|
|
|
|
@ -15,9 +15,9 @@ Consul uses a lightweight gossip and RPC system which provides various essential
|
|
|
|
|
provide security mechanisms which should be used to enable confidentiality, integrity and authentication. |
|
|
|
|
|
|
|
|
|
Using defense in depth is crucial for Consul security, and deployment requirements may differ drastically depending on |
|
|
|
|
your use case. Some security features for multi-tenant deployments are offered exclusively in the enterprise version. |
|
|
|
|
This documentation may need to be adapted to your environment, but the general mechanisms for a secure Consul deployment |
|
|
|
|
revolve around: |
|
|
|
|
your use case. Some security features for multi-tenant deployments are offered exclusively in the |
|
|
|
|
[Enterprise](/docs/enterprise) version. This documentation may need to be adapted to your |
|
|
|
|
environment, but the general mechanisms for a secure Consul deployment revolve around: |
|
|
|
|
|
|
|
|
|
- **mTLS** - Mutual authentication of both the TLS server and client x509 certificates prevents internal abuse from |
|
|
|
|
unauthorized access to network components within the cluster. |
|
|
|
|
|
Kent 'picat' Gruber
4 years ago