mirror of https://github.com/hashicorp/consul
25 lines
1.0 KiB
Markdown
25 lines
1.0 KiB
Markdown
---
|
|
layout: docs
|
|
page_title: Sentinel in Consul (Enterprise)
|
|
description: >-
|
|
Sentinel is an access-control-policy-as-code framework and language. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities and further secure your clusters by controlling key-value (KV) store write access.
|
|
---
|
|
|
|
# Sentinel in Consul
|
|
|
|
<EnterpriseAlert>
|
|
|
|
This feature requires
|
|
HashiCorp Cloud Platform (HCP) or self-managed Consul Enterprise.
|
|
Refer to the [enterprise feature matrix](/consul/docs/enterprise#consul-enterprise-feature-availability) for additional information.
|
|
|
|
</EnterpriseAlert>
|
|
|
|
Sentinel policies extend the ACL system in Consul beyond static "read", "write",
|
|
and "deny" policies to support full conditional logic and integration with
|
|
external systems. Reference the [Sentinel documentation](https://docs.hashicorp.com/sentinel/concepts) for high-level Sentinel concepts.
|
|
|
|
To get started with Sentinel in Consul,
|
|
[read the general documentation](https://docs.hashicorp.com/sentinel/consul) or
|
|
[Consul documentation](/consul/docs/agent/sentinel).
|