From 7914368111de1d103a66eb588ef82c154e941f7e Mon Sep 17 00:00:00 2001
From: John Lancaster <32917998+jsl12@users.noreply.github.com>
Date: Fri, 2 Jan 2026 23:08:29 -0600
Subject: [PATCH] more rbac

---
 envoy.yaml | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/envoy.yaml b/envoy.yaml
index bb5665f..3374f15 100644
--- a/envoy.yaml
+++ b/envoy.yaml
@@ -64,18 +64,30 @@ static_resources:
               rules:
                 action: ALLOW
                 policies:
-                  "test_policy":
+                  "ubuntu-policy":
                     permissions:
                       - and_rules:
                           rules:
                             - header:
                                 name: ":path"
                                 string_match:
-                                  prefix: "/dev-test"
+                                  prefix: "/john-ubuntu"
                     principals:
                       - authenticated:
                           principal_name:
                             exact: "spiffe://john-stream.com/ubuntu"
+                  "p14-policy":
+                    permissions:
+                      - and_rules:
+                          rules:
+                            - header:
+                                name: ":path"
+                                string_match:
+                                  prefix: "/john-p14s"
+                    principals:
+                      - authenticated:
+                          principal_name:
+                            exact: "spiffe://john-stream.com/john-p14s"
           # --8<-- [end:rbac]
           - name: envoy.filters.http.router
             typed_config: