diff --git a/docs/reference/api/README.mdx b/docs/reference/api/README.mdx index 7af204a9d..b42443f3e 100644 --- a/docs/reference/api/README.mdx +++ b/docs/reference/api/README.mdx @@ -1,5 +1,5 @@ --- -sidebar_position: 3 +sidebar_position: 11 title: API --- diff --git a/docs/reference/cli/README.mdx b/docs/reference/cli/README.mdx index 0d1750666..9e1550639 100644 --- a/docs/reference/cli/README.mdx +++ b/docs/reference/cli/README.mdx @@ -1,5 +1,5 @@ --- -sidebar_position: 2 +sidebar_position: 10 title: CLI --- diff --git a/docs/reference/configuration/credentials-operator/README.mdx b/docs/reference/credentials-operator/README.mdx similarity index 100% rename from docs/reference/configuration/credentials-operator/README.mdx rename to docs/reference/credentials-operator/README.mdx diff --git a/docs/reference/configuration/credentials-operator/helm-chart.mdx b/docs/reference/credentials-operator/helm-chart.mdx similarity index 100% rename from docs/reference/configuration/credentials-operator/helm-chart.mdx rename to docs/reference/credentials-operator/helm-chart.mdx diff --git a/docs/reference/configuration/intents-operator/README.mdx b/docs/reference/intents-operator/README.mdx similarity index 99% rename from docs/reference/configuration/intents-operator/README.mdx rename to docs/reference/intents-operator/README.mdx index 5f5ce2ced..9458f97ed 100644 --- a/docs/reference/configuration/intents-operator/README.mdx +++ b/docs/reference/intents-operator/README.mdx @@ -1,5 +1,5 @@ --- -sidebar_position: 2 +sidebar_position: 1 title: Intents operator --- diff --git a/docs/reference/configuration/intents-operator/configuration.mdx b/docs/reference/intents-operator/configuration.mdx similarity index 100% rename from docs/reference/configuration/intents-operator/configuration.mdx rename to docs/reference/intents-operator/configuration.mdx diff --git a/docs/reference/configuration/intents-operator/helm-chart.mdx b/docs/reference/intents-operator/helm-chart.mdx similarity index 96% rename from docs/reference/configuration/intents-operator/helm-chart.mdx rename to docs/reference/intents-operator/helm-chart.mdx index 13554db7b..0df660227 100644 --- a/docs/reference/configuration/intents-operator/helm-chart.mdx +++ b/docs/reference/intents-operator/helm-chart.mdx @@ -43,6 +43,7 @@ If you would like to deploy it on its own, add the Otterize Helm chart repositor | `operator.enableKafkaACLCreation` | Whether the operator should create Kafka ACL rules according to `ClientIntents` of type Kafka. | `true` | | `operator.enableIstioPolicyCreation` | Whether the operator should create Istio authorization policies according to `ClientIntents`. | `true` | | `operator.allowExternalTraffic` | `ifBlockedByOtterize`, `off` or `always` (this option is **experimental**). Specify how the operator handles external traffic for Ingress/Service resources: `ifBlockedByOtterize` automatically create network policies to enable internet traffic for services that would be blocked by Otterize network policies when protecting a server. Choosing `off` may necessitate manual network policy creation to allow external traffic, while `always` automatically creates policies for all such resource that are visible to the operator. | `ifBlockedByOtterize` | +| `operator.ingressControllerConfigs` | Restricts the automatically created external traffic network policies to only allow access to an ingress controller within the cluster. Only relevant if you use an in-cluster ingress controller, such as nginx or HAProxy. A list of objects with keys `name`, `namespace` and `kind`, such as `ingress-nginx-controller`, `nginx` and `Deployment`. | `(none)` | | `operator.autoCreateNetworkPoliciesForExternalTraffic` | (deprecated, use `allowExternalTraffic` instead) Automatically allow external traffic, if a new ClientIntents resource would result in blocking external (internet) traffic and there is an Ingress/Service resource indicating external traffic is expected. | `true` | | `operator.autoCreateNetworkPoliciesForExternalTrafficDisableIntentsRequirement` | (deprecated, use `allowExternalTraffic` instead) **experimental** - If `autoCreateNetworkPoliciesForExternalTraffic` is enabled, do not require ClientIntents resources - simply create network policies based off of the existence of an Ingress/Service resource. | `false` | | `operator.resources` | Resources override. | | diff --git a/docs/reference/configuration/network-mapper/README.mdx b/docs/reference/network-mapper/README.mdx similarity index 99% rename from docs/reference/configuration/network-mapper/README.mdx rename to docs/reference/network-mapper/README.mdx index 1c88ccd5f..e23af82a5 100644 --- a/docs/reference/configuration/network-mapper/README.mdx +++ b/docs/reference/network-mapper/README.mdx @@ -1,5 +1,5 @@ --- -sidebar_position: 4 +sidebar_position: 2 title: Network mapper --- diff --git a/docs/reference/configuration/network-mapper/helm-chart.mdx b/docs/reference/network-mapper/helm-chart.mdx similarity index 100% rename from docs/reference/configuration/network-mapper/helm-chart.mdx rename to docs/reference/network-mapper/helm-chart.mdx diff --git a/docs/reference/configuration/network-mapper/kafka-watcher.mdx b/docs/reference/network-mapper/kafka-watcher.mdx similarity index 100% rename from docs/reference/configuration/network-mapper/kafka-watcher.mdx rename to docs/reference/network-mapper/kafka-watcher.mdx diff --git a/docs/reference/configuration/otterize-chart/README.mdx b/docs/reference/otterize-chart/README.mdx similarity index 97% rename from docs/reference/configuration/otterize-chart/README.mdx rename to docs/reference/otterize-chart/README.mdx index 1d6bedc1f..1d82760cb 100644 --- a/docs/reference/configuration/otterize-chart/README.mdx +++ b/docs/reference/otterize-chart/README.mdx @@ -1,5 +1,5 @@ --- -sidebar_position: 1 +sidebar_position: 4 title: Otterize OSS Helm chart --- @@ -69,6 +69,7 @@ Further information about intents-operator parameters can be found [in the inten | `intentsOperator.operator.enableNetworkPolicyCreation` | Whether the operator should create network policies according to `ClientIntents`. | `true` | | `intentsOperator.operator.enableKafkaACLCreation` | Whether the operator should create Kafka ACL rules according to `ClientIntents` of type Kafka. | `true` | | `intentsOperator.operator.enableIstioPolicyCreation` | Whether the operator should create Istio authorization policies according to `ClientIntents`. | `true` | +| `intentsOperator.operator.ingressControllerConfigs` | Restricts the automatically created external traffic network policies to only allow access to an ingress controller within the cluster. Only relevant if you use an in-cluster ingress controller, such as nginx or HAProxy. A list of objects with keys `name`, `namespace` and `kind`, such as `ingress-nginx-controller`, `nginx` and `Deployment`. | `(none)` | | `intentsOperator.operator.allowExternalTraffic` | `ifBlockedByOtterize`, `off` or `always` (this option is **experimental**). Specify how the operator handles external traffic for Ingress/Service resources: `ifBlockedByOtterize` automatically create network policies to enable internet traffic for services that would be blocked by Otterize network policies when protecting a server. Choosing `off` may necessitate manual network policy creation to allow external traffic, while `always` automatically creates policies for all such resource that are visible to the operator. | `ifBlockedByOtterize` | | `intentsOperator.operator.autoCreateNetworkPoliciesForExternalTraffic` | (deprecated, use `allowExternalTraffic` instead) Automatically allow external traffic, if a new ClientIntents resource would result in blocking external (internet) traffic and there is an Ingress/Service resource indicating external traffic is expected. | `true` | | `intentsOperator.operator.autoCreateNetworkPoliciesForExternalTrafficDisableIntentsRequirement` | (deprecated, use `allowExternalTraffic` instead) **experimental** - If `autoCreateNetworkPoliciesForExternalTraffic` is enabled, do not require ClientIntents resources - simply create network policies based off of the existence of an Ingress/Service resource. | `false` |