From 082de092c65ca57568124a59db47829e80b9dc82 Mon Sep 17 00:00:00 2001 From: hc-github-team-consul-core Date: Thu, 8 Jun 2023 16:55:44 -0400 Subject: [PATCH] backport of commit ef688704aab5f2e413b7d190ca36198b2c242009 (#17622) Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com> --- website/content/api-docs/connect/intentions.mdx | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/website/content/api-docs/connect/intentions.mdx b/website/content/api-docs/connect/intentions.mdx index cdfeb463cd..20a6b5054b 100644 --- a/website/content/api-docs/connect/intentions.mdx +++ b/website/content/api-docs/connect/intentions.mdx @@ -536,9 +536,7 @@ This endpoint evaluates the intentions for a specific source and destination and returns whether the connection would be authorized or not given the current Consul configuration and set of intentions. --> **Note:** This endpoint will always evaluate intentions with `Permissions` -defined as _deny_ intentions during. This endpoint is only suited for -networking layer 4 (e.g. TCP) integration. +-> **Note:** This endpoint will always evaluate matching intentions with L7 `Permissions` defined as _deny_ intentions because there is no request to check against. For performance and reliability reasons it is desirable to implement intention enforcement by listing [intentions that match the