2024-12-09 15:59:59 +01:00
|
|
|
|
---
|
|
|
|
|
|
title: Access Policy
|
|
|
|
|
|
layout: default
|
|
|
|
|
|
parent: Middleware
|
|
|
|
|
|
nav_order: 3
|
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Access Policy Middleware
|
|
|
|
|
|
The Access Policy middleware controls route access by either allowing or denying requests based on defined rules.
|
|
|
|
|
|
It supports two actions: `ALLOW` and `DENY`.
|
|
|
|
|
|
|
|
|
|
|
|
### How It Works
|
|
|
|
|
|
1. **Define an action:** Specify whether the middleware should `ALLOW` or `DENY` access.
|
|
|
|
|
|
|
2024-12-09 18:33:44 +01:00
|
|
|
|
2. **Set sourceRanges:** Provide a list of IP addresses, IP ranges or a CIDR block to which the policy applies.
|
2024-12-09 15:59:59 +01:00
|
|
|
|
|
|
|
|
|
|
Requests originating from these sources will be evaluated according to the specified action.
|
|
|
|
|
|
|
|
|
|
|
|
#### Example Configuration
|
|
|
|
|
|
Here’s an example of an Access Policy middleware configuration in YAML:
|
|
|
|
|
|
|
|
|
|
|
|
```yaml
|
|
|
|
|
|
middlewares:
|
|
|
|
|
|
- name: access-policy
|
|
|
|
|
|
type: accessPolicy
|
|
|
|
|
|
rule:
|
|
|
|
|
|
action: DENY # Specify either DENY or ALLOW
|
|
|
|
|
|
sourceRanges:
|
|
|
|
|
|
- 192.168.1.1 # Single IP address
|
2024-12-09 18:33:44 +01:00
|
|
|
|
- 10.42.1.1-10.42.1.100 # IP range
|
|
|
|
|
|
- 10.42.1.1/16 # CIDR block
|
2024-12-09 15:59:59 +01:00
|
|
|
|
```
|
