[POLICY][COMMON] Create Authorization Policies for Policy Policy- Add initial authorized serviceaccounts for each sub component service Common- Change authorizationpolicy to match on the label app Issue-ID: OOM-3139 Change-Id: I411877b933d6dfcbdee633f1440d16c9658438e5 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>

commit: 7ef78aefe4cf6dba1e14add5602f4df55862c9b4 [log] [tgz]
author: AndrewLamb <andrew.a.lamb@est.tech> Thu Apr 20 16:24:13 2023 +0100
committer: AndrewLamb <andrew.a.lamb@est.tech> Fri Apr 21 14:23:45 2023 +0100
tree: 8a30c680e9e07514eb0662762609b3de6055bad5
parent: 9d4d923694a16dfe53adf262091eba61e4a3cb56 [diff] [blame]
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index 8a638f6..a190fb0 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml

@@ -128,6 +128,12 @@
 ingress:
   enabled: false
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: message-router-read
+      - serviceAccount: portal-app-read
+
 flavor: small
 resources:
   small:
commit	7ef78aefe4cf6dba1e14add5602f4df55862c9b4	[log] [tgz]
author	AndrewLamb <andrew.a.lamb@est.tech>	Thu Apr 20 16:24:13 2023 +0100
committer	AndrewLamb <andrew.a.lamb@est.tech>	Fri Apr 21 14:23:45 2023 +0100
tree	8a30c680e9e07514eb0662762609b3de6055bad5
parent	9d4d923694a16dfe53adf262091eba61e4a3cb56 [diff] [blame]