From 7c57830bc48b8abc6adfdb3ee11c28a41e9a958e Mon Sep 17 00:00:00 2001
From: hc-github-team-consul-core <github-team-consul-core@hashicorp.com>
Date: Tue, 14 Nov 2023 12:31:48 -0600
Subject: [PATCH] Backport of Fix ACL permissions for ECS controller into
 release/1.17.x (#19637)

backport of commit 13b7c830bdac5cfa9b65acfc4ab7e7ad83a802ca

Co-authored-by: Ganeshrockz <ganesh.seetharaman@hashicorp.com>
---
 website/content/docs/ecs/deploy/manual.mdx    | 3 ++-
 website/content/docs/ecs/deploy/terraform.mdx | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/website/content/docs/ecs/deploy/manual.mdx b/website/content/docs/ecs/deploy/manual.mdx
index 708a49213a..52b0bda05b 100644
--- a/website/content/docs/ecs/deploy/manual.mdx
+++ b/website/content/docs/ecs/deploy/manual.mdx
@@ -247,7 +247,8 @@ On the Consul server, create a policy that grants the following access for the c
 
 - `acl:write` 
 - `operator:write` 
-- `node:write` 
+- `node:write`
+- `service:write`
 
 The policy allows Consul to generate a token linked to the policy. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for instructions.
 
diff --git a/website/content/docs/ecs/deploy/terraform.mdx b/website/content/docs/ecs/deploy/terraform.mdx
index 623fdb87e3..c091ff4596 100644
--- a/website/content/docs/ecs/deploy/terraform.mdx
+++ b/website/content/docs/ecs/deploy/terraform.mdx
@@ -212,7 +212,8 @@ Verify that you have completed the prerequisites described in [Secure configurat
 
     - `acl:write`
     - `operator:write` 
-    - `node:write` 
+    - `node:write`
+    - `service:write`
     
     The policy allows Consul to generate a token linked to the policy. Refer to [Create a service token](/consul/docs/security/acl/tokens/create/create-a-service-token) for instructions.
 1. Create a token and link it to the ACL controller policy. Refer to the [ACL tokens documentation](/consul/docs/security/acl/tokens) for instructions.