consul_intention
Intentions are used to define rules for which services may connect to one another when using Consul Connect.
It is appropriate to either reference existing services or specify non-existent services that will be created in the future when creating intentions. This resource can be used in conjunction with the consul_service
datasource when referencing services registered on nodes that have a running Consul agent.
Example Usage
Create a simplest intention with static service names:
resource "consul_intention" "database" { source_name = "api" destination_name = "db" action = "allow" }
Referencing a known service via a datasource:
resource "consul_intention" "database" { source_name = "api" destination_name = "${consul_catalog_service.pg.name}" action = "allow" } data "consul_service" "pg" { name = "postgresql" }
Argument Reference
The following arguments are supported:
-
source_name
- (Required, string) The name of the source service for the intention. This service does not have to exist. -
destination_name
- (Required, string) The name of the destination service for the intention. This service does not have to exist. -
action
- (Required, string) The intention action. Must be one ofallow
ordeny
. -
meta
- (Optional, map) Key/value pairs that are opaque to Consul and are associated with the intention. -
description
- (Optional, string) Optional description that can be used by Consul tooling, but is not used internally. -
datacenter
- (Optional) The datacenter to use. This overrides the datacenter in the provider setup and the agent's default datacenter.
Attributes Reference
The following attributes are exported:
-
id
- The ID of the intention. -
source_name
- The source for the intention. -
destination_name
- The destination for the intention. -
description
- A description of the intention. -
meta
- Key/value pairs associated with the intention.
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/consul/r/intention.html