X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=service-exposure%2Ftemplates%2FRequestAuthentication-template.txt;fp=service-exposure%2Ftemplates%2FRequestAuthentication-template.txt;h=5fbdbbbc33fdc02c6d0d06f673cf8520649b5d30;hb=2513eea5c9c4a1685ab6cbf0c2727d21399de5c7;hp=0000000000000000000000000000000000000000;hpb=f84f8e33ada82e3f9ea9cfbfe0dbc7f80e9986ea;p=nonrtric.git

diff --git a/service-exposure/templates/RequestAuthentication-template.txt b/service-exposure/templates/RequestAuthentication-template.txt
new file mode 100644
index 00000000..5fbdbbbc
--- /dev/null
+++ b/service-exposure/templates/RequestAuthentication-template.txt
@@ -0,0 +1,31 @@
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2022 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+apiVersion: security.istio.io/v1beta1
+kind: RequestAuthentication
+metadata:
+  name: "jwt-{{.Name}}"
+  namespace: {{.Namespace}}
+spec:
+  selector:
+    matchLabels:
+      app.kubernetes.io/instance: {{.Name}}
+  jwtRules:
+  - issuer: "http://istio-ingressgateway.istio-system:80/auth/realms/{{.Realm}}"
+    jwksUri: "http://keycloak.default:8080/auth/realms/{{.Realm}}/protocol/openid-connect/certs"