mirror of https://github.com/hashicorp/consul
25 lines
1.1 KiB
Markdown
25 lines
1.1 KiB
Markdown
---
|
|
layout: docs
|
|
page_title: Sentinel in Consul (Enterprise)
|
|
description: >-
|
|
Sentinel is an access-control-policy-as-code framework and language. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities and further secure your clusters by controlling key-value (KV) store write access.
|
|
---
|
|
|
|
# Sentinel in Consul
|
|
|
|
<EnterpriseAlert>
|
|
This feature requires
|
|
HashiCorp Cloud Platform (HCP) or self-managed Consul Enterprise.
|
|
Refer to the{' '}
|
|
<a href="/docs/enterprise#consul-enterprise-feature-availability">enterprise feature matrix</a>
|
|
{' '}for additional information.
|
|
</EnterpriseAlert>
|
|
|
|
Sentinel policies extend the ACL system in Consul beyond static "read", "write",
|
|
and "deny" policies to support full conditional logic and integration with
|
|
external systems. Reference the [Sentinel documentation](https://docs.hashicorp.com/sentinel/concepts/) for high-level Sentinel concepts.
|
|
|
|
To get started with Sentinel in Consul,
|
|
[read the general documentation](https://docs.hashicorp.com/sentinel/consul) or
|
|
[Consul documentation](/docs/agent/sentinel).
|