istio
/
istio.io
mirror of https://github.com/istio/istio.io.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add note to explain authentication mesh policy CRD kind. (#3540) 

* Add note for the mesh policy to explain the different with regular (namespace and service) policies

* Address comment
This commit is contained in:
Diem Vu 2019-03-07 14:16:32 -08:00 committed by istio-bot
parent 85acb221eb
commit 423085227e
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
content/docs/tasks/security/authn-policy/index.md
View File

@ -105,6 +105,11 @@ spec:
EOF
{{< /text >}}
{{< tip >}}
The mesh authentication policy uses the [regular authentication policy API](/docs/reference/config/istio.authentication.v1alpha1/)
it is defined in the cluster-scoped `MeshPolicy` CRD.
{{< /tip >}}
This policy specifies that all workloads in the mesh will only accept encrypted requests using TLS. As you can see, this authentication policy has the kind:
`MeshPolicy`. The name of the policy must be `default`, and it contains no `targets` specification (as it is intended to apply to all services in the mesh).