Enabling requests to Knative services when additional authorization policies are enabled

    You must meet the following prerequisites to use Istio AuthorizationPolicy:

    In addition to allowing your application path, you’ll need to configure Istio AuthorizationPolicy to allow health checking and metrics collection to your applications from system pods. You can allow access from system pods by paths.

    • /metrics

    The /metrics path allows the autoscaler pod to collect metrics. The /healthz path allows system pods to probe the service.

    2. apiVersion: security.istio.io/v1beta1
    3. kind: AuthorizationPolicy
    4. metadata:
    5.   name: allowlist-by-paths
    6.   namespace: serving-tests
    8.   rules:
    9.   - to:
    10.     - operation:
    11.         paths:
    12.         - /metrics   # The path to collect metrics by system pod.