How to match specific gateway in EnvoyFilter

caffeinism · June 4, 2020, 5:54pm

I want to use external authorizing service when use ingress gateway.

so… I create EnvoyFilter object like this.

kind: EnvoyFilter
metadata:
  name: authz
  namespace: istio-system
spec:
  workloadSelector:
    labels:
      istio: ingressgateway
  configPatches:
  - applyTo: HTTP_FILTER
    match:
      context: GATEWAY
    patch:
      value:
        name: envoy.ext_authz
...

My question is, I have various service in my cluster. For example, foo, bar, baz, qux… and so on.

I want to use external authorize in service ‘foo’. But that EnvoyFilter match every gateway in my cluster.

So, how can I match ‘specific’ gateway what I want to patch?

Topic		Replies	Views
Need help wrapping my head around EnvoyFilter.RouteConfigurationMatch for ExtAuthz based on route Networking	2	624	October 17, 2022
Envoy filter not working on specific gateway	1	1458	March 5, 2023
Cannot apply filter to egress gateway Networking	2	755	November 19, 2020
Apply EnvoyFilter to traffic through a specific Gateway	0	1392	November 18, 2020
EnvoyFilter Configuration Config	2	1010	February 12, 2021

How to match specific gateway in EnvoyFilter

Related Topics