Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Consul Provider
  3. API Docs
  4. Intention
Consul v3.12.4 published on Wednesday, Feb 12, 2025 by Pulumi
pulumi/pulumi-consul

consul.Intention

Explore with Pulumi AI

Consul v3.12.4 published on Wednesday, Feb 12, 2025 by Pulumi
pulumi/pulumi-consul

Intentions are used to define rules for which services may connect to one another when using Consul Connect.

NOTE: This resource is appropriate for managing legacy intentions in Consul version 1.8 and earlier. As of Consul 1.9, intentions should be managed using the service-intentions configuration entry. It is recommended to migrate from the consul.Intention resource to consul.ConfigEntry when running Consul 1.9 and later.

It is appropriate to either reference existing services, or specify non-existent services that will be created in the future when creating intentions. This resource can be used in conjunction with the consul.Service datasource when referencing services registered on nodes that have a running Consul agent.

Example Usage

Create a simplest intention with static service names:

import * as pulumi from "@pulumi/pulumi";
import * as consul from "@pulumi/consul";

const database = new consul.Intention("database", {
    sourceName: "api",
    destinationName: "db",
    action: "allow",
});
Copy
import pulumi
import pulumi_consul as consul

database = consul.Intention("database",
    source_name="api",
    destination_name="db",
    action="allow")
Copy
package main

import (
	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := consul.NewIntention(ctx, "database", &consul.IntentionArgs{
			SourceName:      pulumi.String("api"),
			DestinationName: pulumi.String("db"),
			Action:          pulumi.String("allow"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Consul = Pulumi.Consul;

return await Deployment.RunAsync(() => 
{
    var database = new Consul.Intention("database", new()
    {
        SourceName = "api",
        DestinationName = "db",
        Action = "allow",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.consul.Intention;
import com.pulumi.consul.IntentionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var database = new Intention("database", IntentionArgs.builder()
            .sourceName("api")
            .destinationName("db")
            .action("allow")
            .build());

    }
}
Copy
resources:
  database:
    type: consul:Intention
    properties:
      sourceName: api
      destinationName: db
      action: allow
Copy

Referencing a known service via a datasource:

import * as pulumi from "@pulumi/pulumi";
import * as consul from "@pulumi/consul";

const database = new consul.Intention("database", {
    sourceName: "api",
    destinationName: pgConsulService.name,
    action: "allow",
});
const pg = consul.getService({
    name: "postgresql",
});
Copy
import pulumi
import pulumi_consul as consul

database = consul.Intention("database",
    source_name="api",
    destination_name=pg_consul_service["name"],
    action="allow")
pg = consul.get_service(name="postgresql")
Copy
package main

import (
	"github.com/pulumi/pulumi-consul/sdk/v3/go/consul"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := consul.NewIntention(ctx, "database", &consul.IntentionArgs{
			SourceName:      pulumi.String("api"),
			DestinationName: pulumi.Any(pgConsulService.Name),
			Action:          pulumi.String("allow"),
		})
		if err != nil {
			return err
		}
		_, err = consul.LookupService(ctx, &consul.LookupServiceArgs{
			Name: "postgresql",
		}, nil)
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Consul = Pulumi.Consul;

return await Deployment.RunAsync(() => 
{
    var database = new Consul.Intention("database", new()
    {
        SourceName = "api",
        DestinationName = pgConsulService.Name,
        Action = "allow",
    });

    var pg = Consul.GetService.Invoke(new()
    {
        Name = "postgresql",
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.consul.Intention;
import com.pulumi.consul.IntentionArgs;
import com.pulumi.consul.ConsulFunctions;
import com.pulumi.consul.inputs.GetServiceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var database = new Intention("database", IntentionArgs.builder()
            .sourceName("api")
            .destinationName(pgConsulService.name())
            .action("allow")
            .build());

        final var pg = ConsulFunctions.getService(GetServiceArgs.builder()
            .name("postgresql")
            .build());

    }
}
Copy
resources:
  database:
    type: consul:Intention
    properties:
      sourceName: api
      destinationName: ${pgConsulService.name}
      action: allow
variables:
  pg:
    fn::invoke:
      function: consul:getService
      arguments:
        name: postgresql
Copy

Create Intention Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Intention(name: string, args: IntentionArgs, opts?: CustomResourceOptions);
@overload
def Intention(resource_name: str,
              args: IntentionArgs,
              opts: Optional[ResourceOptions] = None)

@overload
def Intention(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              action: Optional[str] = None,
              destination_name: Optional[str] = None,
              source_name: Optional[str] = None,
              datacenter: Optional[str] = None,
              description: Optional[str] = None,
              destination_namespace: Optional[str] = None,
              meta: Optional[Mapping[str, str]] = None,
              source_namespace: Optional[str] = None)
func NewIntention(ctx *Context, name string, args IntentionArgs, opts ...ResourceOption) (*Intention, error)
public Intention(string name, IntentionArgs args, CustomResourceOptions? opts = null)
public Intention(String name, IntentionArgs args)
public Intention(String name, IntentionArgs args, CustomResourceOptions options)

type: consul:Intention
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. IntentionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. IntentionArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. IntentionArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. IntentionArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. IntentionArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var intentionResource = new Consul.Intention("intentionResource", new()
{
    Action = "string",
    DestinationName = "string",
    SourceName = "string",
    Datacenter = "string",
    Description = "string",
    DestinationNamespace = "string",
    Meta = 
    {
        { "string", "string" },
    },
    SourceNamespace = "string",
});
Copy
example, err := consul.NewIntention(ctx, "intentionResource", &consul.IntentionArgs{
	Action:               pulumi.String("string"),
	DestinationName:      pulumi.String("string"),
	SourceName:           pulumi.String("string"),
	Datacenter:           pulumi.String("string"),
	Description:          pulumi.String("string"),
	DestinationNamespace: pulumi.String("string"),
	Meta: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	SourceNamespace: pulumi.String("string"),
})
Copy
var intentionResource = new Intention("intentionResource", IntentionArgs.builder()
    .action("string")
    .destinationName("string")
    .sourceName("string")
    .datacenter("string")
    .description("string")
    .destinationNamespace("string")
    .meta(Map.of("string", "string"))
    .sourceNamespace("string")
    .build());
Copy
intention_resource = consul.Intention("intentionResource",
    action="string",
    destination_name="string",
    source_name="string",
    datacenter="string",
    description="string",
    destination_namespace="string",
    meta={
        "string": "string",
    },
    source_namespace="string")
Copy
const intentionResource = new consul.Intention("intentionResource", {
    action: "string",
    destinationName: "string",
    sourceName: "string",
    datacenter: "string",
    description: "string",
    destinationNamespace: "string",
    meta: {
        string: "string",
    },
    sourceNamespace: "string",
});
Copy
type: consul:Intention
properties:
    action: string
    datacenter: string
    description: string
    destinationName: string
    destinationNamespace: string
    meta:
        string: string
    sourceName: string
    sourceNamespace: string
Copy

Intention Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Intention resource accepts the following input properties:

Action This property is required. string
The intention action. Must be one of allow or deny.
DestinationName
This property is required.
Changes to this property will trigger replacement.
string
The name of the destination service for the intention. This service does not have to exist.
SourceName This property is required. string
The name of the source service for the intention. This service does not have to exist.
Datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
Description string
Optional description that can be used by Consul tooling, but is not used internally.
DestinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
Meta Dictionary<string, string>
Key/value pairs that are opaque to Consul and are associated with the intention.
SourceNamespace string
The source namespace of the intention.
Action This property is required. string
The intention action. Must be one of allow or deny.
DestinationName
This property is required.
Changes to this property will trigger replacement.
string
The name of the destination service for the intention. This service does not have to exist.
SourceName This property is required. string
The name of the source service for the intention. This service does not have to exist.
Datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
Description string
Optional description that can be used by Consul tooling, but is not used internally.
DestinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
Meta map[string]string
Key/value pairs that are opaque to Consul and are associated with the intention.
SourceNamespace string
The source namespace of the intention.
action This property is required. String
The intention action. Must be one of allow or deny.
destinationName
This property is required.
Changes to this property will trigger replacement.
String
The name of the destination service for the intention. This service does not have to exist.
sourceName This property is required. String
The name of the source service for the intention. This service does not have to exist.
datacenter Changes to this property will trigger replacement. String
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description String
Optional description that can be used by Consul tooling, but is not used internally.
destinationNamespace Changes to this property will trigger replacement. String
The destination namespace of the intention.
meta Map<String,String>
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceNamespace String
The source namespace of the intention.
action This property is required. string
The intention action. Must be one of allow or deny.
destinationName
This property is required.
Changes to this property will trigger replacement.
string
The name of the destination service for the intention. This service does not have to exist.
sourceName This property is required. string
The name of the source service for the intention. This service does not have to exist.
datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description string
Optional description that can be used by Consul tooling, but is not used internally.
destinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
meta {[key: string]: string}
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceNamespace string
The source namespace of the intention.
action This property is required. str
The intention action. Must be one of allow or deny.
destination_name
This property is required.
Changes to this property will trigger replacement.
str
The name of the destination service for the intention. This service does not have to exist.
source_name This property is required. str
The name of the source service for the intention. This service does not have to exist.
datacenter Changes to this property will trigger replacement. str
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description str
Optional description that can be used by Consul tooling, but is not used internally.
destination_namespace Changes to this property will trigger replacement. str
The destination namespace of the intention.
meta Mapping[str, str]
Key/value pairs that are opaque to Consul and are associated with the intention.
source_namespace str
The source namespace of the intention.
action This property is required. String
The intention action. Must be one of allow or deny.
destinationName
This property is required.
Changes to this property will trigger replacement.
String
The name of the destination service for the intention. This service does not have to exist.
sourceName This property is required. String
The name of the source service for the intention. This service does not have to exist.
datacenter Changes to this property will trigger replacement. String
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description String
Optional description that can be used by Consul tooling, but is not used internally.
destinationNamespace Changes to this property will trigger replacement. String
The destination namespace of the intention.
meta Map<String>
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceNamespace String
The source namespace of the intention.

Outputs

All input properties are implicitly available as output properties. Additionally, the Intention resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing Intention Resource

Get an existing Intention resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: IntentionState, opts?: CustomResourceOptions): Intention
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        datacenter: Optional[str] = None,
        description: Optional[str] = None,
        destination_name: Optional[str] = None,
        destination_namespace: Optional[str] = None,
        meta: Optional[Mapping[str, str]] = None,
        source_name: Optional[str] = None,
        source_namespace: Optional[str] = None) -> Intention
func GetIntention(ctx *Context, name string, id IDInput, state *IntentionState, opts ...ResourceOption) (*Intention, error)
public static Intention Get(string name, Input<string> id, IntentionState? state, CustomResourceOptions? opts = null)
public static Intention get(String name, Output<String> id, IntentionState state, CustomResourceOptions options)
resources:  _:    type: consul:Intention    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Action string
The intention action. Must be one of allow or deny.
Datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
Description string
Optional description that can be used by Consul tooling, but is not used internally.
DestinationName Changes to this property will trigger replacement. string
The name of the destination service for the intention. This service does not have to exist.
DestinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
Meta Dictionary<string, string>
Key/value pairs that are opaque to Consul and are associated with the intention.
SourceName string
The name of the source service for the intention. This service does not have to exist.
SourceNamespace string
The source namespace of the intention.
Action string
The intention action. Must be one of allow or deny.
Datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
Description string
Optional description that can be used by Consul tooling, but is not used internally.
DestinationName Changes to this property will trigger replacement. string
The name of the destination service for the intention. This service does not have to exist.
DestinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
Meta map[string]string
Key/value pairs that are opaque to Consul and are associated with the intention.
SourceName string
The name of the source service for the intention. This service does not have to exist.
SourceNamespace string
The source namespace of the intention.
action String
The intention action. Must be one of allow or deny.
datacenter Changes to this property will trigger replacement. String
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description String
Optional description that can be used by Consul tooling, but is not used internally.
destinationName Changes to this property will trigger replacement. String
The name of the destination service for the intention. This service does not have to exist.
destinationNamespace Changes to this property will trigger replacement. String
The destination namespace of the intention.
meta Map<String,String>
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceName String
The name of the source service for the intention. This service does not have to exist.
sourceNamespace String
The source namespace of the intention.
action string
The intention action. Must be one of allow or deny.
datacenter Changes to this property will trigger replacement. string
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description string
Optional description that can be used by Consul tooling, but is not used internally.
destinationName Changes to this property will trigger replacement. string
The name of the destination service for the intention. This service does not have to exist.
destinationNamespace Changes to this property will trigger replacement. string
The destination namespace of the intention.
meta {[key: string]: string}
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceName string
The name of the source service for the intention. This service does not have to exist.
sourceNamespace string
The source namespace of the intention.
action str
The intention action. Must be one of allow or deny.
datacenter Changes to this property will trigger replacement. str
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description str
Optional description that can be used by Consul tooling, but is not used internally.
destination_name Changes to this property will trigger replacement. str
The name of the destination service for the intention. This service does not have to exist.
destination_namespace Changes to this property will trigger replacement. str
The destination namespace of the intention.
meta Mapping[str, str]
Key/value pairs that are opaque to Consul and are associated with the intention.
source_name str
The name of the source service for the intention. This service does not have to exist.
source_namespace str
The source namespace of the intention.
action String
The intention action. Must be one of allow or deny.
datacenter Changes to this property will trigger replacement. String
The datacenter to use. This overrides the agent's default datacenter and the datacenter in the provider setup.
description String
Optional description that can be used by Consul tooling, but is not used internally.
destinationName Changes to this property will trigger replacement. String
The name of the destination service for the intention. This service does not have to exist.
destinationNamespace Changes to this property will trigger replacement. String
The destination namespace of the intention.
meta Map<String>
Key/value pairs that are opaque to Consul and are associated with the intention.
sourceName String
The name of the source service for the intention. This service does not have to exist.
sourceNamespace String
The source namespace of the intention.

Import

consul_intention can be imported:

$ pulumi import consul:index/intention:Intention database 657a57d6-0d56-57e2-31cb-e9f1ed3c18dd
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
HashiCorp Consul pulumi/pulumi-consul
License
Apache-2.0
Notes
This Pulumi package is based on the consul Terraform Provider.
Consul v3.12.4 published on Wednesday, Feb 12, 2025 by Pulumi
pulumi/pulumi-consul