The Cilium policy override in the ambient platform prerequisites doc is only intended to be applied IF you already have default-deny policies in place that would necessitate it - otherwise it's pointless.
Update the wording a bit to hopefully make this clearer, and also just turn off default deny for this policy inline, so it doesn't matter either way.
Description
The Cilium policy override in the ambient platform prerequisites doc is only intended to be applied IF you already have default-deny policies in place that would necessitate it - otherwise it's pointless.
Update the wording a bit to hopefully make this clearer, and also just turn off default deny for this policy inline, so it doesn't matter either way.
Slack ref: https://istio.slack.com/archives/C041EQL1XMY/p1727452508062729
Cilium ref: https://docs.cilium.io/en/latest/security/policy/intro/
Reviewers