Skip to main content
logoTetrate Service BridgeVersion: next

Segmentation Policy

A Segmentation Policy defines a particular type of segmentation such as network zones, infrastructure environments, etc, that allow grouping resources and defining Access Control Lists (ACLs) based on these types.

The following example defines the segmentation policy ring with zones red, amber and yellow. Membership to these zones can be defined statically, by creating a Membership resource with the corresponding resource assignments.

apiVersion: segmentation.tsb.tetrate.io/v1
kind: SegmentationPolicy
metadata:
  organization: myorg
  name: ring
spec:
  intraZonalTraffic: true
  zones:
    - red
    - amber
    - yellow

SegmentationPolicy

A Segmentation Policy defines a particular type of segmentation such as network zones, infrastructure environments, etc, that allow grouping resources and defining Access Control Lists (ACLs) based on these types.

FieldDescriptionValidation Rule

intraZonalTraffic

bool
When set to true, traffic within the same zone is allowed by default, without having to create explicit policy rules for that purpose.

zones

List of string
List of zones that belong to this segmentation type

repeated = {
  items: {string:{min_len:1}}
}