1. Packages
  2. HashiCorp Consul
  3. API Docs
  4. Intention
Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi

consul.Intention

Explore with Pulumi AI

consul logo
Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi

    Intentions are used to define rules for which services may connect to one another when using Consul Connect.

    NOTE: This resource is appropriate for managing legacy intentions in Consul version 1.8 and earlier. As of Consul 1.9, intentions should be managed using the service-intentions configuration entry. It is recommended to migrate from the consul.Intention resource to consul.ConfigEntry when running Consul 1.9 and later.

    It is appropriate to either reference existing services, or specify non-existent services that will be created in the future when creating intentions. This resource can be used in conjunction with the consul.Service datasource when referencing services registered on nodes that have a running Consul agent.

    Example Usage

    Create a simplest intention with static service names

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Consul = Pulumi.Consul;
    
    return await Deployment.RunAsync(() => 
    {
        var database = new Consul.Intention("database", new()
        {
            Action = "allow",
            DestinationName = "db",
            SourceName = "api",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := consul.NewIntention(ctx, "database", &consul.IntentionArgs{
    			Action:          pulumi.String("allow"),
    			DestinationName: pulumi.String("db"),
    			SourceName:      pulumi.String("api"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.consul.Intention;
    import com.pulumi.consul.IntentionArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var database = new Intention("database", IntentionArgs.builder()        
                .action("allow")
                .destinationName("db")
                .sourceName("api")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_consul as consul
    
    database = consul.Intention("database",
        action="allow",
        destination_name="db",
        source_name="api")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as consul from "@pulumi/consul";
    
    const database = new consul.Intention("database", {
        action: "allow",
        destinationName: "db",
        sourceName: "api",
    });
    
    resources:
      database:
        type: consul:Intention
        properties:
          action: allow
          destinationName: db
          sourceName: api
    

    Referencing a known service via a datasource

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Consul = Pulumi.Consul;
    
    return await Deployment.RunAsync(() => 
    {
        var database = new Consul.Intention("database", new()
        {
            Action = "allow",
            DestinationName = consul_service.Pg.Name,
            SourceName = "api",
        });
    
        var pg = Consul.GetService.Invoke(new()
        {
            Name = "postgresql",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := consul.NewIntention(ctx, "database", &consul.IntentionArgs{
    			Action:          pulumi.String("allow"),
    			DestinationName: pulumi.Any(consul_service.Pg.Name),
    			SourceName:      pulumi.String("api"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = consul.LookupService(ctx, &consul.LookupServiceArgs{
    			Name: "postgresql",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.consul.Intention;
    import com.pulumi.consul.IntentionArgs;
    import com.pulumi.consul.ConsulFunctions;
    import com.pulumi.consul.inputs.GetServiceArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var database = new Intention("database", IntentionArgs.builder()        
                .action("allow")
                .destinationName(consul_service.pg().name())
                .sourceName("api")
                .build());
    
            final var pg = ConsulFunctions.getService(GetServiceArgs.builder()
                .name("postgresql")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_consul as consul
    
    database = consul.Intention("database",
        action="allow",
        destination_name=consul_service["pg"]["name"],
        source_name="api")
    pg = consul.get_service(name="postgresql")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as consul from "@pulumi/consul";
    
    const database = new consul.Intention("database", {
        action: "allow",
        destinationName: consul_service.pg.name,
        sourceName: "api",
    });
    const pg = consul.getService({
        name: "postgresql",
    });
    
    resources:
      database:
        type: consul:Intention
        properties:
          action: allow
          destinationName: ${consul_service.pg.name}
          sourceName: api
    variables:
      pg:
        fn::invoke:
          Function: consul:getService
          Arguments:
            name: postgresql
    

    Create Intention Resource

    new Intention(name: string, args: IntentionArgs, opts?: CustomResourceOptions);
    @overload
    def Intention(resource_name: str,
                  opts: Optional[ResourceOptions] = None,
                  action: Optional[str] = None,
                  datacenter: Optional[str] = None,
                  description: Optional[str] = None,
                  destination_name: Optional[str] = None,
                  destination_namespace: Optional[str] = None,
                  meta: Optional[Mapping[str, str]] = None,
                  source_name: Optional[str] = None,
                  source_namespace: Optional[str] = None)
    @overload
    def Intention(resource_name: str,
                  args: IntentionArgs,
                  opts: Optional[ResourceOptions] = None)
    func NewIntention(ctx *Context, name string, args IntentionArgs, opts ...ResourceOption) (*Intention, error)
    public Intention(string name, IntentionArgs args, CustomResourceOptions? opts = null)
    public Intention(String name, IntentionArgs args)
    public Intention(String name, IntentionArgs args, CustomResourceOptions options)
    
    type: consul:Intention
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args IntentionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args IntentionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args IntentionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args IntentionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args IntentionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Intention Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Intention resource accepts the following input properties:

    Action string
    The intention action. Must be one of allow or deny.
    DestinationName string
    The name of the destination service for the intention. This service does not have to exist.
    SourceName string
    The name of the source service for the intention. This service does not have to exist.
    Datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    Description string
    Optional description that can be used by Consul tooling, but is not used internally.
    DestinationNamespace string
    The destination namespace of the intention.
    Meta Dictionary<string, string>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    SourceNamespace string
    The source namespace of the intention.
    Action string
    The intention action. Must be one of allow or deny.
    DestinationName string
    The name of the destination service for the intention. This service does not have to exist.
    SourceName string
    The name of the source service for the intention. This service does not have to exist.
    Datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    Description string
    Optional description that can be used by Consul tooling, but is not used internally.
    DestinationNamespace string
    The destination namespace of the intention.
    Meta map[string]string
    Key/value pairs that are opaque to Consul and are associated with the intention.
    SourceNamespace string
    The source namespace of the intention.
    action String
    The intention action. Must be one of allow or deny.
    destinationName String
    The name of the destination service for the intention. This service does not have to exist.
    sourceName String
    The name of the source service for the intention. This service does not have to exist.
    datacenter String
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description String
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationNamespace String
    The destination namespace of the intention.
    meta Map<String,String>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceNamespace String
    The source namespace of the intention.
    action string
    The intention action. Must be one of allow or deny.
    destinationName string
    The name of the destination service for the intention. This service does not have to exist.
    sourceName string
    The name of the source service for the intention. This service does not have to exist.
    datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description string
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationNamespace string
    The destination namespace of the intention.
    meta {[key: string]: string}
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceNamespace string
    The source namespace of the intention.
    action str
    The intention action. Must be one of allow or deny.
    destination_name str
    The name of the destination service for the intention. This service does not have to exist.
    source_name str
    The name of the source service for the intention. This service does not have to exist.
    datacenter str
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description str
    Optional description that can be used by Consul tooling, but is not used internally.
    destination_namespace str
    The destination namespace of the intention.
    meta Mapping[str, str]
    Key/value pairs that are opaque to Consul and are associated with the intention.
    source_namespace str
    The source namespace of the intention.
    action String
    The intention action. Must be one of allow or deny.
    destinationName String
    The name of the destination service for the intention. This service does not have to exist.
    sourceName String
    The name of the source service for the intention. This service does not have to exist.
    datacenter String
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description String
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationNamespace String
    The destination namespace of the intention.
    meta Map<String>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceNamespace String
    The source namespace of the intention.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Intention resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Intention Resource

    Get an existing Intention resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: IntentionState, opts?: CustomResourceOptions): Intention
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            action: Optional[str] = None,
            datacenter: Optional[str] = None,
            description: Optional[str] = None,
            destination_name: Optional[str] = None,
            destination_namespace: Optional[str] = None,
            meta: Optional[Mapping[str, str]] = None,
            source_name: Optional[str] = None,
            source_namespace: Optional[str] = None) -> Intention
    func GetIntention(ctx *Context, name string, id IDInput, state *IntentionState, opts ...ResourceOption) (*Intention, error)
    public static Intention Get(string name, Input<string> id, IntentionState? state, CustomResourceOptions? opts = null)
    public static Intention get(String name, Output<String> id, IntentionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Action string
    The intention action. Must be one of allow or deny.
    Datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    Description string
    Optional description that can be used by Consul tooling, but is not used internally.
    DestinationName string
    The name of the destination service for the intention. This service does not have to exist.
    DestinationNamespace string
    The destination namespace of the intention.
    Meta Dictionary<string, string>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    SourceName string
    The name of the source service for the intention. This service does not have to exist.
    SourceNamespace string
    The source namespace of the intention.
    Action string
    The intention action. Must be one of allow or deny.
    Datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    Description string
    Optional description that can be used by Consul tooling, but is not used internally.
    DestinationName string
    The name of the destination service for the intention. This service does not have to exist.
    DestinationNamespace string
    The destination namespace of the intention.
    Meta map[string]string
    Key/value pairs that are opaque to Consul and are associated with the intention.
    SourceName string
    The name of the source service for the intention. This service does not have to exist.
    SourceNamespace string
    The source namespace of the intention.
    action String
    The intention action. Must be one of allow or deny.
    datacenter String
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description String
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationName String
    The name of the destination service for the intention. This service does not have to exist.
    destinationNamespace String
    The destination namespace of the intention.
    meta Map<String,String>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceName String
    The name of the source service for the intention. This service does not have to exist.
    sourceNamespace String
    The source namespace of the intention.
    action string
    The intention action. Must be one of allow or deny.
    datacenter string
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description string
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationName string
    The name of the destination service for the intention. This service does not have to exist.
    destinationNamespace string
    The destination namespace of the intention.
    meta {[key: string]: string}
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceName string
    The name of the source service for the intention. This service does not have to exist.
    sourceNamespace string
    The source namespace of the intention.
    action str
    The intention action. Must be one of allow or deny.
    datacenter str
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description str
    Optional description that can be used by Consul tooling, but is not used internally.
    destination_name str
    The name of the destination service for the intention. This service does not have to exist.
    destination_namespace str
    The destination namespace of the intention.
    meta Mapping[str, str]
    Key/value pairs that are opaque to Consul and are associated with the intention.
    source_name str
    The name of the source service for the intention. This service does not have to exist.
    source_namespace str
    The source namespace of the intention.
    action String
    The intention action. Must be one of allow or deny.
    datacenter String
    The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
    description String
    Optional description that can be used by Consul tooling, but is not used internally.
    destinationName String
    The name of the destination service for the intention. This service does not have to exist.
    destinationNamespace String
    The destination namespace of the intention.
    meta Map<String>
    Key/value pairs that are opaque to Consul and are associated with the intention.
    sourceName String
    The name of the source service for the intention. This service does not have to exist.
    sourceNamespace String
    The source namespace of the intention.

    Import

    consul_intention can be imported:

     $ pulumi import consul:index/intention:Intention database 657a57d6-0d56-57e2-31cb-e9f1ed3c18dd
    

    Package Details

    Repository
    HashiCorp Consul pulumi/pulumi-consul
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the consul Terraform Provider.
    consul logo
    Consul v3.11.1 published on Friday, Jan 19, 2024 by Pulumi