This document describes all supported annotations and their functions. You can add these annotations in the Ingress resources so that advanced features in Apache APISIX can be combined into Ingress resources.
Note all keys and values of annotations are strings, so boolean value like
true
andfalse
should be represented as"true"
and"false"
.
In order to enable CORS, the annotation k8s.apisix.apache.org/enable-cors
should be set to "true"
, also, there are some other annotations to customize the cors behavior.
k8s.apisix.apache.org/cors-allow-origin
This annotation controls which origins will be allowed, multiple origins join together with ,
, for instance: https://foo.com,http://bar.com:8080
Default value is "*"
, which means all origins are allowed.
k8s.apisix.apache.org/cors-allow-headers
This annotation controls which headers are accepted, multiple headers join together with ,
.
Default is "*"
, which means all headers are accepted.
k8s.apisix.apache.org/cors-allow-methods
This annotation controls which methods are accepted, multiple methods join together with ,
.
Default is "*"
, which means all HTTP methods are accepted.
You can specify the allowed client IP addresses or nets by the annotation k8s.apisix.apache.org/allowlist-source-range
, multiple IP addresses or nets join together with ,
, for instance, k8s.apisix.apache.org/allowlist-source-range: 10.0.5.0/16,127.0.0.1,192.168.3.98
. Default value is empty, which means the sources are not limited.
You can specify the denied client IP addresses or nets by the annotation k8s.apisix.apache.org/blocklist-source-range
, multiple IP addresses or nets join together with ,
, for instance, k8s.apisix.apache.org/blocklist-source-range: 127.0.0.1,172.17.0.0/16
. Default value is empty, which means the sources are not limited.