RFE: Vet for verifying JWT policy is applied for service with HTTP port names

aspenmesh / istio-vet

Utility for validating Istio configuration in kubernetes cluster

Apache License 2.0

135 stars 35 forks source link

RFE: Vet for verifying JWT policy is applied for service with HTTP port names #62

Closed nrjpoddar closed 5 years ago

nrjpoddar commented 5 years ago

Istio's JWT are configured via Authentication Policies and they target a service by name. If the service doesn't have ports that have names prefixed with http or http-, the JWT policy will be silently ignored.

This vet should generate errors when JWT policies are defined for services which don't have the relevant port prefixed. names.

gramidt commented 5 years ago

@nrjpoddar - I'll work on implementing this.