zDump := c.ztunnelDump
	policies := slices.Filter(zDump.Policies, filter.Verify)
	slices.SortFunc(policies, func(a, b *ZtunnelPolicy) int {
		if r := cmp.Compare(a.Namespace, b.Namespace); r != 0 {
			return r
		}
		return cmp.Compare(a.Name, b.Name)
	})
	out, err := json.MarshalIndent(policies, "", "    ")
	if err != nil {
		return fmt.Errorf("failed to marshal policies: %v", err)
	}
	if outputFormat == "yaml" {

			<PatternLayout><Pattern>${log.pattern}</Pattern></PatternLayout><!-- <EcsLayout serviceName="fess" eventDataset="crawler" /> -->
			<Policies>
				<TimeBasedTriggeringPolicy />
				<SizeBasedTriggeringPolicy size="100 MB" />
			</Policies>
			<DefaultRolloverStrategy fileIndex="max" min="1"
				max="${backup.max.history}" compressionLevel="9" />
		</RollingFile>
		<Rewrite name="AppFile">

	ztunnelDump *ZtunnelDump
	FullDump    []byte
}

type rawDump struct {
	Services      json.RawMessage          `json:"services"`
	Workloads     json.RawMessage          `json:"workloads"`
	Policies      json.RawMessage          `json:"policies"`
	Certificates  json.RawMessage          `json:"certificates"`
	WorkloadState map[string]WorkloadState `json:"workloadstate"`
}

// Prime loads the config dump into the writer ready for printing

			<PatternLayout><Pattern>${log.pattern}</Pattern></PatternLayout><!-- <EcsLayout serviceName="fess" eventDataset="app" /> -->
			<Policies>
				<TimeBasedTriggeringPolicy />
				<SizeBasedTriggeringPolicy size="100 MB" />
			</Policies>
			<DefaultRolloverStrategy fileIndex="max" min="1"
				max="${backup.max.history}" compressionLevel="9">
				<Delete basePath="${log.file.basedir}">

  1. Configuration and communication of Ambient components.
  1. Interaction between `ztunnel` and Ambient components.
  1. Validation of zero-trust security policies.
  1. Testing of ambient traffic management.
  1. Specific `istioctl ztunnel-config` commands being tested: `all`, `services`, `workloads`, `policies`, `certificates`.
- **Setup**: The main test setup in this folder initializes the Istio control plane, `ztunnel`, and other ambient components.

/pkg/fuzz/                                                       @istio/wg-test-and-release-maintainers
/pkg/tracing/                                                    @istio/wg-policies-and-telemetry-maintainers
/pkg/wasm/                                                       @istio/wg-policies-and-telemetry-maintainers
/pkg/webhooks/                                                   @istio/wg-environments-maintainers

}

# Try connecting to MinIO instance
{{- if .Values.tls.enabled }}
scheme=https
{{- else }}
scheme=http
{{- end }}
connectToMinio $scheme

{{ if .Values.policies }}
# Create the policies
{{- range $idx, $policy := .Values.policies }}
createPolicy {{ $policy.name }} policy_{{ $idx }}
{{- end }}

			<PatternLayout><Pattern>${log.pattern}</Pattern></PatternLayout><!-- <EcsLayout serviceName="fess" eventDataset="suggest" /> -->
			<Policies>
				<TimeBasedTriggeringPolicy />
				<SizeBasedTriggeringPolicy size="100 MB" />
			</Policies>
			<DefaultRolloverStrategy fileIndex="max" min="1"
				max="${backup.max.history}" compressionLevel="9" />
		</RollingFile>
	</Appenders>

	<Loggers>

			<PatternLayout><Pattern>${log.pattern}</Pattern></PatternLayout><!-- <EcsLayout serviceName="fess" eventDataset="thumbnail" /> -->
			<Policies>
				<TimeBasedTriggeringPolicy />
				<SizeBasedTriggeringPolicy size="100 MB" />
			</Policies>
			<DefaultRolloverStrategy fileIndex="max" min="1"
				max="${backup.max.history}" compressionLevel="9" />
		</RollingFile>
	</Appenders>

	<Loggers>

      - presence: {}
- rules:
  - matches:
    - notDestinationPorts:
      - 9090
name: converted_peer_authentication_strict-and-permissive-mtls
scope: WORKLOAD_SELECTOR
```