mirror of https://github.com/hashicorp/consul
98 lines
1.9 KiB
HCL
98 lines
1.9 KiB
HCL
|
enable_central_service_config = true
|
||
|
|
||
|
acl {
|
||
|
default_policy = "deny"
|
||
|
}
|
||
|
|
||
|
config_entries {
|
||
|
bootstrap {
|
||
|
kind = "service-defaults"
|
||
|
name = "s2"
|
||
|
protocol = "http"
|
||
|
}
|
||
|
|
||
|
# TODO: test header invert
|
||
|
bootstrap {
|
||
|
kind = "service-intentions"
|
||
|
name = "s2"
|
||
|
|
||
|
sources {
|
||
|
name = "s1"
|
||
|
permissions = [
|
||
|
// paths
|
||
|
{
|
||
|
action = "allow"
|
||
|
http { path_exact = "/exact" }
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http { path_prefix = "/prefix" }
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http { path_regex = "/reg[ex]{2}" }
|
||
|
},
|
||
|
// headers
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/hdr-present"
|
||
|
header = [{
|
||
|
name = "x-test-debug"
|
||
|
present = true
|
||
|
}]
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/hdr-exact"
|
||
|
header = [{
|
||
|
name = "x-test-debug"
|
||
|
exact = "exact"
|
||
|
}]
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/hdr-prefix"
|
||
|
header = [{
|
||
|
name = "x-test-debug"
|
||
|
prefix = "prefi"
|
||
|
}]
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/hdr-suffix"
|
||
|
header = [{
|
||
|
name = "x-test-debug"
|
||
|
suffix = "uffix"
|
||
|
}]
|
||
|
}
|
||
|
},
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/hdr-regex"
|
||
|
header = [{
|
||
|
name = "x-test-debug"
|
||
|
regex = "reg[ex]{2}"
|
||
|
}]
|
||
|
}
|
||
|
},
|
||
|
// methods
|
||
|
{
|
||
|
action = "allow"
|
||
|
http {
|
||
|
path_exact = "/method-match"
|
||
|
methods = ["GET", "PUT"]
|
||
|
}
|
||
|
}
|
||
|
]
|
||
|
}
|
||
|
}
|
||
|
}
|