AuthorizationPolicy does not appear to work with gateway HTTPRoute's

depopry · August 13, 2025, 8:20am

Linkerd states that both policy.linkerd.io and gateway.networking.k8s.io HTTPRoutes can be used under the AuthorizationPolicy documentation.

We have a working configuration for policy.linkerd.io`` HTTPRoute, but not gateway, where the AuthorizationPolicy seems to completely ignore them. We’re not seeing any errors, but we’re also not seeing any auth behaviour.

Can anyone clarify if gateway HTTPRoutes are supported for AuthorizationPolicy’s? And if so can they advise how we can debug why they’re not working?

For context, we’re on the latest edge release (at time of writing).

Flynn · August 20, 2025, 5:35pm

httproute.gateway.networking.k8s.io should absolutely work for AuthorizationPolicy, though I think it needs an HTTPRoute that ultimately targets a Server. Can you show a representative Route and AuthorizationPolicy?

Topic		Replies	Views
Deny 1 route in an application with many HTTP endpoints? Linkerd General Discussion configuration	5	620	August 13, 2025
Cluster Egress Traffic Control Linkerd General Discussion	9	1541	December 5, 2024
Envoy httproute conflict with linkerd URLRewrite filter is not supported Linkerd General Discussion	4	17	February 19, 2026
Authorization Policies: Allow specific non-meshed pod access to meshed pod Linkerd General Discussion configuration	3	497	May 4, 2023
HTTPRoute not working on subsequent calls Linkerd General Discussion proxy , configuration	6	1253	September 28, 2023

AuthorizationPolicy does not appear to work with gateway HTTPRoute's

Related topics