helm:bootstrapping Consul clients with custom ACL policies #681
Comments
|
That's a good suggestion. Tagging this as an enhancement that we can take a look at in the future. |
|
@infa-bsurber The Consul team is looking for more feedback on the Consul Helm Chart. If any of you have 3 minutes, consider filling out our survey. |
t-eckert
changed the title
* update values file to enable health checks by default and add comments, update unit tests accordingly
|
Hi there. I just wanted to follow up on this issue since its been a while since this has received attention. We currently do not plan on prioritizing Consul K8s as a storage backend, as Integrated storage is now the recommended storage backend for Vault as described here: https://www.vaultproject.io/docs/configuration/storage#integrated-storage-vs-external-storage. We will also be moving towards a model where Consul Login via Auth methods will be preferred over ACL tokens as that greatly simplifies how we manage ACL tokens. I'll close this but wanted to provide more information on where Consul K8s is heading. Thank you for your feedback. |
As a followup to bootstrapACLs.
I'm using this Consul cluster to back my Vault, which requires adding a custom ACL policy to support Vault's needs.
It would be great to be able to supply extraACLPolicies which would then be added to Consul and an ACL token created for each then stored in K8s secrets.
Bonus points if the Consul client can be configured to use these custom ACL policies+tokens.
The text was updated successfully, but these errors were encountered: