consul/website/content/docs/security/index.mdx

31 lines
1.2 KiB
Markdown

---
layout: docs
page_title: Security - Overview
description: >-
Security requirements and recommendations for Consul vary depending on workloads and environments. Learn how ACLs and encryption can protect access to and communication within your datacenter.
---
# Consul security
This topic describes the security requirements and recommendations for a Consul deployment.
## Security Models
Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your
intended workloads, operating system, and environment. You can find detailed information about the various personas,
recommendations, requirements, and threats in the [Security Models](/consul/docs/security/security-models) section.
## ACLs
Consul provides an optional [Access Control List (ACL) system](/consul/docs/security/acl) which can be used to control access
to data and APIs.
## Encryption
The Consul agent supports encryption for all of its network traffic. There are two separate encryption systems:
- A gossip encryption system
- An mTLS encryption system for HTTP and RPC
For more information about these two different encryption systems, as well as configuration guidance, refer to [Consul encryption](/consul/docs/security/encryption).