APIRule v2alpha1 Authorization Policy

[I551317]

When a new 'APIRule' is created a new Istio 'AuthorizationPolicy' is created in an automatic way as well. Such an approach brings a following problem: if I have another application (AppRouter) that routes traffic to the same 'Service' and backend application as 'APIRule', we are getting 'RBAC: Access Denied error' calling AppRouter endpoints.

I wonder if there is possibility to somehow either override created 'AuthorizationPolicy' or not to create that in an automatic way at all (if other 'AuthorizationPolicy' already exist in the namespace)?

Deployed API Rule:

---
apiVersion: gateway.kyma-project.io/v2alpha1
kind: APIRule
metadata:
  name: customer-connectivity-data-api
  namespace: rcc-1872-con-acc
spec:
  gateway: kyma-system/kyma-gateway
  hosts:
    - connectivity-data-rcc-1872-con-acc
  rules:
    - methods:
        - GET
        - POST
        - PATCH
        - DELETE
        - OPTIONS
      noAuth: true
      path: /*
  service:
    name: customer-connectivity-data-lb
    namespace: rcc-1872-con-acc
    port: 81

Created AuthorizationPolicy:

---
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
  name: customer-connectivity-data-api-xqs7b
  namespace: rcc-1872-con-acc
spec:
  rules:
    - from:
        - source:
            principals:
              - >-
                cluster.local/ns/istio-system/sa/istio-ingressgateway-service-account
      to:
        - operation:
            methods:
              - GET
              - POST
              - PATCH
              - DELETE
              - OPTIONS
            paths:
              - /{**}
  selector:
    matchLabels:
      app: customer-connectivity-data-app