Istiod logs error about AuthorizationPolicy that works

Hi,
I’ve got the following AuthorizationPolicy:

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: allowed-http-methods
  namespace: istio-system
spec:
  selector:
    matchLabels:
      app: istio-ingressgateway
  action: ALLOW
  rules:
  - to:
    - operation:
        methods: ["GET", "HEAD"]
    - operation:
        methods: ["DELETE", "POST", "PUT"]
        paths: ["/foobar/*"]

When adding the policy to my cluster with kubectl apply, istiod logs the following error:
2020-09-15T13:42:56.326596Z error authorization skipped rule ns[istio-system]-policy[allowed-http-methods]-rule[0]: :method must not be used in TCP

Why does istio assume this is a TCP rule?
The policy is working fine though, so perhaps it is just a wrong error message.

Regards,
Jasper

which version are you using? I think @linggg has a fix for the logging.

Hi Yangmin, here is the issue https://github.com/istio/istio/issues/24701 .

We are using istio 1.7.0