Documentation Referred:

https://www.consul.io/docs/security/acl/acl-system

Step 1: Create following policy

node_prefix "" {
  policy = "write"
}
service_prefix "" {
   policy = "read"
}

Step 2: Add token within configuration file:

acl = {
  enabled = true
  default_policy = "deny"
  enable_token_persistence = true
  tokens {
    "agent" = "f1f30bb8-af83-ac3e-8944-efe03d782ac6"
  }
}

Step 3: Verification:

systemctl restart consul
journalctl -u consul

Step 4: DNS Check:

dig @localhost -p 8600 consul.service.consul

Anonymous Policy:

node_prefix "" {
  policy = "read"
}
service_prefix "" {
  policy = "read"
}
query_prefix "" {
  policy = "read"
}

dig @localhost -p 8600 consul.service.consul

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

node-acl.md

node-acl.md

Documentation Referred:

Step 1: Create following policy

Step 2: Add token within configuration file:

Step 3: Verification:

Step 4: DNS Check:

Anonymous Policy:

Files

node-acl.md

Latest commit

History

node-acl.md

File metadata and controls

Documentation Referred:

Step 1: Create following policy

Step 2: Add token within configuration file:

Step 3: Verification:

Step 4: DNS Check:

Anonymous Policy: