Jack Pearkes
a8c1ebe6fb
Fix some broken links in docs ( #4858 )
...
* website: let curl make noise during website deploy
* website: fix a handful of broken links
2018-10-26 10:55:12 -07:00
Matt Keeler
2b4d3eabfe
Fix some uuids and make it clear that the SecretID is used for agent tokens ( #4845 )
2018-10-24 09:47:55 -04:00
Matt Keeler
1ac888aa8c
ACL documentation ( #4824 )
...
* Updating the ACL guide.
* Update the docs correctly
* Finish updating the ACL docs - for now.
2018-10-19 13:26:31 -07:00
Kyle Havlovitz
c617326470
re-add Connect multi-dc config changes
...
This reverts commit 8bcfbaffb6
.
2018-10-19 08:41:03 -07:00
Jack Pearkes
8bcfbaffb6
Revert "Connect multi-dc config" ( #4784 )
2018-10-11 17:32:45 +01:00
Aestek
25f04fbd21
[Security] Add finer control over script checks ( #4715 )
...
* Add -enable-local-script-checks options
These options allow for a finer control over when script checks are enabled by
giving the option to only allow them when they are declared from the local
file system.
* Add documentation for the new option
* Nitpick doc wording
2018-10-11 13:22:11 +01:00
Kyle Havlovitz
56dc426227
agent: add primary_datacenter and connect replication config options
2018-10-10 12:17:59 -07:00
Kyle Havlovitz
46c829b879
docs: deprecate acl_datacenter and replace it with primary_datacenter
2018-10-10 12:16:47 -07:00
Jack Pearkes
c1bf14be30
website: use 127.0.0.1 instead of consul.rocks ( #4523 )
...
By default, the Consul agent listens on the local interface
at port 8500 for API requests. This change makes the API examples
using `curl` copy-pasteable for this default configuration.
2018-08-28 09:07:15 -07:00
Miroslav Bagljas
3c23979afd
Fixes #4483 : Add support for Authorization: Bearer token Header ( #4502 )
...
Added Authorization Bearer token support as per RFC6750
* appended Authorization header token parsing after X-Consul-Token
* added test cases
* updated website documentation to mention Authorization header
* improve tests, improve Bearer parsing
2018-08-17 16:18:42 -04:00
Pierre Souchay
1e7665c0d5
Updated documentation and adding more test case for async-cache
2018-07-01 23:50:30 +02:00
Pierre Souchay
bfc83ce045
Updated ACL guide
2018-07-01 23:50:30 +02:00
Jack Pearkes
6fb94ff40a
website: clarify where ACL token is set in the UI
2018-03-14 16:50:04 -07:00
Jack Pearkes
c66628a06f
website: add section on securing the UI with ACLs
...
Figured it would be worth documenting due to #3931 .
2018-03-14 16:46:04 -07:00
Paul Banks
e833b535a6
Notes on ACL token storage and permissions
2018-03-02 16:20:11 +00:00
Preetha Appan
41ec69f71a
Update ACL guide to describe the new list policy for Keys
2017-10-04 06:19:20 -05:00
Preetha Appan
54bb478372
Update sentinel documentation to remove features that are coming in a future release
2017-09-28 21:00:00 -05:00
Preetha Appan
7ca8b3ad8b
Adds documentation for Sentinel integration in Consul Enterprise.
2017-09-19 09:02:53 -05:00
James Phillips
4bee2e49f5
Adds secure introduction for the ACL replication token. ( #3357 )
...
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
James Phillips
c0a5ad7903
Adds a new /v1/acl/bootstrap API ( #3349 )
2017-08-02 17:05:18 -07:00
James Phillips
496b0bcf07
Adds support for agent-side ACL token management via API instead of config files. ( #3324 )
...
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
James Phillips
cbfb4388d1
Update acl.html.md
2017-07-18 07:44:35 -07:00
James Phillips
37c78e3077
Improves structure of ACL guide.
2017-07-18 07:41:59 -07:00
James Phillips
0c376fb656
Removes a merge conflict marker from the ACL guide.
2017-07-18 07:35:17 -07:00
Charlie Voiselle
6c75e79158
Removed localhost from links ( #3289 )
...
Two links were still referring to localhost. Made them relative and tested.
2017-07-17 19:59:58 -07:00
James Phillips
1791d99a10
Adds new config to make script checks opt-in, updates documentation. ( #3284 )
2017-07-17 11:20:35 -07:00
James Phillips
780e68a753
Changes remote exec KV read to call GetTokenForAgent(). ( #3283 )
...
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.
Fixes #3160 .
* Fixes remote exec unit test with ACLs.
* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips
1004d0ec0e
Adds node read privileges to the acl_agent_master_token. ( #3277 )
...
Fixes #3113 .
2017-07-16 20:08:26 -07:00
James Phillips
a5461ce368
Update acl.html.md
2017-07-13 22:40:15 -07:00
James Phillips
0881e46111
Cleans up version 8 ACLs in the agent and the docs. ( #3248 )
...
* Moves magic check and service constants into shared structs package.
* Removes the "consul" service from local state.
Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.
* Makes coordinate update ACL log message a warning, similar to other AE warnings.
* Adds much more detailed examples for bootstrapping ACLs.
This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234 .
2017-07-13 22:33:47 -07:00
Frank Schroeder
df91388b7b
website: rename *.markdown to *.md
2017-05-17 20:25:45 +02:00