Hmm, this is the first time I’ve heard of giving access to customers via a bastion. Learn something new every day
Since I can’t tell if you’re using OpenSource or our Enterprise tool, I’ll provide 2 routes.
Within Open Source Consul, we provide the
recurse parameter on kv GETs which allows for larger response sets. I highly recommend using this with agent caching, so you are not performing recursive queries multiple times. The benefits of caching are outlined in the documentation, but I also recommend reading about Consul’s consistency model to see if your application can handle stale reads.
For other users who may be using Consul Enterprise, we also provide first class support for namespaces with ACL’s. The main advantage of Enterprise namespace support is that you can generate ACL tokens for your users, and let your users managed that Consul kv namespace themselves. The namespace is then a parameter that can be passed in the query.
I hope these responses help, and please feel free to add any additional detail!