Is it possible to declare a microservice for internal purposes only? That is, that such a microservice is not accessible from outside (via the service gateway), but exclusively serves other microservices of the same system?
Yes, this is the default if you don’t explicitly add any ACLs to the service descriptor to make service routes available on the service gateway (or set
withAutoAcl(true) on the descriptor, which automatically makes all service routes available).
@TimMoore So w/o ACL the API is not available form outside but available for other microservices of the same system?
In addition, is it also possible to only partially open up an API? Say, if a microservices has
GET /foo POST /foo GET /bar POST /bar
only the first three are public but the last one is only to be used by other microservices of the same system.
withAcls(acls: ServiceAcl*) instead of
withAutoAcl(true) to pick and choose what’s public and what’s not.