From db0a80b4adb57fd2ca48a513af630832f48f6159 Mon Sep 17 00:00:00 2001
From: Pindar <131621+Pindar@users.noreply.github.com>
Date: Fri, 2 Aug 2024 08:55:30 +0200
Subject: [PATCH] Update envoy-tutorial-istio.md

Correct typ of port in the MeshConfig for extensionProviders and add section about Meshconfig's service value

Signed-off-by: Pindar <131621+Pindar@users.noreply.github.com>
---
 docs/content/envoy-tutorial-istio.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/docs/content/envoy-tutorial-istio.md b/docs/content/envoy-tutorial-istio.md
index f12c4f87b8..a0d30b73f9 100644
--- a/docs/content/envoy-tutorial-istio.md
+++ b/docs/content/envoy-tutorial-istio.md
@@ -143,12 +143,14 @@ data:
     - name: opa-ext-authz-grpc
       envoyExtAuthzGrpc:
         service: opa-ext-authz-grpc.local
-        port: "9191"
+        port: 9191
 ```
 
 See [the Istio Docs for AuthorizationPolicy](https://istio.io/latest/docs/tasks/security/authorization/authz-custom/#define-the-external-authorizer) for 
 more details.
 
+The format of the service value is [<Namespace>/]<Hostname>. The specification of <Namespace> is required only when it is insufficient to unambiguously resolve a service in the service registry. See also the [configuration documentation](https://istio.io/latest/docs/reference/config/istio.mesh.v1alpha1/#MeshConfig-ExtensionProvider-EnvoyExternalAuthorizationGrpcProvider). Example: “opa-ext-authz-grpc.foo.svc.cluster.local” or “bar/opa-ext-authz-grpc.local”.
+
 ### 3. Enable automatic injection of the Istio Proxy and OPA-Envoy sidecars in the namespace where the app will be deployed, e.g., `default`
 
 ```bash