Hi Team,
There is something really confusing for me: I have created a service to access database server on multiple hosts.
- host.v1 config: TCP / localhost / port 4900 / bind using edge identity
- intercept.v1: TCP / port 4900 / addresses srv1.mydomain, srv2.mydomain, ... (or *.mydomain) / dial option: $dst_hostname
After controller and router reboot (unfortunately), I'm able to access one or another server.
Now, I want to restrict access to certain servers for certain users. So:
- I create an attribute ServerGroup1
- I assign it to srv1.mydomain
- I assign it also to the bind policy
Therefore, I should be able to access only srv1.mydomain but actually, I still can access the other servers. So it looks like policies are not applied when multiple servers can be reached for the same service. Am I right?