service:The bind name value is used as an ACLServiceIdentity.ServiceName field in the token that is created.
node:The bind name value is used as an ACLNodeIdentity.NodeName field in the token that is created.
role:The bind name value is used as an RoleLink.Name field in the token that is created.
kv:
search-bar:
kind:
name:Type
options:
folder:Folder
key:Key
sort:
kind:
asc:Folders to Keys
desc:Keys to Folders
intention:
search-bar:
access:
name:Permission
options:
allow:Allow
deny:Deny
app-aware:App aware
sort:
access:
name:Permission
asc:Allow to Deny
desc:Deny to Allow
source-name:
name:Source
asc:"Source: A to Z"
desc:"Source: Z to A"
destination-name:
name:Destination
asc:"Destination: A to Z"
desc:"Destination: Z to A"
precedence:
name:Precedence
asc:Ascending
desc:Descending
transparent-proxy:Transparent Proxy
topology-metrics:
source-type:
tooltip:This connection was defined in a proxy registration.
text:Defined in proxy registration
notice:
limited-access:
header:Limited Access
body:This service may have dependencies you won’t see because you don’t have access to them.
default-allow:
header:Intentions are set to default allow
body:Your Intention settings are currently set to default allow. This means that this view will show connections to every service in your cluster. We recommend changing your Intention settings to default deny and creating specific Intentions for upstream and downstream services for this view to be useful.
body:There appears to be an Intention allowing traffic, but the services are unable to communicate until that connection is enabled by defining an explicit upstream or proxies are set to 'transparent' mode.
body:One or more of your Intentions are set to allow traffic to and/or from all other services in a namespace. This Topology view will show all of those connections if that remains unchanged. We recommend setting more specific Intentions for upstream and downstream services to make this vizualization more useful.
footer:
name:Edit intentions
URL:dc.services.show.intentions
popover:
l7:
header:Layer 7 permissions
body:Certain HTTP request info must be identified.
action:View
deny:
header:Connection Denied
body:
isExact:Change the action of this intention to allow.
notExact:Add an intention that allows these two services to connect.