I am trying to attach multiple Authentication Policies for the same workload target, each one with different trigger rule so each policy will apply to a different endpoint. When I do this neither policy is applied. Is that a expected behaviour?
Policy 1:
apiVersion: "authentication.istio.io/v1alpha1"
kind: "Policy"
metadata:
name: auth-policy1
namespace: foo
spec:
targets:
- name: httpbin
origins:
- jwt:
issuer: https://my.url.com
jwksUri: https://my.url.com/.well-known/openid-configuration/jwks
trigger_rules:
- included_paths:
- prefix: /v1/endpoint1
peers:
- mtls: {}
principalBinding: USE_ORIGIN
Policy 2:
apiVersion: "authentication.istio.io/v1alpha1"
kind: "Policy"
metadata:
name: auth-policy2
namespace: foo
spec:
targets:
- name: httpbin
origins:
- jwt:
issuer: https://my.url.com
jwksUri: https://my.url.com/.well-known/openid-configuration/jwks
trigger_rules:
- included_paths:
- prefix: /v1/endpoint2
peers:
- mtls: {}
principalBinding: USE_ORIGIN