oc get cm -n istio-system istio -o jsonpath='{.data.mesh}' | grep disablePolicyChecksThe update and release of Maistra 0.9 introduced a significant change in behaviour related to policy enforcement via Mixer. In older versions of the product, Mixer’s policy enforcement was enabled by default. However, from release 0.9 onward, the policy enforcement is now disabled.
To see whether policy checks are disabled, execute:
oc get cm -n istio-system istio -o jsonpath='{.data.mesh}' | grep disablePolicyChecksIf you see disablePolicyChecks: true, policy checks have been disabled.
Edit the Istio ConfigMap
oc edit cm -n istio-system istioLocate disablePolicyChecks: true within the ConfigMap and change the value to false
Exit the editor to save the configuration
Check the policy enforcement status again and ensure it is now set to false
oc get cm -n istio-system istio -o jsonpath='{.data.mesh}' | grep disablePolicyChecks