthorizationServer is provided by the container of service A.
What puzzled me is that, while my
AuthorizationServer does check traffic going to service B, it does not check traffic going to service A.
Can anyone give a hint?