github.com/cilium/cilium@v1.16.2/Documentation/security/network/intro.rst

github.com/cilium/cilium@v1.16.2/Documentation/security/network/intro.rst (about)

     1  .. only:: not (epub or latex or html)
     2  
     3      WARNING: You are looking at unreleased Cilium documentation.
     4      Please use the official rendered version released here:
     5      https://docs.cilium.io
     6  
     7  ************
     8  Introduction
     9  ************
    10  
    11  Cilium provides security on multiple levels. Each can be used individually or
    12  combined together.
    13  
    14  * :ref:`arch_id_security`: Connectivity policies between endpoints (Layer 3),
    15    e.g. any endpoint with label ``role=frontend`` can connect to any endpoint with
    16    label ``role=backend``.
    17  * Restriction of accessible ports (Layer 4) for both incoming and outgoing
    18    connections, e.g. endpoint with label ``role=frontend`` can only make outgoing
    19    connections on port 443 (https) and endpoint ``role=backend`` can only accept
    20    connections on port 443 (https).
    21  * Fine grained access control on application protocol level to secure HTTP and
    22    remote procedure call (RPC) protocols, e.g the endpoint with label
    23    ``role=frontend`` can only perform the REST API call ``GET /userdata/[0-9]+``,
    24    all other API interactions with ``role=backend`` are restricted.