I've installed Seldon on a K8s cluster with Istio enabled. I want to use Istio to secure the REST APIs using security protocols from GCP (such as IAP or JWT using a service account). What is the configuration needed to enforce both authentication and authorization for APIs deployed using Seldon Core? Would really appreciate it if there were some examples or boilerplate YAML files I could follow.
You can use IAP on your backend if you have an HTTPS load balancer. So, configure your cluster to use external HTTPS load balancer. Because you use ISTIO, with an TLS terminaison, I recommend to have a look on this part of the documentation.
Then, you can go to the IAP menu and activate it on the backend of your choice.