diff --git a/demo/istio/README.md b/demo/istio/README.md
new file mode 100644
index 00000000..b34bc43c
--- /dev/null
+++ b/demo/istio/README.md
@@ -0,0 +1,27 @@
+# Istio Demo 
+
+This Istio Demo is prototype of the kyverno envoy plugin .
+
+## Overview 
+
+The goal of the demo to show user how kyverno-envoy-plugin will work with istio and how it can be used to enforce policies to the traffic between services. The Kyverno-envoy-plugin allows configuring these Envoy proxies to query Kyverno-json for policy decisions on incoming requests.
+
+## Contains
+ 
+- A manifests folder with everything we need to run the demo . 
+- bootstrap.sh creates the cluster and installs istio . 
+
+## Architecture
+The below architecture illustrates a scenario where no service mesh or Envoy-like components have been pre-installed or already installed.
+
+![Architecture](architecture1.png)
+
+
+The below architecture illustrates a scenario where a service mesh or Envoy-like components have been pre-installed or already installed.
+![Architecture](architecture2.png)
+
+## Requirements
+
+- Istio Authorizationpolicy manifest  to add "extension provider " concept in MeshConfig to specify Where/how to talk to envoy ext-authz service 
+-
+-
\ No newline at end of file
diff --git a/demo/istio/architecture1.png b/demo/istio/architecture1.png
new file mode 100644
index 00000000..d3fa104e
Binary files /dev/null and b/demo/istio/architecture1.png differ
diff --git a/demo/istio/architecture2.png b/demo/istio/architecture2.png
new file mode 100644
index 00000000..8b0c52a7
Binary files /dev/null and b/demo/istio/architecture2.png differ