How to apply this policy


This policy works fine in opa-istio-plugin(GRPC) but when I run this policy in OPA adapter its shows
PERMISSION_DENIED:opa-handler.istio-system:opa: request was rejected

  1. According to policy alice can access /productpage BUT NOT /api/v1/products .

curl --user alice:password -i http://$GATEWAY_URL/productpage
curl --user alice:password -i http://$GATEWAY_URL/api/v1/products

2 bob can access /productpage AND /api/v1/products .

curl --user bob:password -i http://$GATEWAY_URL/productpage
curl --user bob:password -i http://$GATEWAY_URL/api/v1/products
But it shows permission denied on all curl commands.