Skip to main content

Deny

Overview

The Deny Traffic Policy action enables you to reject incoming requests on your endpoints before they make it to your upstream service.

Configuration Reference

This is the Traffic Policy configuration reference for this action.

Action Type

deny

Configuration Fields

This action does not have any configuration fields for TLS endpoints.

Behavior

When this action is executed, the upstream server is never reached and a response is immediately returned and no further actions or rules in the policy configuration will be executed.

Examples

Deny all traffic

The following Traffic Policy configuration will deny all inbound traffic on your endpoint.

Example Traffic Policy Document

---
on_tcp_connect:
- actions:
- type: "deny"

Example Request

$ curl 12e461b71f86488a.ngrok.app:443
curl: (52) Empty reply from server

In this example, we attempt to connect to 12e461b71f86488a.ngrok.app:443 using the curl command and ngrok immediately closes the connection with an empty reply.

Action Result Variables

The following variables are made available for use in subsequent expressions and CEL interpolations after the action has run. Variable values will only apply to the last action execution, results are not concatenated.

This action does not set any variables after it has been executed.