Commit Graph

19 Commits (cc214d45b653e0e3e04830531d170483956dbb02)

Author SHA1 Message Date
Jack Pearkes 6fb94ff40a website: clarify where ACL token is set in the UI 2018-03-14 16:50:04 -07:00
Jack Pearkes c66628a06f website: add section on securing the UI with ACLs
Figured it would be worth documenting due to #3931.
2018-03-14 16:46:04 -07:00
Paul Banks e833b535a6
Notes on ACL token storage and permissions 2018-03-02 16:20:11 +00:00
Preetha Appan 41ec69f71a Update ACL guide to describe the new list policy for Keys 2017-10-04 06:19:20 -05:00
Preetha Appan 54bb478372 Update sentinel documentation to remove features that are coming in a future release 2017-09-28 21:00:00 -05:00
Preetha Appan 7ca8b3ad8b
Adds documentation for Sentinel integration in Consul Enterprise. 2017-09-19 09:02:53 -05:00
James Phillips 4bee2e49f5 Adds secure introduction for the ACL replication token. (#3357)
Adds secure introduction for the ACL replication token, as well as a separate enable config for ACL replication.
2017-08-03 15:39:31 -07:00
James Phillips c0a5ad7903 Adds a new /v1/acl/bootstrap API (#3349) 2017-08-02 17:05:18 -07:00
James Phillips 496b0bcf07 Adds support for agent-side ACL token management via API instead of config files. (#3324)
* Adds token store and removes all runtime use of config for ACL tokens.
* Adds a new API for changing agent tokens on the fly.
2017-07-26 11:03:43 -07:00
James Phillips cbfb4388d1 Update acl.html.md 2017-07-18 07:44:35 -07:00
James Phillips 37c78e3077 Improves structure of ACL guide. 2017-07-18 07:41:59 -07:00
James Phillips 0c376fb656 Removes a merge conflict marker from the ACL guide. 2017-07-18 07:35:17 -07:00
Charlie Voiselle 6c75e79158 Removed localhost from links (#3289)
Two links were still referring to localhost. Made them relative and tested.
2017-07-17 19:59:58 -07:00
James Phillips 1791d99a10 Adds new config to make script checks opt-in, updates documentation. (#3284) 2017-07-17 11:20:35 -07:00
James Phillips 780e68a753 Changes remote exec KV read to call GetTokenForAgent(). (#3283)
* Changes remote exec KV read to call GetTokenForAgent(), which can use
the acl_agent_token instead of the acl_token.

Fixes #3160.

* Fixes remote exec unit test with ACLs.

* Adds unhappy ACL path to unit tests for remote exec.
2017-07-16 21:12:16 -07:00
James Phillips 1004d0ec0e Adds node read privileges to the acl_agent_master_token. (#3277)
Fixes #3113.
2017-07-16 20:08:26 -07:00
James Phillips a5461ce368 Update acl.html.md 2017-07-13 22:40:15 -07:00
James Phillips 0881e46111 Cleans up version 8 ACLs in the agent and the docs. (#3248)
* Moves magic check and service constants into shared structs package.

* Removes the "consul" service from local state.

Since this service is added by the leader, it doesn't really make sense to
also keep it in local state (which requires special ACLs to configure), and
requires a bunch of special cases in the local state logic. This requires
fewer special cases and makes ACL bootstrapping cleaner.

* Makes coordinate update ACL log message a warning, similar to other AE warnings.

* Adds much more detailed examples for bootstrapping ACLs.

This can hopefully replace https://gist.github.com/slackpad/d89ce0e1cc0802c3c4f2d84932fa3234.
2017-07-13 22:33:47 -07:00
Frank Schroeder df91388b7b
website: rename *.markdown to *.md 2017-05-17 20:25:45 +02:00