istiod values.yaml

networkPolicies.enabled

Type: bool

Default value

false

Description: Enable or disable the bundled network policies

networkPolicies.controlPlaneCIDRs

Type: list

Default value

[]

Description: Configure which CIDRs istiod will be allowed to connect to when accessing the kube-apiserver; if none are specified, the chart will look up the default kubernetes EndpointSlice and use the addresses found there

networkPolicies.additionalPolicies

Type: list

Default value

[]

Description: A list of additional network policies to create in the release namespace

additionalEnvoyFilters

Type: list

Default value

[]

Description: A list of additional EnvoyFilters to create in the release namespace

monitoring.enabled

Type: bool

Default value

true

Description: Enable or disable the bundled monitoring components and network policies

authservice.enabled

Type: bool

Default value

false

mtls.mode

Type: string

Default value

"STRICT"

Description: Set the mTLS mode for the istio-system namespace

defaultSecurityHeaders.enabled

Type: bool

Default value

true

Description: Enable or disable the default security headers

hardened.enabled

Type: bool

Default value

false

Description: Enable or disable the hardened Istio configuration

hardened.customAuthorizationPolicies

Type: list

Default value

[]