Control traffic with policies

Use Gloo Mesh policies to control the traffic within your service mesh environment. Review the following available policies, set up a demo environment, or learn how to apply policies to your resources.

Resilience policies

Fault injection

Test the resilience of your apps by injecting delays and connection failures.

Retry

Reduce transient failures and hanging systems by setting retries and timeouts.

Timeout

Reduce transient failures and hanging systems by setting retries and timeouts.

Security policies

CORS

Enforce client-site access controls with cross-origin resource sharing (CORS).

CSRF

Apply a CSRF filter to the gateway to help prevent cross-site request forgery attacks.

External auth

Set up an external authentication and authorization, such as with basic, passthrough, API key, OAuth, OPA, or LDAP auth.

Traffic control policies

Mirror

Duplicate outgoing traffic, to test a new app.

Header manipulation

Append or remove HTTP request and response headers at the route level.

Rate limit

Control the rate of requests to a destination or route.

Transformation

Alter a request before matching and routing, such as with an Inja header template.

Extensions

WebAssembly (Wasm) deployment

Add a Wasm filter to your service mesh, for use cases such as customizing the endpoints and thresholds for your workloads.