Yes, it still requires Local. The only work-around without it is to use some header like x-forwarded-for at the cloud ingress, and then writing a policy about that header.
Yes, it still requires Local. The only work-around without it is to use some header like x-forwarded-for at the cloud ingress, and then writing a policy about that header.