Skip to main content
logoTetrate Service BridgeVersion: next

Segmentation Policy

Alpha early access

The segmentation feature is in an early access alpha state. Before trying this in a non production environment, please reach out to Tetrate first.

A Segmentation Policy defines a particular type of segmentation such as network zones, infrastructure environments, etc, that allow grouping resources and defining Access Control Lists (ACLs) based on these types.

The following example defines the segmentation policy ring with zones red, amber and yellow. Membership to these zones can be defined statically, by creating a Membership resource with the corresponding resource assignments.

apiVersion: segmentation.tsb.tetrate.io/v1
kind: SegmentationPolicy
metadata:
organization: myorg
name: ring
spec:
intraZonalTraffic: true
zones:
- red
- amber
- yellow

SegmentationPolicy

A Segmentation Policy defines a particular type of segmentation such as network zones, infrastructure environments, etc, that allow grouping resources and defining Access Control Lists (ACLs) based on these types.

FieldDescriptionValidation Rule

intraZonalTraffic

bool
When set to true, traffic within the same zone is allowed by default, without having to create explicit policy rules for that purpose.

zones

List of string
List of zones that belong to this segmentation type

repeated = {
  items: {string:{min_len:1}}
}