Phill Gibson

I'm seeing a need to have authorization policy at the namespace level. More like creating firewall rules of what access is allowed to and endpoint by where it is originating...

Confirmed that Windows Containers does utilize containerD for runtime.

It appears having a cipher suite configuration may not assist with this and a specific Envoy image may need to be used that doesn't container additional cipher suites and only...

Do we want to be tied to OPA for enabling this, or have something more native?

I do feel that utilizing OPA for this feels heavy, especially if Envoy has the APIs ready for this.

I have some more information from customers I believe is related to this issue. We're seeing a growing need for customers to have a need for certificates issued in the...

Ok I'll create an issue outlining the use case.

I've done a demo of this integration and the scenario was an OPA endpoint outside the cluster was providing an extra gate to ensure the traffic policy was in place....

Hey @Parul-mahajan. Have you checked out our [Flagger integration doc](https://release-v1-2.docs.openservicemesh.io/docs/guides/integrations/flagger/). That might be the best starting point.

@steeling is this work related to integration with customer's existing PKI infrastructure to have OSM, or cert-manager, issue and sign certs from the same chain?