From 8d3e88e9b52bdbceac4eac6e55efaf5ff55ffab7 Mon Sep 17 00:00:00 2001 From: boruszak Date: Thu, 2 Nov 2023 09:05:57 -0700 Subject: [PATCH] Multi-port traffic permissions example --- .../reference/trafficpermissions.mdx | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/website/content/docs/k8s/multiport/reference/trafficpermissions.mdx b/website/content/docs/k8s/multiport/reference/trafficpermissions.mdx index 457903743504..2813fbb48424 100644 --- a/website/content/docs/k8s/multiport/reference/trafficpermissions.mdx +++ b/website/content/docs/k8s/multiport/reference/trafficpermissions.mdx @@ -200,6 +200,27 @@ Specifies a port name that the Kubernetes Service exposes at the destination. The following examples demonstrate common `TrafficPermissions` CRD configuration patterns for specific use cases. +### Allow traffic to multiple ports + +The following example configures traffic permissions to allow traffic when the `web` service makes a request to the `api` service on the `api` port or `admin` port. + +```yaml +apiVersion: auth.consul.hashicorp.com/v2beta1 +kind: TrafficPermissions +metadata: + name: api-allow-web-all +spec: + destination: + identityName: "api" + action: ACTION_ALLOW + permissions: + - sources: + - identityName: "web" + destinationRules: + - portNames: ["api", "admin"] + +``` + ### Deny traffic between services The following example configures traffic permissions to deny traffic when the `web` service makes a request to the `api` service on the `admin` port.