-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Documentation guide for Consul Connect with ACLs enabled #7057
Comments
Cloud you please write a simple one first? |
I was a bit lost last week needed this doc but here are my notes :
I spent some time understanding we needed a consul token in nomad config to tell nomad to derive a SI token.
My token was in consul client config. I had to add one to nomad's config. |
@commarla Thanks. I use master key, and it works. Do you have some advices on how to specify the consul acl polices for nomad client? |
@leptonyu I used this policy
I added It's working and I (like you) waiting for the official documentation. |
You're right. acl need to turn on 'write'. But it's not good. My working policy is this.
|
agree! ... these tokens are part of nomad config and unless that is secure, any one can create a management token out of it! |
With massive thanks for efforts from @angrycub, we have a guide! |
h/t to @spuder and @skipperza for their work with rough cuts of the guide and for all the awesome feedback. |
I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues. |
Write a documentation guide for Consul Connect when Consul ACLs are enabled.
Followup from #6905
The text was updated successfully, but these errors were encountered: