Regex path support for istio external authorization

I am looking for some support to add regex in the istio authorization policy. currently an istio authorization policy has created by using external authorization using oauth2-proxy. This policy has an action field of custom and it would delegate the access control to an external provider using oauth2-proxy.

I have bunch of path to check the api health status and I would like to exclude all the path. I know we can exclude the path using the spec notPaths , but I have lot of paths to exclude and I don’t want to add like that.

regex i want to add is ^/\w*/ok$

apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
 name: authorization-policy
 namespace: istio-system
spec:
 selector:
   matchLabels:
     app: istio-ingressgateway
 action: ALLOW
 action: CUSTOM
 provider:
   name: "oauth2-proxy"
 rules:
 - to:
   - operation:
       hosts:
        -  "test.example.com"
       notPaths:
        - "/v1/auth"
        - "/v1/ext"   

@shankgan Would you mind take a took.

we don’t support regex matching in authz policies yet though you can use wildcard matching if that fits your usecase