I’ve tested a deployment of Consul Connect in Kubernetes but Enabling the Deny All policy is not blocking traffic to and from the pods that are running connect. I am using the docs and learn as a guide.
I’m testing it with Snipeit, a basic web app, I enabled the connect annotation on both deployments of the the app and it’s db. Both pods restarted and I see the side car containers are running along side them. I then enabled a policy to Deny All to Any Service in Consul.
Without adding an intention to allow the two services to communicate they are still able to communicate, I am not sure what I have deployed incorrectly here.