You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create a Server resource for nginx if it wasn't already created, as well as a HTTPRoute for the HTTPResources part (if there are any).
Create a MeshTLSAuthentication resource for client if it wasn't already created. For each client, create a separate MeshTLSAuthentication resource. I recommend using the name of the client in the name of the resource, such as meshtls-client1, meshtls-client2, and so on, to make it easy to find the resources when you need to update them or check if they already exist.
Create an AuthorizationPolicy resource that requires the MeshTLSAuthentication or Server.
As we discussed on Zoom, start with the create flow for ClientIntents and then move on to edit and delete. To understand the edit flow better, after creating a MeshTLS resource, scale down the intents operator to 0, then edit the ClientIntents so that the client is client2, and you should see two MeshTLS resources. In that situation the intents-operator needs to be able to detect that the first resource is now orphaned and delete it.
The intents operator supports reconciling ClientIntents into Istio authorization policies.
Proposal: Add support for Linkerd authorization policies, keeping with the same style.
The text was updated successfully, but these errors were encountered: