deploy-templates/templates/authpolicy-esa.yaml (22 lines of code) (raw):
kind: RequestAuthentication
apiVersion: security.istio.io/v1beta1
metadata:
name: request-auth-{{ .Values.name }}
namespace: {{ .Release.Namespace }}
spec:
selector:
matchLabels:
app: {{ .Values.name }}
jwtRules:
- forwardOriginalToken: true
fromHeaders:
- name: X-Access-Token
issuer: {{ template "issuer.admin" . }}
jwksUri: {{ template "jwksUri.admin" . }}
{{- if .Values.keycloak.customHost }}
- forwardOriginalToken: true
fromHeaders:
- name: X-Access-Token
issuer: {{ template "custom-issuer.admin" . }}
jwksUri: {{ template "jwksUri.admin" . }}
{{- end }}