Istio Authorization stability


I am evaluating istio to use it for my next project. Everything works nicely and i am really happy about it. But there is one thing i would like to ask for more clarification.

As authorization is an alpha feature. And the doc mentions that alpha feature means it can be removed and has no deprecation policy. That makes me a bit uncomfortable to use it in production. So i would like to ask how stable is authorization feature, or the reason why it is still an alpha feature (lack of testing, document, api not stable or performance reason)?


The alpha is mainly about the API interface in my opinion, which means the API could change without backward compatible in next version (We will also do our best to avoid this.)

Recently we’re proposing the Authorization v2 API to the community, see it here:

I would love to hear your comments, especially the concerns and suggestions if you’re planning to use it in production. Thank you.


The alpha/beta/stable features have different definitions which can be found here:

The short version:

The long version: