ui: Amends to existing topology notice/banner texts (#14527)
* ui: Amends to existing topology notice/banner texts * Changelog * Update ui/packages/consul-ui/translations/routes/en-us.yaml Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com> Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
This commit is contained in:
parent
60400173b5
commit
ad47911ad9
|
@ -0,0 +1,3 @@
|
||||||
|
```release-note:improvement
|
||||||
|
ui: Improve guidance around topology visualisation
|
||||||
|
```
|
|
@ -185,25 +185,25 @@ dc:
|
||||||
header: Limited Access
|
header: Limited Access
|
||||||
body: This service may have dependencies you won’t see because you don’t have access to them.
|
body: This service may have dependencies you won’t see because you don’t have access to them.
|
||||||
default-allow:
|
default-allow:
|
||||||
header: Intentions are set to default allow
|
header: Restrict which services can connect
|
||||||
body: Your Intention settings are currently set to default allow. This means that this view will show connections to every service in your cluster. We recommend changing your Intention settings to default deny and creating specific Intentions for upstream and downstream services for this view to be useful.
|
body: Your current ACL settings allow all services to connect to each other. Either create a deny intention between all services, or set your default ACL policy to deny to improve your security posture and make this topology view reflect the actual upstreams and downstreams of this service.
|
||||||
footer: |
|
footer: |
|
||||||
<p>
|
<p>
|
||||||
<a href="{route_intentions}">Edit Intentions</a>
|
<a href="{route_intentions}">Create a wildcard deny Intention</a>
|
||||||
</p>
|
</p>
|
||||||
wildcard-intention:
|
wildcard-intention:
|
||||||
header: Permissive Intention
|
header: Restrict which services can connect
|
||||||
body: One or more of your Intentions are set to allow traffic to and/or from all other services in a namespace. This Topology view will show all of those connections if that remains unchanged. We recommend setting more specific Intentions for upstream and downstream services to make this visualization more useful.
|
body: There is currently a wildcard Intention that allows all services to connect to each other. Change the action of that Intention to deny to improve your security posture and have this topology view reflect the actual upstreams and downstreams of this service.
|
||||||
footer: |
|
footer: |
|
||||||
<p>
|
<p>
|
||||||
<a href="{route_intentions}">Edit Intentions</a>
|
<a href="{route_intentions}">Edit wildcard intentions</a>
|
||||||
</p>
|
</p>
|
||||||
not-defined-intention:
|
not-defined-intention:
|
||||||
header: Connections are not explicitly defined
|
header: Add upstream to allow traffic
|
||||||
body: There appears to be an Intention allowing traffic, but the services are unable to communicate until that connection is enabled by defining an explicit upstream or proxies are set to 'transparent' mode.
|
body: An Intention was defined that allows traffic between services, but those services are unable to communicate. Define an explicit upstream in the service definition or enable transparent proxy to fix this.
|
||||||
footer: |
|
footer: |
|
||||||
<p>
|
<p>
|
||||||
<a href="{CONSUL_DOCS_URL}/connect/registration/service-registration#upstreams" target="_blank" rel="noopener noreferrer">Read the documentation</a>
|
<a href="{CONSUL_DOCS_URL}/connect/registration/service-registration#upstreams" target="_blank" rel="noopener noreferrer">Learn how to add upstreams</a>
|
||||||
</p>
|
</p>
|
||||||
no-dependencies:
|
no-dependencies:
|
||||||
header: No dependencies
|
header: No dependencies
|
||||||
|
@ -213,12 +213,19 @@ dc:
|
||||||
<a href="{CONSUL_DOCS_URL}/connect/registration/service-registration#upstream-configuration-reference" target="_blank" rel="noopener noreferrer">Read the documentation</a>
|
<a href="{CONSUL_DOCS_URL}/connect/registration/service-registration#upstream-configuration-reference" target="_blank" rel="noopener noreferrer">Read the documentation</a>
|
||||||
</p>
|
</p>
|
||||||
acls-disabled:
|
acls-disabled:
|
||||||
header: Enable ACLs
|
header: Restrict which services can connect
|
||||||
body: This connect-native service may have dependencies, but Consul isn't aware of them when ACLs are disabled. Enable ACLs to make this view more useful.
|
body: Your current ACL settings allow all services to connect to each other. Either create a deny intention between all services, or enable ACLs and set your default ACL policy to deny to improve your security posture and make this topology view reflect the actual upstreams and downstreams of this service.
|
||||||
footer: |
|
footer: |
|
||||||
<p>
|
<p>
|
||||||
<a href="{CONSUL_DOCS_URL}/security/acl/acl-system#configuring-acls" target="_blank" rel="noopener noreferrer">Read the documentation</a>
|
<a href="{CONSUL_DOCS_URL}/security/acl/acl-system#configuring-acls" target="_blank" rel="noopener noreferrer">Read the documentation</a>
|
||||||
</p>
|
</p>
|
||||||
|
no-intentions:
|
||||||
|
header: Add Intention to allow traffic
|
||||||
|
body: There is an upstream registered for this service, but that upstream cannot receive traffic without creating an allow intention.
|
||||||
|
footer: |
|
||||||
|
<p>
|
||||||
|
<a href="{route_intentions}">Edit Intentions</a>
|
||||||
|
</p>
|
||||||
intentions:
|
intentions:
|
||||||
index:
|
index:
|
||||||
empty:
|
empty:
|
||||||
|
|
Loading…
Reference in New Issue