Secure an Ingress
Kubernetes only!
This page describes how to apply an Access Control Policy (ACP) to secure an Ingress.
Introduction¶
After you created an ACP in your cluster, you have to assign it to the Ingress you want to secure.
Traefik Hub uses the Ingress Controller features to set access control on top of your Ingresses.
The Traefik Hub Agent supports the following Ingress Controllers:
| Ingress Controller | Version |
|---|---|
| Traefik Proxy | > v2.7 |
| Nginx Community | > v1 |
Before you begin¶
Before going further, please make sure have the following:
- An account registered on the Traefik Hub platform
- A Kubernetes cluster
- The Traefik Hub Agent installed and running
- A configured Access Control Policy in Traefik Hub
- An ingress exposing a service on your cluster
Web Interface¶
On the page of the service that was exposed by the ingress, you can find the service details.
Find the Edit button next to the ingress section and, in the form, select the Access Control Policy.
Apply the changes by saving the form. Applying the update can take a few moments.
Custom Resource Definition¶
To secure an ingress from the resource, edit the Ingress resource and add the following annotation to the metadata:
metadata:
annotations:
hub.traefik.io/access-control-policy: <..acp-name..>Apply the changes and wait a few seconds before accessing the service through the Ingress.