github
/
consul
mirror of https://github.com/hashicorp/consul
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'main'
${ noResults }
consul/website/content/docs/security/index.mdx

31 lines
1.2 KiB
Raw Permalink Blame History

---
layout: docs
page_title: Security - Overview
description: >-
Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter.
---
# Consul security
This topic describes the security requirements and recommendations for a Consul deployment.
## Security Models
Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your
intended workloads, operating system, and environment. You can find detailed information about the various personas,
recommendations, requirements, and threats in the [Security Models](/consul/docs/security/security-models) section.
## ACLs
Consul provides an optional [Access Control List (ACL) system](/consul/docs/security/acl) which can be used to control access
to data and APIs.
## Encryption
The Consul agent supports encryption for all of its network traffic. There are two separate encryption systems:
- A gossip encryption system
- An mTLS encryption system for HTTP and RPC
For more information about these two different encryption systems, as well as configuration guidance, refer to [Consul encryption](/consul/docs/security/encryption).
Reference in new issue View Git Blame Copy Permalink