[SDC] Create Authorization Policies for SDC - Create Authoriation Policies for SDC - Add in initial authorized serviceaccounts for each sub component service Issue-ID: OOM-3127 Change-Id: I6e1ce0173028bf75ae3696b29fae80250731dc94 Signed-off-by: AndrewLamb <andrew.a.lamb@est.tech>

commit: b304a32a48e14ccc3f179e333a124588700bf1a4 [log] [tgz]
author: AndrewLamb <andrew.a.lamb@est.tech> Tue Apr 11 17:05:54 2023 +0100
committer: Andreas Geissler <andreas-geissler@telekom.de> Mon Apr 17 12:43:56 2023 +0000
tree: e82bb7301c43afcb78ad96102b7e9f7b32f8bec7
parent: 85754da94688be3859eabcef0fd6e8c5352f478f [diff] [blame]
diff --git a/kubernetes/sdc/components/sdc-wfd-be/values.yaml b/kubernetes/sdc/components/sdc-wfd-be/values.yaml
index b6735a4..1774e33 100644
--- a/kubernetes/sdc/components/sdc-wfd-be/values.yaml
+++ b/kubernetes/sdc/components/sdc-wfd-be/values.yaml

@@ -116,6 +116,14 @@
   config:
     ssl: "redirect"
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: sdc-wfd-fe-read
+      - serviceAccount: so-sdc-controller-read
+      - serviceAccount: istio-ingress
+        namespace: istio-ingress
+
 # Resource Limit flavor -By Default using small
 # Segregation for Different environment (Small and Large)
 flavor: small
commit	b304a32a48e14ccc3f179e333a124588700bf1a4	[log] [tgz]
author	AndrewLamb <andrew.a.lamb@est.tech>	Tue Apr 11 17:05:54 2023 +0100
committer	Andreas Geissler <andreas-geissler@telekom.de>	Mon Apr 17 12:43:56 2023 +0000
tree	e82bb7301c43afcb78ad96102b7e9f7b32f8bec7
parent	85754da94688be3859eabcef0fd6e8c5352f478f [diff] [blame]