mirror of https://github.com/hashicorp/consul
6ba776b4f3
This ensures the metrics proxy endpoint is ACL protected behind a wildcard `service:read` and `node:read` set of rules. For Consul Enterprise these will need to span all namespaces: ``` service_prefix "" { policy = "read" } node_prefix "" { policy = "read" } namespace_prefix "" { service_prefix "" { policy = "read" } node_prefix "" { policy = "read" } } ``` This PR contains just the backend changes. The frontend changes to actually pass the consul token header to the proxy through the JS plugin will come in another PR. |
||
---|---|---|
.. | ||
acl.go | ||
acl_oss.go | ||
acl_test.go | ||
authorizer.go | ||
authorizer_oss.go | ||
authorizer_test.go | ||
chained_authorizer.go | ||
chained_authorizer_test.go | ||
errors.go | ||
policy.go | ||
policy_authorizer.go | ||
policy_authorizer_oss.go | ||
policy_authorizer_test.go | ||
policy_merger.go | ||
policy_merger_oss.go | ||
policy_oss.go | ||
policy_test.go | ||
static_authorizer.go | ||
static_authorizer_test.go |