open-consul/website/pages/docs/commands/intention/check.mdx

38 lines
890 B
Plaintext
Raw Normal View History

---
2020-04-07 18:55:19 +00:00
layout: docs
page_title: 'Commands: Intention Check'
sidebar_title: check
---
# Consul Intention Check
Command: `consul intention check`
The `intention check` command checks whether a connection attempt between
two services would be authorized given the current set of intentions and
Consul configuration.
This command requires less ACL permissions than other intention-related
tasks because no information about the intention is revealed. Therefore,
callers only need to have `service:read` access for the destination. Richer
2020-04-09 23:46:54 +00:00
commands like [match](/docs/commands/intention/match) require full
intention read permissions and don't evaluate the result.
## Usage
Usage: `consul intention check [options] SRC DST`
#### API Options
2020-04-07 18:55:19 +00:00
@include 'http_api_options_client.mdx'
## Examples
```text
$ consul intention check web db
Denied
$ consul intention check web billing
Allowed
```