rvennam · September 11, 2023 15:35
diff --git a/delegated-route-table-jwt-policy.yaml b/delegated-route-table-jwt-policy.yaml
 apiVersion: networking.gloo.solo.io/v2
 kind: RouteTable
 metadata:
  name: ingress
  namespace: ops-team
 spec:
  hosts:
    - '*'
  virtualGateways:
    - name: north-south-gw
      namespace: ops-team
      cluster: mgmt-cluster
  workloadSelectors: []
  http:
    - name: application-ingress
      labels:
        security: "jwt"
      delegate:
        routeTables:
        - namespace: web-team
 ---
 apiVersion: networking.gloo.solo.io/v2
 kind: RouteTable
 metadata:
  name: frontend
  namespace: web-team
  labels:
    route: "frontend"
 spec:
  http:
    - name: frontend
      labels:
        route: "frontend"
      forwardTo:
        destinations:
          - ref:
              name: frontend
              namespace: web-ui
              cluster: cluster1
            port:
              number: 80
 ---
 apiVersion: security.policy.gloo.solo.io/v2
 kind: JWTPolicy
 metadata:
  annotations:
    cluster.solo.io/cluster: ""
  name: jwt-policy
  namespace: ops-team
 spec:
  applyToRoutes:
  - route:
      labels:
        security: "jwt"
  config:
    phase:
      preAuthz: {}
    providers:
      provider1:
        claimsToHeaders:
        - append: true
          claim: org
          header: x-org
        - append: true
          claim: email
          header: x-email
        issuer: https://localhost
        local:
          inline: |-
            -----BEGIN PUBLIC KEY-----
            MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnknfKiIDREaE/vxu8rtz
            oMaPop6rsiX7GANCRcqFks0j96Gb+UssKD8zJs2JBvEe4n0wNKVeLRbOctII+ZEO
            G8b+Dqig/1ubq3xiGbDBbZqHiFKjFQVUnII3Un9VRtDcJdgaaPGHnhlPs79sJNgQ
            e6AWJmfAasdT7i3MVEW7/dXcROiMRGapmxv+nQbKdoeiCJDULRdMSodhg/WJw2sH
            LLVxh4fPSF7cRxj36Y9FKWcGUH+YKe7n4gufAeEsHk+tPBndymYpmcMjb6W9HrJO
            39vvyMTjLAUyElCEfeMqCpFBCElhaGbF8ZncbV6vvDEkOxMX/m1TYhoJr1E2U8y/
            NwIDAQAB
            -----END PUBLIC KEY-----
        tokenSource:                    
          headers:  
          - name: X-Auth
            prefix: 'Bearer '
          queryParams:       
          - auth_token
	apiVersion: networking.gloo.solo.io/v2
	kind: RouteTable
	metadata:
	name: ingress
	namespace: ops-team
	spec:
	hosts:
	- '*'
	virtualGateways:
	- name: north-south-gw
	namespace: ops-team
	cluster: mgmt-cluster
	workloadSelectors: []
	http:
	- name: application-ingress
	labels:
	security: "jwt"
	delegate:
	routeTables:
	- namespace: web-team
	---
	apiVersion: networking.gloo.solo.io/v2
	kind: RouteTable
	metadata:
	name: frontend
	namespace: web-team
	labels:
	route: "frontend"
	spec:
	http:
	- name: frontend
	labels:
	route: "frontend"
	forwardTo:
	destinations:
	- ref:
	name: frontend
	namespace: web-ui
	cluster: cluster1
	port:
	number: 80
	---
	apiVersion: security.policy.gloo.solo.io/v2
	kind: JWTPolicy
	metadata:
	annotations:
	cluster.solo.io/cluster: ""
	name: jwt-policy
	namespace: ops-team
	spec:
	applyToRoutes:
	- route:
	labels:
	security: "jwt"
	config:
	phase:
	preAuthz: {}
	providers:
	provider1:
	claimsToHeaders:
	- append: true
	claim: org
	header: x-org
	- append: true
	claim: email
	header: x-email
	issuer: https://localhost
	local:
	inline: \|-
	-----BEGIN PUBLIC KEY-----
	MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnknfKiIDREaE/vxu8rtz
	oMaPop6rsiX7GANCRcqFks0j96Gb+UssKD8zJs2JBvEe4n0wNKVeLRbOctII+ZEO
	G8b+Dqig/1ubq3xiGbDBbZqHiFKjFQVUnII3Un9VRtDcJdgaaPGHnhlPs79sJNgQ
	e6AWJmfAasdT7i3MVEW7/dXcROiMRGapmxv+nQbKdoeiCJDULRdMSodhg/WJw2sH
	LLVxh4fPSF7cRxj36Y9FKWcGUH+YKe7n4gufAeEsHk+tPBndymYpmcMjb6W9HrJO
	39vvyMTjLAUyElCEfeMqCpFBCElhaGbF8ZncbV6vvDEkOxMX/m1TYhoJr1E2U8y/
	NwIDAQAB
	-----END PUBLIC KEY-----
	tokenSource:
	headers:
	- name: X-Auth
	prefix: 'Bearer '
	queryParams:
	- auth_token