Pemission Denied when invoking view

We are getting permission denied on our view when we try invkoing it using grcpcui

1 Like

When running locally, or deployed, and if deployed: over the public internet or through a kalix service proxy?

Do you have any ACLs defined on the view, or globally for the entire service with a defaults file?

We have one global default,
// This is the default Access Control List (ACL) for all components of this Kalix Service
syntax = “proto3”;

package au.com.westpac.example.docker;

import “kalix/annotations.proto”;

// Allow all other Kalix services deployed in the same project to access the components of this
// Kalix service, but disallow access from the internet. This can be overridden explicitly
// per component or method using annotations.
// Documentation at Redirect Notice
option (kalix.file).acl = {
allow: { service: “*” }
};

Hi,
Any update on this?

allow: { service: "*" } means only other services can call it, if you want to be able to call across the public internet you will have to open up the ACL for that, for example allow = { principal: INTERNET } on the specific method or service you want to allow access to.

When running locally, when testing and developing, the ACLs are disabled by default for easy access. This should also be true when accessing a service through the back office using kalix service proxy.

2 Likes