[SO] Create Authorization Policies for SO

[oom.git] / kubernetes / so / components / so-admin-cockpit / values.yaml

diff --git a/kubernetes/so/components/so-admin-cockpit/values.yaml b/kubernetes/so/components/so-admin-cockpit/values.yaml
index a825e16..de6f031 100644 (file)
--- a/kubernetes/so/components/so-admin-cockpit/values.yaml
+++ b/kubernetes/so/components/so-admin-cockpit/values.yaml
@@ -143,6 +143,13 @@ ingress:
     port: 9091
   config:
     ssl: "none"
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: portal-app-read
+      - serviceAccount: so-read
+      - serviceAccount: istio-ingress
+        namespace: istio-ingress
 nodeSelector: {}
 tolerations: []
 affinity: {}