Example 6-1: deny-all-service-intentions.yaml # deny-all-service-intentions.yamlapiVersion : consul.hashicorp.com/v1alpha1
kind : ServiceIntentions
metadata :
name : deny-all
namespace : consul
spec :
destination :
name : " *" sources :
- name : " *" action : deny Example 6-2: frontend-service-intentions.yaml apiVersion : consul.hashicorp.com/v1alpha1
kind : ServiceIntentions
metadata :
name : frontend
spec :
destination :
name : frontend
sources :
- name : ingress-gateway
action : allow Example 6-3: backend-service-intentions.yaml apiVersion : consul.hashicorp.com/v1alpha1
kind : ServiceIntentions
metadata :
name : backend
spec :
destination :
name : backend
sources :
- name : frontend
action : allow Example 6-4: deny-all-service-intentions.hcl Kind = " service-intentions" Name = " *" Sources = = " *" = " deny" Example 6-5: frontend-service-intentions.hcl Kind = " service-intentions" Name = " frontend" Sources = = " ingress-gateway" = " allow" Example 6-6: backend-service-intentions.hcl Kind = " service-intentions" Name = " backend" Sources = = " frontend" = " allow" Example 6-7: frontend-service-intentions.yaml apiVersion : consul.hashicorp.com/v1alpha1
kind : ServiceIntentions
metadata :
name : frontend
spec :
destination :
name : frontend
sources :
- name : ingress-gateway
permissions :
- http :
pathPrefix : /admin
action : deny
- http :
pathPrefix : /
action : allow Example 6-8: frontend-service-intentions.hcl Kind = " service-intentions" Name = " frontend" Sources = = " ingress-gateway" = [
{
HTTP {
PathPrefix = " /admin" = " deny" = " /" = " allow"