Control traffic with policies

Use Gloo Mesh policies to control the traffic within your service mesh environment. Review the following available policies, set up a demo environment, or learn how to apply policies to your resources.

Resilience policies


Use a failover policy to reroute traffic to a different service in case of failure.

Fault injection

Test the resilience of your apps by injecting delays and connection failures.

Outlier detection

Track the status of each upstream destination so that you can temporarily remove unhealthy destinations.


Reduce transient failures and hanging systems by setting retries and timeouts.


Reduce transient failures and hanging systems by setting retries and timeouts.

Security policies


Control access for workloads in your service mesh.


Enforce client-site access controls with cross-origin resource sharing (CORS).


Apply a CSRF filter to the gateway to help prevent cross-site request forgery attacks.

External auth

Set up an external authentication and authorization, such as with basic, passthrough, API key, OAuth, OPA, or LDAP auth.

Traffic control policies


Duplicate outgoing traffic, to test a new app.

Header manipulation

Append or remove HTTP request and response headers at the route level.

Rate limit

Control the rate of requests to a destination or route.


Alter a request before matching and routing, such as with an Inja header template.


WebAssembly (Wasm) deployment

Add a Wasm filter to the Envoy sidecar proxy, for use cases such as customizing the endpoints and thresholds for your workloads.