Open
Description
We need to add document on how to prevent following if customer desires to block them
"
I can bypass any Service level IAM auth policies within a cluster by calling the service "direct" using the kube dns host (app.namespace) rather than the app’s lattice host, as the request does not go via lattice so is not subject to its rules. Are there any thoughts here? As mentioned in the other queries it would be great if kube users just use kube dns styles hosts everywhere and the platform transparently routes them through lattice
"