Backport of [Docs] Add note to jwt docs to specify the need for ACLs into release/1.16.x (#18987)

backport of commit 49050446abab599b071e398fa946ee08c28fa99b

Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
This commit is contained in:
hc-github-team-consul-core 2023-09-22 13:31:36 -04:00 committed by GitHub
parent c1a404cb24
commit 002ac9620e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 0 deletions

View File

@ -26,6 +26,10 @@ When configuring your deployment to enforce service intentions with JSON Web Tok
When you set the `JWT{}.Providers` field in a service intentions configuration entry to the wildcard `*`, you can configure default behavior for all services that present a token that matches an existing JWT provider configuration entry. In this configuration, services that have a valid token but do not have a more specific matching intention default to the behavior defined in the wildcard intention. When you set the `JWT{}.Providers` field in a service intentions configuration entry to the wildcard `*`, you can configure default behavior for all services that present a token that matches an existing JWT provider configuration entry. In this configuration, services that have a valid token but do not have a more specific matching intention default to the behavior defined in the wildcard intention.
## Requirements
* **Enable ACLs**. Verify that ACLs are enabled and that the default_policy is set to deny.
## Usage ## Usage
To configure Envoy proxies in the service mesh to validate JWTs before forwarding requests to servers, complete the following steps: To configure Envoy proxies in the service mesh to validate JWTs before forwarding requests to servers, complete the following steps: