I am using Istio’s AuthorizationPolicy API to implement access control for services running inside a kubernetes cluster. This works fine.
I have ran into use cases where I need to restrict/allow access to services based on “fields in the request body” of the HTTP request. The API doesn’t supports defining such a policy. See below:-
Can someone help me how I can achieve defining an authorization policy based on fields in request body? Any help is much appreciated.