Skip to main content
logoTetrate Service BridgeVersion: next

Segmentation Membership

The Segmentation Membership resource configures the resources that belong to particular zones in the different segmentation policies. Membership is defined statically, by using this Membership resource. Multiple Segmentation Membership resources can hold selectors for the same Segmentation Type Zones. The additive amalgamation of selectors will be used.

The following example shows how to statically define the resource that belong to the red zone in the ring segmentation policy.

apiVersion: segmentation.tsb.tetrate.io/v1
kind: SegmentationMembership
metadata:
  organization: myorg
  name: ring-membership
spec:
  policy: ring
  zones:
    - name: red
      fqnSelector:
        - "organizations/myorg/tenants/mytenant"
        - "organizations/myorg/tenants/mytenant/workspaces/myworkspace"
        - "organizations/myorg/tenants/mytenant/workspaces/ws1/securitygroups/sg1"

SegmentationMembership

The SegmentationMembership resource configures static resource membership for segmentation policies and zones.

FieldDescriptionValidation Rule

policy

string
The segmentation policy to which the membership belongs.

zones

List of tetrateio.api.tsb.segmentation.v1.SegmentationMembership.ZoneMembership
List of zone memberships that define the resources that belong to particular zones in the segmentation policy. Multiple Segmentation Membership resources can hold selectors for the same Segmentation Policy Zones. The additive amalgamation of selectors will be used.

ZoneMembership

Zone membership configures membership of resources to a particular zone in the segmentation policy.

FieldDescriptionValidation Rule

name

string
REQUIRED
The name of the zone in the defined segmentation policy.

string = {
  min_len: 1
}

fqnSelector

List of string
REQUIRED
The list of fully-qualified names (FQNs) of the resources that belong to the zone.

repeated = {
  min_items: 1
  items: {string:{min_len:1}}
}