diff --git a/website/content/api-docs/acl/auth-methods.mdx b/website/content/api-docs/acl/auth-methods.mdx index 2e662213b..d5fa84d86 100644 --- a/website/content/api-docs/acl/auth-methods.mdx +++ b/website/content/api-docs/acl/auth-methods.mdx @@ -25,9 +25,9 @@ This endpoint creates a new ACL auth method. | `PUT` | `/acl/auth-method` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -54,7 +54,7 @@ The corresponding CLI command is [`consul acl auth-method create`](/commands/acl - `MaxTokenTTL` `(duration: 0s)` - This specifies the maximum life of any token created by this auth method. When set it will initialize the - [`ExpirationTime`](/api/acl/tokens#expirationtime) field on all tokens + [`ExpirationTime`](/api-docs/acl/tokens#expirationtime) field on all tokens to a value of `Token.CreateTime + AuthMethod.MaxTokenTTL`. This field is not persisted beyond its initial use. Can be specified in the form of `"60s"` or `"5m"` (i.e., 60 seconds or 5 minutes, respectively). This value must be no @@ -153,9 +153,9 @@ auth method exists with the given name, a 404 is returned instead of a | `GET` | `/acl/auth-method/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -207,9 +207,9 @@ This endpoint updates an existing ACL auth method. | `PUT` | `/acl/auth-method/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -237,7 +237,7 @@ The corresponding CLI command is [`consul acl auth-method update`](/commands/acl - `MaxTokenTTL` `(duration: 0s)` - This specifies the maximum life of any token created by this auth method. When set it will initialize the - [`ExpirationTime`](/api/acl/tokens#expirationtime) field on all tokens + [`ExpirationTime`](/api-docs/acl/tokens#expirationtime) field on all tokens to a value of `Token.CreateTime + AuthMethod.MaxTokenTTL`. This field is not persisted beyond its initial use. Can be specified in the form of `"60s"` or `"5m"` (i.e., 60 seconds or 5 minutes, respectively). This value must be no @@ -329,8 +329,8 @@ $ curl --request PUT \ This endpoint deletes an ACL auth method. ~> Deleting an auth method will also immediately delete all associated -[binding rules](/api/acl/binding-rules) as well as any -outstanding [tokens](/api/acl/tokens) created from this auth method. +[binding rules](/api-docs/acl/binding-rules) as well as any +outstanding [tokens](/api-docs/acl/tokens) created from this auth method. | Method | Path | Produces | | -------- | ------------------------ | ------------------ | @@ -340,9 +340,9 @@ Even though the return type is application/json, the value is either true or false indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -384,9 +384,9 @@ This endpoint lists all the ACL auth methods. | `GET` | `/acl/auth-methods` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/binding-rules.mdx b/website/content/api-docs/acl/binding-rules.mdx index e979d3440..3a17106bd 100644 --- a/website/content/api-docs/acl/binding-rules.mdx +++ b/website/content/api-docs/acl/binding-rules.mdx @@ -25,9 +25,9 @@ This endpoint creates a new ACL binding rule. | `PUT` | `/acl/binding-rule` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -151,9 +151,9 @@ response. | `GET` | `/acl/binding-rule/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -203,9 +203,9 @@ This endpoint updates an existing ACL binding rule. | `PUT` | `/acl/binding-rule/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -335,9 +335,9 @@ Even though the return type is application/json, the value is either true or false indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -379,9 +379,9 @@ This endpoint lists all the ACL binding rules. | `GET` | `/acl/binding-rules` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/index.mdx b/website/content/api-docs/acl/index.mdx index 3445d233d..081025ced 100644 --- a/website/content/api-docs/acl/index.mdx +++ b/website/content/api-docs/acl/index.mdx @@ -6,9 +6,9 @@ description: The /acl endpoints manage the Consul's ACL system. # ACL HTTP API --> **1.4.0+:** This API documentation is for Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api/acl/legacy). +-> **1.4.0+:** This API documentation is for Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api-docs/acl/legacy). -The `/acl` endpoints are used to manage ACL tokens and policies in Consul, [bootstrap the ACL system](#bootstrap-acls), [check ACL replication status](#check-acl-replication), and [translate rules](#translate-rules). There are additional pages for managing [tokens](/api/acl/tokens) and [policies](/api/acl/policies) with the `/acl` endpoints. +The `/acl` endpoints are used to manage ACL tokens and policies in Consul, [bootstrap the ACL system](#bootstrap-acls), [check ACL replication status](#check-acl-replication), and [translate rules](#translate-rules). There are additional pages for managing [tokens](/api-docs/acl/tokens) and [policies](/api-docs/acl/policies) with the `/acl` endpoints. For more information on how to setup ACLs, please check the [ACL tutorial](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production). @@ -29,9 +29,9 @@ configuration files. | `PUT` | `/acl/bootstrap` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -96,9 +96,9 @@ for more details. | `GET` | `/acl/replication` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -157,17 +157,17 @@ $ curl \ - `ReplicatedIndex` - The last index that was successfully replicated. Which data the replicated index refers to depends on the replication type. For `legacy` replication this can be compared with the value of the `X-Consul-Index` header - returned by the [`/v1/acl/list`](/api/acl/legacy#list-acls) endpoint to + returned by the [`/v1/acl/list`](/api-docs/acl/legacy#list-acls) endpoint to determine if the replication process has gotten all available ACLs. When in either `tokens` or `policies` mode, this index can be compared with the value of the - `X-Consul-Index` header returned by the [`/v1/acl/policies`](/api/acl/policies#list-policies) + `X-Consul-Index` header returned by the [`/v1/acl/policies`](/api-docs/acl/policies#list-policies) endpoint to determine if the policy replication process has gotten all available ACL policies. Note that ACL replication is rate limited so the indexes may lag behind the primary datacenter. - `ReplicatedTokenIndex` - The last token index that was successfully replicated. This index can be compared with the value of the `X-Consul-Index` header returned - by the [`/v1/acl/tokens`](/api/acl/tokens#list-tokens) endpoint to determine + by the [`/v1/acl/tokens`](/api-docs/acl/tokens#list-tokens) endpoint to determine if the replication process has gotten all available ACL tokens. Note that ACL replication is rate limited so the indexes may lag behind the primary datacenter. @@ -199,9 +199,9 @@ migrations. | `POST` | `/acl/rules/translate` | `text/plain` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -241,16 +241,16 @@ This endpoint translates the legacy rules embedded within a legacy ACL into the syntax. It is intended to be used by operators managing Consul's ACLs and performing legacy token to new policy migrations. Note that this API requires the auto-generated Accessor ID of the legacy token. This ID can be retrieved using the -[`/v1/acl/token/self`](/api/acl/tokens#read-self-token) endpoint. +[`/v1/acl/token/self`](/api-docs/acl/tokens#read-self-token) endpoint. | Method | Path | Produces | | ------ | ----------------------------------- | ------------ | | `GET` | `/acl/rules/translate/:accessor_id` | `text/plain` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -284,9 +284,9 @@ Consul ACL token. | `POST` | `/acl/login` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -376,9 +376,9 @@ with the `X-Consul-Token` header or the `token` query parameter. | `POST` | `/acl/logout` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -414,9 +414,9 @@ URL from Consul to start an [OIDC login flow](/docs/security/acl/auth-methods/oi | `POST` | `/acl/oidc/auth-url` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -494,9 +494,9 @@ for a newly-created Consul ACL token. | `POST` | `/acl/oidc/callback` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/legacy.mdx b/website/content/api-docs/acl/legacy.mdx index ab3bbb70f..c465f6d8e 100644 --- a/website/content/api-docs/acl/legacy.mdx +++ b/website/content/api-docs/acl/legacy.mdx @@ -10,7 +10,7 @@ description: >- -> **The legacy ACL system was deprecated in Consul 1.4.0 and removed in Consul 1.11.0.** It's _strongly_ recommended you do not build anything using the legacy system and use -the new ACL [Token](/api/acl/tokens) and [Policy](/api/acl/policies) APIs instead. +the new ACL [Token](/api-docs/acl/tokens) and [Policy](/api-docs/acl/policies) APIs instead. The legacy `/acl` endpoints to create, update, destroy, and query legacy ACL tokens in Consul. @@ -25,9 +25,9 @@ This endpoint makes a new ACL token. | `PUT` | `/acl/create` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -84,9 +84,9 @@ generating a new token ID, the `ID` field must be provided. | `PUT` | `/acl/update` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -138,9 +138,9 @@ Even though the return type is application/json, the value is either true or false, indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -175,9 +175,9 @@ This endpoint reads an ACL token with the given ID. | `GET` | `/acl/info/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -224,9 +224,9 @@ complex rule management. | `PUT` | `/acl/clone/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -263,9 +263,9 @@ This endpoint lists all the active ACL tokens. | `GET` | `/acl/list` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/policies.mdx b/website/content/api-docs/acl/policies.mdx index f5ef0a38d..02db7380d 100644 --- a/website/content/api-docs/acl/policies.mdx +++ b/website/content/api-docs/acl/policies.mdx @@ -6,7 +6,7 @@ description: The /acl/policy endpoints manage Consul's ACL policies. # ACL Policy HTTP API --> **1.4.0+:** The APIs are available in Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api/acl/legacy). +-> **1.4.0+:** The APIs are available in Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api-docs/acl/legacy). The `/acl/policy` endpoints [create](#create-a-policy), [read](#read-a-policy), [update](#update-a-policy), [list](#list-policies) and @@ -24,9 +24,9 @@ This endpoint creates a new ACL policy. | `PUT` | `/acl/policy` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -99,9 +99,9 @@ This endpoint reads an ACL policy with the given ID. | `GET` | `/acl/policy/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -151,9 +151,9 @@ This endpoint reads an ACL policy with the given ID. | `GET` | `/acl/policy/name/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -203,9 +203,9 @@ This endpoint updates an existing ACL policy. | `PUT` | `/acl/policy/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -284,9 +284,9 @@ Even though the return type is application/json, the value is either true or false indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -328,9 +328,9 @@ This endpoint lists all the ACL policies. | `GET` | `/acl/policies` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/roles.mdx b/website/content/api-docs/acl/roles.mdx index 5b73c7325..f76ab9e31 100644 --- a/website/content/api-docs/acl/roles.mdx +++ b/website/content/api-docs/acl/roles.mdx @@ -23,9 +23,9 @@ This endpoint creates a new ACL role. | `PUT` | `/acl/role` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -165,9 +165,9 @@ given ID, a 404 is returned instead of a 200 response. | `GET` | `/acl/role/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -237,9 +237,9 @@ given name, a 404 is returned instead of a 200 response. | `GET` | `/acl/role/name/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -308,9 +308,9 @@ This endpoint updates an existing ACL role. | `PUT` | `/acl/role/:id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -426,9 +426,9 @@ Even though the return type is application/json, the value is either true or false indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -470,9 +470,9 @@ This endpoint lists all the ACL roles. | `GET` | `/acl/roles` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/acl/tokens.mdx b/website/content/api-docs/acl/tokens.mdx index 31456965d..b73acc50e 100644 --- a/website/content/api-docs/acl/tokens.mdx +++ b/website/content/api-docs/acl/tokens.mdx @@ -6,7 +6,7 @@ description: The /acl/token endpoints manage Consul's ACL Tokens. # ACL Token HTTP API --> **1.4.0+:** The APIs are available in Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api/acl/legacy). +-> **1.4.0+:** The APIs are available in Consul versions 1.4.0 and later. The documentation for the legacy ACL API is [here](/api-docs/acl/legacy). The `/acl/token` endpoints [create](#create-a-token), [read](#read-a-token), [update](#update-a-token), [list](#list-tokens), [clone](#clone-a-token) and [delete](#delete-a-token) ACL tokens in Consul. @@ -23,9 +23,9 @@ This endpoint creates a new ACL token. | `PUT` | `/acl/token` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -166,9 +166,9 @@ This endpoint reads an ACL token with the given Accessor ID. | `GET` | `/acl/token/:AccessorID` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -235,9 +235,9 @@ specified with the `X-Consul-Token` header or the `token` query parameter. | `GET` | `/acl/token/self` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -290,9 +290,9 @@ This endpoint updates an existing ACL token. | `PUT` | `/acl/token/:AccessorID` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -440,9 +440,9 @@ This endpoint clones an existing ACL token. | `PUT` | `/acl/token/:AccessorID/clone` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -521,9 +521,9 @@ Even though the return type is application/json, the value is either true or false, indicating whether the delete succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -565,9 +565,9 @@ This endpoint lists all the ACL tokens. | `GET` | `/acl/tokens` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/admin-partitions.mdx b/website/content/api-docs/admin-partitions.mdx index 061187d6b..422223b4a 100644 --- a/website/content/api-docs/admin-partitions.mdx +++ b/website/content/api-docs/admin-partitions.mdx @@ -20,9 +20,9 @@ This endpoint creates a new Partition. | `PUT` | `/partition` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -76,9 +76,9 @@ This endpoint reads a Partition with the given name. | `GET` | `/partition/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -121,9 +121,9 @@ This endpoint updates a Partition description. | `PUT` | `/partition/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -185,9 +185,9 @@ This endpoint will return no data. Success or failure is indicated by the status code returned. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -230,9 +230,9 @@ This endpoint lists all the Partitions. | `GET` | `/partitions` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/agent/check.mdx b/website/content/api-docs/agent/check.mdx index 706d07369..e0b69258f 100644 --- a/website/content/api-docs/agent/check.mdx +++ b/website/content/api-docs/agent/check.mdx @@ -28,9 +28,9 @@ everything will be in sync within a few seconds. | `GET` | `/agent/checks` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -109,9 +109,9 @@ check and keeping the Catalog in sync. | `PUT` | `/agent/check/register` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -300,9 +300,9 @@ not exist, no action is taken. | `PUT` | `/agent/check/deregister/:check_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -338,9 +338,9 @@ This endpoint is used with a TTL type check to set the status of the check to | `PUT` | `/agent/check/pass/:check_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -379,9 +379,9 @@ This endpoint is used with a TTL type check to set the status of the check to | `PUT` | `/agent/check/warn/:check_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -419,9 +419,9 @@ This endpoint is used with a TTL type check to set the status of the check to | `PUT` | `/agent/check/fail/:check_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -459,9 +459,9 @@ to reset the TTL clock. | `PUT` | `/agent/check/update/:check_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/agent/connect.mdx b/website/content/api-docs/agent/connect.mdx index 8b7da249d..0570070e5 100644 --- a/website/content/api-docs/agent/connect.mdx +++ b/website/content/api-docs/agent/connect.mdx @@ -11,7 +11,7 @@ description: >- The `/agent/connect` endpoints interact with [Connect](/docs/connect) with agent-local operations. -These endpoints may mirror the [non-agent Connect endpoints](/api/connect) +These endpoints may mirror the [non-agent Connect endpoints](/api-docs/connect) in some cases. Almost all agent-local Connect endpoints perform local caching to optimize performance of Connect without having to make requests to the server. @@ -22,7 +22,7 @@ defined as _deny_ intentions during evaluation, as this endpoint is only suited for networking layer 4 (e.g. TCP) integration. For performance and reliability reasons it is desirable to implement intention enforcement by listing [intentions that match the -destination](/api/connect/intentions#list-matching-intentions) and representing +destination](/api-docs/connect/intentions#list-matching-intentions) and representing them in the native configuration of the proxy itself (such as RBAC for Envoy). This endpoint tests whether a connection attempt is authorized between @@ -43,9 +43,9 @@ connection attempt. | `POST` | `/agent/connect/authorize` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -105,7 +105,7 @@ This is used by [proxies](/docs/connect/proxies) or [native integrations](/docs/connect/native) to verify served client or server certificates are valid. -This is equivalent to the [non-Agent Connect endpoint](/api/connect), +This is equivalent to the [non-Agent Connect endpoint](/api-docs/connect), but the response of this request is cached locally at the agent. This allows for very fast response times and for fail open behavior if the server is unavailable. This endpoint should be used by proxies and native integrations. @@ -115,9 +115,9 @@ unavailable. This endpoint should be used by proxies and native integrations. | `GET` | `/agent/connect/ca/roots` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -165,7 +165,7 @@ connections and is also used as the client certificate for establishing outbound connections to other services. The agent generates a CSR locally and calls the -[CA sign API](/api/connect/ca) to sign it. The resulting certificate +[CA sign API](/api-docs/connect/ca) to sign it. The resulting certificate is cached and returned by this API until it is near expiry or the root certificates change. @@ -183,9 +183,9 @@ wait for certificate rotations. | `GET` | `/agent/connect/ca/leaf/:service` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/agent/index.mdx b/website/content/api-docs/agent/index.mdx index 50c013ee0..8a7b4a693 100644 --- a/website/content/api-docs/agent/index.mdx +++ b/website/content/api-docs/agent/index.mdx @@ -31,9 +31,9 @@ GitHub issue to discuss your use case. | `GET` | `/agent/host` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -220,9 +220,9 @@ by agent. The strongly consistent view of nodes is instead provided by | `GET` | `/agent/members` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -288,9 +288,9 @@ to change without notice or deprecation. | `GET` | `/agent/self` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -368,9 +368,9 @@ section on the agent options page for details on which options are supported. | `PUT` | `/agent/reload` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -401,9 +401,9 @@ restart. | `PUT` | `/agent/maintenance` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -462,9 +462,9 @@ endpoint. | `GET` | `/agent/metrics?format=prometheus` | `text/plain; version=0.0.4; charset=utf-8` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -584,9 +584,9 @@ This endpoint streams logs from the local agent until the connection is closed. | `GET` | `/agent/monitor` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -628,9 +628,9 @@ This endpoint instructs the agent to attempt to connect to a given address. | `PUT` | `/agent/join/:address` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -670,9 +670,9 @@ can affect cluster availability. | `PUT` | `/agent/leave` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -709,9 +709,9 @@ the list of members entirely. | `PUT` | `/agent/force-leave/:node?prune` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -785,9 +785,9 @@ The paths above correspond to the token names as found in the agent configuratio [`acl_replication_token`](/docs/agent/options#acl_replication_token_legacy). The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/agent/service.mdx b/website/content/api-docs/agent/service.mdx index 489556919..9254bfd05 100644 --- a/website/content/api-docs/agent/service.mdx +++ b/website/content/api-docs/agent/service.mdx @@ -30,9 +30,9 @@ everything will be in sync within a few seconds. | `GET` | `/agent/services` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -147,9 +147,9 @@ everything will be in sync within a few seconds. | `GET` | `/agent/service/:service_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -235,7 +235,7 @@ $ curl \ The response has the same structure as the [service definition](/docs/discovery/services) with one extra field `ContentHash` which contains the [hash-based blocking -query](/api/features/blocking#hash-based-blocking-queries) hash for the result. The +query](/api-docs/features/blocking#hash-based-blocking-queries) hash for the result. The same hash is also present in `X-Consul-ContentHash`. ## Get local service health @@ -253,9 +253,9 @@ the URL or use Mime Content negotiation by specifying a HTTP Header | `GET` | `/agent/health/service/name/:service_name?format=text` | `text/plain` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -294,7 +294,7 @@ Those endpoints might be useful for the following use-cases: ##### Note If you know the ID of service you want to target, it is recommended to use -[`/v1/agent/health/service/id/:service_id`](/api/agent/service#get-local-service-health-by-id) +[`/v1/agent/health/service/id/:service_id`](/api-docs/agent/service#get-local-service-health-by-id) so you have the result for the service only. When requesting `/v1/agent/health/service/name/:service_name`, the caller will receive the worst state of all services having the given name. @@ -430,7 +430,7 @@ Retrieve the health state of a specific service on the local agent by ID. | `GET` | `/agent/health/service/id/:service_id?format=text` | `text/plain` | The supported request parameters are the same as -[`/v1/agent/health/service/name/:service_name`](/api/agent/service#get-local-service-health). +[`/v1/agent/health/service/name/:service_name`](/api-docs/agent/service#get-local-service-health). ### Sample Requests @@ -586,9 +586,9 @@ For "connect-proxy" kind services, the `service:write` ACL for the | `PUT` | `/agent/service/register` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -655,13 +655,13 @@ service definition keys for compatibility with the config file format. [Connect Structure](#connect-structure) section below for supported fields. - `Check` `(Check: nil)` - Specifies a check. Please see the - [check documentation](/api/agent/check) for more information about the + [check documentation](/api-docs/agent/check) for more information about the accepted fields. If you don't provide a name or id for the check then they will be generated. To provide a custom id and/or name set the `CheckID` and/or `Name` field. - `Checks` `(array: nil)` - Specifies a list of checks. Please see the - [check documentation](/api/agent/check) for more information about the + [check documentation](/api-docs/agent/check) for more information about the accepted fields. If you don't provide a name or id for the check then they will be generated. To provide a custom id and/or name set the `CheckID` and/or `Name` field. The automatically generated `Name` and `CheckID` depend @@ -671,7 +671,7 @@ service definition keys for compatibility with the config file format. - `EnableTagOverride` `(bool: false)` - Specifies to disable the anti-entropy feature for this service's tags. If `EnableTagOverride` is set to `true` then - external agents can update this service in the [catalog](/api/catalog) + external agents can update this service in the [catalog](/api-docs/catalog) and modify the tags. Subsequent local sync operations by this agent will ignore the updated tags. For instance, if an external agent modified both the tags and the port for this service and `EnableTagOverride` was set to `true` @@ -761,9 +761,9 @@ is an associated check, that is also deregistered. | `PUT` | `/agent/service/deregister/:service_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -803,9 +803,9 @@ will be automatically restored on agent restart. | `PUT` | `/agent/service/maintenance/:service_id` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/catalog.mdx b/website/content/api-docs/catalog.mdx index 64011347c..4b2e93033 100644 --- a/website/content/api-docs/catalog.mdx +++ b/website/content/api-docs/catalog.mdx @@ -16,7 +16,7 @@ API methods look similar. This endpoint is a low-level mechanism for registering or updating entries in the catalog. It is usually preferable to instead use the -[agent endpoints](/api/agent) for registration as they are simpler and +[agent endpoints](/api-docs/agent) for registration as they are simpler and perform [anti-entropy](/docs/architecture/anti-entropy). | Method | Path | Produces | @@ -24,9 +24,9 @@ perform [anti-entropy](/docs/architecture/anti-entropy). | `PUT` | `/catalog/register` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -57,7 +57,7 @@ The table below shows this endpoint's support for for service definition names for [compatibility with external DNS](/docs/discovery/services#service-and-tag-names-with-dns). The service `Tags`, `Address`, `Meta`, and `Port` fields are all optional. For more information about these fields and the implications of setting them, - see the [Service - Agent API](/api/agent/service) page + see the [Service - Agent API](/api-docs/agent/service) page as registering services differs between using this or the Services Agent endpoint. - `Check` `(Check: nil)` - Specifies to register a check. The register API @@ -167,7 +167,7 @@ $ curl \ This endpoint is a low-level mechanism for directly removing entries from the Catalog. It is usually preferable to instead use the -[agent endpoints](/api/agent) for deregistration as they are simpler and +[agent endpoints](/api-docs/agent) for deregistration as they are simpler and perform [anti-entropy](/docs/architecture/anti-entropy). | Method | Path | Produces | @@ -175,9 +175,9 @@ perform [anti-entropy](/docs/architecture/anti-entropy). | `PUT` | `/catalog/deregister` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -257,9 +257,9 @@ Consul servers are routable. | `GET` | `/catalog/datacenters` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -292,9 +292,9 @@ This endpoint and returns the nodes registered in a given datacenter. | `GET` | `/catalog/nodes` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -391,9 +391,9 @@ This endpoint returns the services registered in a given datacenter. | `GET` | `/catalog/services` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -449,9 +449,9 @@ This endpoint returns the nodes providing a service in a given datacenter. | `GET` | `/catalog/service/:service` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -592,7 +592,7 @@ $ curl \ service instance. This includes both the address as well as the port. - `ServiceKind` is the kind of service, usually "". See the Agent - [service registration API](/api/agent/service#kind) for more information. + [service registration API](/api-docs/agent/service#kind) for more information. - `ServiceProxy` is the proxy config as specified in [Connect Proxies](/docs/connect/proxies). @@ -664,7 +664,7 @@ so this endpoint may be used to filter only the Connect-capable endpoints. | `GET` | `/catalog/connect/:service` | `application/json` | Parameters and response format are the same as -[`/catalog/service/:service`](/api/catalog#list-nodes-for-service). +[`/catalog/service/:service`](/api-docs/catalog#list-nodes-for-service). ## Retrieve Map of Services for a Node @@ -677,9 +677,9 @@ This endpoint returns the node's registered services. | `GET` | `/catalog/node/:node` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -808,9 +808,9 @@ This endpoint returns the node's registered services. | `GET` | `/catalog/node-services/:node` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -944,9 +944,9 @@ This endpoint returns the services associated with an ingress gateway or termina | `GET` | `/catalog/gateway-services/:gateway` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -1057,7 +1057,7 @@ $ curl \ - `Service.Namespace` is the Consul Enterprise namespace of a service associated with the gateway - `GatewayKind` is the kind of service, will be one of "ingress-gateway" or "terminating-gateway". See the Agent - [service registration API](/api/agent/service#kind) for more information. + [service registration API](/api-docs/agent/service#kind) for more information. - `CAFile` is the path to a CA file the gateway will use for TLS origination to the associated service diff --git a/website/content/api-docs/config.mdx b/website/content/api-docs/config.mdx index 151af061f..27d665aa6 100644 --- a/website/content/api-docs/config.mdx +++ b/website/content/api-docs/config.mdx @@ -24,9 +24,9 @@ This endpoint creates or updates the given config entry. | `PUT` | `/config` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -95,9 +95,9 @@ This endpoint returns a specific config entry. | `GET` | `/config/:kind/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -168,9 +168,9 @@ This endpoint returns all config entries of the given kind. | `GET` | `/config/:kind` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -244,9 +244,9 @@ This endpoint deletes the given config entry. | `DELETE` | `/config/:kind/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/connect/ca.mdx b/website/content/api-docs/connect/ca.mdx index 90a49d8c6..86c729460 100644 --- a/website/content/api-docs/connect/ca.mdx +++ b/website/content/api-docs/connect/ca.mdx @@ -21,9 +21,9 @@ the cluster. | `GET` | `/connect/ca/roots` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -113,9 +113,9 @@ This endpoint returns the current CA configuration. | `GET` | `/connect/ca/configuration` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -158,9 +158,9 @@ new root certificate being used, the [Root Rotation](/docs/connect/ca#root-certi | `PUT` | `/connect/ca/configuration` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/connect/index.mdx b/website/content/api-docs/connect/index.mdx index 508c30b1d..4c5d209aa 100644 --- a/website/content/api-docs/connect/index.mdx +++ b/website/content/api-docs/connect/index.mdx @@ -13,7 +13,7 @@ The `/connect` endpoints provide access to intentions and the certificate authority. There are also Connect-related endpoints in the -[Agent](/api/agent) and [Catalog](/api/catalog) APIs. For example, +[Agent](/api-docs/agent) and [Catalog](/api-docs/catalog) APIs. For example, the API for requesting a TLS certificate for a service is part of the agent APIs. And the catalog API has an endpoint for finding all Connect-capable services in the catalog. diff --git a/website/content/api-docs/connect/intentions.mdx b/website/content/api-docs/connect/intentions.mdx index 2ffcc58bc..49b6ac660 100644 --- a/website/content/api-docs/connect/intentions.mdx +++ b/website/content/api-docs/connect/intentions.mdx @@ -36,9 +36,9 @@ be persisted using this endpoint and will require editing the enclosing | `PUT` | `/connect/intentions/exact` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -147,9 +147,9 @@ existing intention or delete it prior to creating a new one. | `POST` | `/connect/intentions` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -247,9 +247,9 @@ This endpoint updates an intention with the given values. | `PUT` | `/connect/intentions/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -301,9 +301,9 @@ This endpoint reads a specific intention by its unique source and destination. | `GET` | `/connect/intentions/exact` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -378,9 +378,9 @@ This endpoint reads a specific intention. | `GET` | `/connect/intentions/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -442,9 +442,9 @@ This endpoint lists all intentions. | `GET` | `/connect/intentions` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -533,9 +533,9 @@ This endpoint deletes a specific intention by its unique source and destination. | `DELETE` | `/connect/intentions/exact` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -593,9 +593,9 @@ This endpoint deletes a specific intention. | `DELETE` | `/connect/intentions/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -638,7 +638,7 @@ networking layer 4 (e.g. TCP) integration. For performance and reliability reasons it is desirable to implement intention enforcement by listing [intentions that match the -destination](/api/connect/intentions#list-matching-intentions) and representing +destination](/api-docs/connect/intentions#list-matching-intentions) and representing them in the native configuration of the proxy itself (such as RBAC for Envoy). This endpoint will work even if the destination service has @@ -650,9 +650,9 @@ does not contain any information about the intention itself. | `GET` | `/connect/intentions/check` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -715,9 +715,9 @@ The intentions in the response are in evaluation order. | `GET` | `/connect/intentions/match` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/coordinate.mdx b/website/content/api-docs/coordinate.mdx index 2e6c5fe2b..bbba8afaf 100644 --- a/website/content/api-docs/coordinate.mdx +++ b/website/content/api-docs/coordinate.mdx @@ -29,9 +29,9 @@ cluster. | `GET` | `/coordinate/datacenters` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -85,9 +85,9 @@ datacenter. | `GET` | `/coordinate/nodes` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -144,9 +144,9 @@ This endpoint returns the LAN network coordinates for the given node. | `GET` | `/coordinate/node/:node` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -202,9 +202,9 @@ datacenter. | `PUT` | `/coordinate/update` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/discovery-chain.mdx b/website/content/api-docs/discovery-chain.mdx index e7e2de6e5..29adab555 100644 --- a/website/content/api-docs/discovery-chain.mdx +++ b/website/content/api-docs/discovery-chain.mdx @@ -38,9 +38,9 @@ the `POST` method must be used, otherwise `GET` is sufficient.

The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/event.mdx b/website/content/api-docs/event.mdx index c9edbe47b..1d795997a 100644 --- a/website/content/api-docs/event.mdx +++ b/website/content/api-docs/event.mdx @@ -20,9 +20,9 @@ This endpoint triggers a new user event. | `PUT` | `/event/fire/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -100,9 +100,9 @@ nor do they make a promise of delivery. | `GET` | `/event/list` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/features/consistency.mdx b/website/content/api-docs/features/consistency.mdx index a50658069..71fd92ffb 100644 --- a/website/content/api-docs/features/consistency.mdx +++ b/website/content/api-docs/features/consistency.mdx @@ -42,7 +42,7 @@ should be provided on requests. It is an error to provide both. Note that some endpoints support a `cached` parameter which has some of the same semantics as `stale` but different trade offs. This behavior is described in -[agent caching feature documentation](/api/features/caching). +[agent caching feature documentation](/api-docs/features/caching). To support bounding the acceptable staleness of data, responses provide the `X-Consul-LastContact` header containing the time in milliseconds that a server diff --git a/website/content/api-docs/features/filtering.mdx b/website/content/api-docs/features/filtering.mdx index bcf86b9d8..b4a25b242 100644 --- a/website/content/api-docs/features/filtering.mdx +++ b/website/content/api-docs/features/filtering.mdx @@ -122,7 +122,7 @@ example, the following two expressions would be equivalent. Generally, only the main object is filtered. When filtering for an item within an array that is not at the top level, the entire array that contains the item will be returned. This is usually the outermost object of a response, -but in some cases such the [`/catalog/node/:node`](/api/catalog#list-services-for-node) +but in some cases such the [`/catalog/node/:node`](/api-docs/catalog#list-services-for-node) endpoint the filtering is performed on a object embedded within the results. ### Performance diff --git a/website/content/api-docs/health.mdx b/website/content/api-docs/health.mdx index 1ae4c2701..6d8a1c677 100644 --- a/website/content/api-docs/health.mdx +++ b/website/content/api-docs/health.mdx @@ -25,9 +25,9 @@ This endpoint returns the checks specific to the node provided on the path. | `GET` | `/health/node/:node` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -122,9 +122,9 @@ path. | `GET` | `/health/checks/:service` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -214,9 +214,9 @@ incorporating the use of health checks. | `GET` | `/health/service/:service` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -422,7 +422,7 @@ so this endpoint may be used to filter only the Connect-capable endpoints. | `GET` | `/health/connect/:service` | `application/json` | Parameters and response format are the same as -[`/health/service/:service`](/api/health#list-nodes-for-service). +[`/health/service/:service`](/api-docs/health#list-nodes-for-service). ## List Service Instances for Ingress Gateways Associated with a Service @@ -438,10 +438,10 @@ gateway](/docs/connect/gateways/ingress-gateway) for a service in a given datace | `GET` | `/health/ingress/:service` | `application/json` | Parameters and response format are the same as -[`/health/service/:service`](/api/health#list-nodes-for-service). +[`/health/service/:service`](/api-docs/health#list-nodes-for-service). **Note** that unlike `/health/connect/:service` and `/health/service/:service` this -endpoint does not support the [streaming backend](/api/features/blocking#streaming-backend). +endpoint does not support the [streaming backend](/api-docs/features/blocking#streaming-backend). ## List Checks in State @@ -455,9 +455,9 @@ This endpoint returns the checks in the state provided on the path. | `GET` | `/health/state/:state` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/kv.mdx b/website/content/api-docs/kv.mdx index 029c3ae81..ba77717f4 100644 --- a/website/content/api-docs/kv.mdx +++ b/website/content/api-docs/kv.mdx @@ -19,7 +19,7 @@ replication between datacenters, please view the ~> Values in the KV store cannot be larger than 512kb. In order to perform atomic operations on multiple KV pairs (up to a limit of 64) -please consider using [transactions](/api/txn) instead. +please consider using [transactions](/api-docs/txn) instead. ## Read Key @@ -27,7 +27,7 @@ This endpoint returns the specified key. If no key exists at the given path, a 404 is returned instead of a 200 response. For multi-key reads (up to a limit of 64 KV operations) please consider using -[transactions](/api/txn) instead. +[transactions](/api-docs/txn) instead. If the [`recurse`](#recurse) or [`keys`](#keys) query parameters are `true`, this endpoint will return an array of keys. In this case, @@ -40,9 +40,9 @@ Refer to the [HTTP API documentation](/api-docs#results-filtered-by-acls) for mo | `GET` | `/kv/:key` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -172,9 +172,9 @@ Even though the return type is `application/json`, the value is either `true` or `false`, indicating whether the create/update succeeded. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -260,9 +260,9 @@ This endpoint deletes a single key or all keys sharing a prefix. | `DELETE` | `/kv/:key` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/namespaces.mdx b/website/content/api-docs/namespaces.mdx index c14c9a721..67fc5d6b3 100644 --- a/website/content/api-docs/namespaces.mdx +++ b/website/content/api-docs/namespaces.mdx @@ -20,9 +20,9 @@ This endpoint creates a new Namespace. | `PUT` | `/namespace` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -151,9 +151,9 @@ This endpoint reads a Namespace with the given name. | `GET` | `/namespace/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -222,9 +222,9 @@ This endpoint updates a Namespace. | `PUT` | `/namespace/:name` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -361,9 +361,9 @@ This endpoint will return no data. Success or failure is indicated by the status code returned. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -434,9 +434,9 @@ privileges of the ACL token used for the request. | `GET` | `/namespaces` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/area.mdx b/website/content/api-docs/operator/area.mdx index 505057666..6f10fa2dd 100644 --- a/website/content/api-docs/operator/area.mdx +++ b/website/content/api-docs/operator/area.mdx @@ -36,9 +36,9 @@ successfully. | `POST` | `/operator/area` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -104,9 +104,9 @@ This endpoint lists all network areas. | `GET` | `/operator/area` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -149,9 +149,9 @@ This endpoint updates a network area to the given configuration. | `PUT` | `/operator/area/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -195,9 +195,9 @@ This endpoint lists a specific network area. | `GET` | `/operator/area/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -241,9 +241,9 @@ This endpoint deletes a specific network area. | `DELETE` | `/operator/area/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -279,9 +279,9 @@ area. | `PUT` | `/operator/area/:uuid/join` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -354,9 +354,9 @@ network area. | `GET` | `/operator/area/:uuid/members` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/autopilot.mdx b/website/content/api-docs/operator/autopilot.mdx index 89ffb67a3..e1d050871 100644 --- a/website/content/api-docs/operator/autopilot.mdx +++ b/website/content/api-docs/operator/autopilot.mdx @@ -24,9 +24,9 @@ This endpoint retrieves its latest Autopilot configuration. | `GET` | `/operator/autopilot/configuration` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -80,9 +80,9 @@ This endpoint updates the Autopilot configuration of the cluster. | `PUT` | `/operator/autopilot/configuration` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -159,9 +159,9 @@ This endpoint queries the health of the autopilot status. | `GET` | `/operator/autopilot/health` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -264,9 +264,9 @@ This endpoint queries the health of the autopilot status. | `GET` | `/operator/autopilot/state` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/keyring.mdx b/website/content/api-docs/operator/keyring.mdx index 3b3690101..83d1b89bd 100644 --- a/website/content/api-docs/operator/keyring.mdx +++ b/website/content/api-docs/operator/keyring.mdx @@ -26,9 +26,9 @@ read privileges. | `GET` | `/operator/keyring` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -113,9 +113,9 @@ This endpoint installs a new gossip encryption key into the cluster. | `POST` | `/operator/keyring` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -161,9 +161,9 @@ installed before this operation can succeed. | `PUT` | `/operator/keyring` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -209,9 +209,9 @@ may only be performed on keys which are not currently the primary key. | `DELETE` | `/operator/keyring` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/license.mdx b/website/content/api-docs/operator/license.mdx index ff0c0b657..c2c9186fe 100644 --- a/website/content/api-docs/operator/license.mdx +++ b/website/content/api-docs/operator/license.mdx @@ -22,9 +22,9 @@ This endpoint gets information about the current license. | `GET` | `/operator/license` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -89,9 +89,9 @@ license contents as well as any warning messages regarding its validity. | `PUT` | `/operator/license` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -161,9 +161,9 @@ This endpoint resets the Consul license to the license included in the Enterpris | `DELETE` | `/operator/license` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/raft.mdx b/website/content/api-docs/operator/raft.mdx index 5225208a3..8d1259454 100644 --- a/website/content/api-docs/operator/raft.mdx +++ b/website/content/api-docs/operator/raft.mdx @@ -23,9 +23,9 @@ This endpoint reads the current raft configuration. | `GET` | `/operator/raft/configuration` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -43,7 +43,7 @@ The table below shows this endpoint's support for Raft configuration from any of the Consul servers. Not setting this will choose the default consistency mode which will forward the request to the leader for processing but not re-confirm the server is still the leader before returning - results. See [default consistency](/api/features/consistency#default) for more details. + results. See [default consistency](/api-docs/features/consistency#default) for more details. ### Sample Request @@ -121,9 +121,9 @@ write privileges. | `DELETE` | `/operator/raft/peer` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/operator/segment.mdx b/website/content/api-docs/operator/segment.mdx index 713fae4e6..360a6f1b0 100644 --- a/website/content/api-docs/operator/segment.mdx +++ b/website/content/api-docs/operator/segment.mdx @@ -29,9 +29,9 @@ This endpoint lists all network areas. | `GET` | `/operator/segment` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/query.mdx b/website/content/api-docs/query.mdx index 2adaa152e..c91cdacdd 100644 --- a/website/content/api-docs/query.mdx +++ b/website/content/api-docs/query.mdx @@ -141,9 +141,9 @@ successfully. | `POST` | `/query` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -306,9 +306,9 @@ This endpoint returns a list of all prepared queries. | `GET` | `/query` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -369,9 +369,9 @@ given ID, an error is returned. | `PUT` | `/query/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -409,9 +409,9 @@ given ID, an error is returned. | `GET` | `/query/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -449,9 +449,9 @@ given ID, an error is returned. | `DELETE` | `/query/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -489,9 +489,9 @@ Refer to the [HTTP API documentation](/api-docs#results-filtered-by-acls) for mo | `GET` | `/query/:uuid/execute` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -618,9 +618,9 @@ interpolation. | `GET` | `/query/:uuid/explain` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/session.mdx b/website/content/api-docs/session.mdx index efaccbcc3..15415c0c4 100644 --- a/website/content/api-docs/session.mdx +++ b/website/content/api-docs/session.mdx @@ -18,9 +18,9 @@ node and may be associated with any number of checks. | `PUT` | `/session/create` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -127,9 +127,9 @@ either a literal `true` or `false`, indicating of whether the destroy was successful. The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -173,9 +173,9 @@ This endpoint returns the requested session information. | `GET` | `/session/info/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -237,9 +237,9 @@ This endpoint returns the active sessions for a given node. | `GET` | `/session/node/:node` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -301,9 +301,9 @@ This endpoint returns the list of active sessions. | `GET` | `/session/list` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -360,9 +360,9 @@ TTL, and it extends the expiration by the TTL. | `PUT` | `/session/renew/:uuid` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/snapshot.mdx b/website/content/api-docs/snapshot.mdx index 885cdd0a3..2e3419279 100644 --- a/website/content/api-docs/snapshot.mdx +++ b/website/content/api-docs/snapshot.mdx @@ -30,9 +30,9 @@ restore. | `GET` | `/snapshot` | `200 application/x-gzip` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -87,9 +87,9 @@ call to the `GET` method. | `PUT` | `/snapshot` | `200 text/plain (empty body)` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/status.mdx b/website/content/api-docs/status.mdx index c7cb3e557..8948a5a7f 100644 --- a/website/content/api-docs/status.mdx +++ b/website/content/api-docs/status.mdx @@ -23,9 +23,9 @@ running. | `GET` | `/status/leader` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -61,9 +61,9 @@ determining when a given server has successfully joined the cluster. | `GET` | `/status/peers` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | diff --git a/website/content/api-docs/txn.mdx b/website/content/api-docs/txn.mdx index bf5a3fdfa..2fa10bcb0 100644 --- a/website/content/api-docs/txn.mdx +++ b/website/content/api-docs/txn.mdx @@ -36,9 +36,9 @@ the leader via the Raft consensus protocol. | `PUT` | `/txn` | `application/json` | The table below shows this endpoint's support for -[blocking queries](/api/features/blocking), -[consistency modes](/api/features/consistency), -[agent caching](/api/features/caching), and +[blocking queries](/api-docs/features/blocking), +[consistency modes](/api-docs/features/consistency), +[agent caching](/api-docs/features/caching), and [required ACLs](/api#authentication). | Blocking Queries | Consistency Modes | Agent Caching | ACL Required | @@ -86,7 +86,7 @@ The table below shows this endpoint's support for - `Verb` `(string: )` - Specifies the type of operation to perform. - `Node` `(Node: )` - Specifies the node information to use - for the operation. See the [catalog endpoint](/api/catalog#parameters) for the fields in this object. Note the only the node can be specified here, not any services or checks - separate service or check operations must be used for those. + for the operation. See the [catalog endpoint](/api-docs/catalog#parameters) for the fields in this object. Note the only the node can be specified here, not any services or checks - separate service or check operations must be used for those. - `Service` operations have the following fields: @@ -96,14 +96,14 @@ The table below shows this endpoint's support for this service operation. - `Service` `(Service: )` - Specifies the service instance information to use - for the operation. See the [catalog endpoint](/api/catalog#parameters) for the fields in this object. + for the operation. See the [catalog endpoint](/api-docs/catalog#parameters) for the fields in this object. - `Check` operations have the following fields: - `Verb` `(string: )` - Specifies the type of operation to perform. - `Check` `(Service: )` - Specifies the check to use - for the operation. See the [catalog endpoint](/api/catalog#parameters) for the fields in this object. + for the operation. See the [catalog endpoint](/api-docs/catalog#parameters) for the fields in this object. Please see the table below for available verbs. diff --git a/website/content/commands/acl/auth-method/create.mdx b/website/content/commands/acl/auth-method/create.mdx index a47477493..dfdce5d13 100644 --- a/website/content/commands/acl/auth-method/create.mdx +++ b/website/content/commands/acl/auth-method/create.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/auth-method](/api-docs/acl/aut The `acl auth-method create` command creates new auth methods. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/auth-method/delete.mdx b/website/content/commands/acl/auth-method/delete.mdx index 3ba8324a4..a0865825b 100644 --- a/website/content/commands/acl/auth-method/delete.mdx +++ b/website/content/commands/acl/auth-method/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/auth-method/:name](/api-doc The `acl auth-method delete` command deletes an auth method. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/auth-method/index.mdx b/website/content/commands/acl/auth-method/index.mdx index 1ae28de78..db92f6f35 100644 --- a/website/content/commands/acl/auth-method/index.mdx +++ b/website/content/commands/acl/auth-method/index.mdx @@ -11,7 +11,7 @@ The `acl auth-method` command is used to manage Consul's ACL auth methods. It exposes commands for creating, updating, reading, deleting, and listing auth methods. This command is available in Consul 1.5.0 and newer. -ACL auth methods may also be managed via the [HTTP API](/api/acl/auth-methods). +ACL auth methods may also be managed via the [HTTP API](/api-docs/acl/auth-methods). -> **Note:** All of the example subcommands in this document will require a valid Consul token with the appropriate permissions. Either set the diff --git a/website/content/commands/acl/auth-method/list.mdx b/website/content/commands/acl/auth-method/list.mdx index 643e1c02c..93387e588 100644 --- a/website/content/commands/acl/auth-method/list.mdx +++ b/website/content/commands/acl/auth-method/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/auth-methods](/api-docs/acl/au The `acl auth-method list` command lists all auth methods. By default it will not show metadata. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/auth-method/read.mdx b/website/content/commands/acl/auth-method/read.mdx index fbe7d055c..f9ec06619 100644 --- a/website/content/commands/acl/auth-method/read.mdx +++ b/website/content/commands/acl/auth-method/read.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/auth-method/:name](/api-docs/a The `acl auth-method read` command reads and displays an auth method's details. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/auth-method/update.mdx b/website/content/commands/acl/auth-method/update.mdx index c960a09d0..a7fae8dc3 100644 --- a/website/content/commands/acl/auth-method/update.mdx +++ b/website/content/commands/acl/auth-method/update.mdx @@ -15,7 +15,7 @@ provided to the command invocation. Therefore to update just one field, only the `-name` options and the option to modify must be provided. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/binding-rule/create.mdx b/website/content/commands/acl/binding-rule/create.mdx index df65da77a..9df0d2691 100644 --- a/website/content/commands/acl/binding-rule/create.mdx +++ b/website/content/commands/acl/binding-rule/create.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/binding-rule](/api-docs/acl/bi The `acl binding-rule create` command creates new binding rules. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/binding-rule/delete.mdx b/website/content/commands/acl/binding-rule/delete.mdx index e59d533fd..0ef61278b 100644 --- a/website/content/commands/acl/binding-rule/delete.mdx +++ b/website/content/commands/acl/binding-rule/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/binding-rule/:id](/api-docs The `acl binding-rule delete` command deletes a binding rule. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/binding-rule/index.mdx b/website/content/commands/acl/binding-rule/index.mdx index 440bd92e0..911ada43d 100644 --- a/website/content/commands/acl/binding-rule/index.mdx +++ b/website/content/commands/acl/binding-rule/index.mdx @@ -11,7 +11,7 @@ The `acl binding-rule` command is used to manage Consul's ACL binding rules. It exposes commands for creating, updating, reading, deleting, and listing binding rules. This command is available in Consul 1.5.0 and newer. -ACL binding rules may also be managed via the [HTTP API](/api/acl/binding-rules). +ACL binding rules may also be managed via the [HTTP API](/api-docs/acl/binding-rules). -> **Note:** All of the example subcommands in this document will require a valid Consul token with the appropriate permissions. Either set the diff --git a/website/content/commands/acl/binding-rule/list.mdx b/website/content/commands/acl/binding-rule/list.mdx index 1753f3f9b..322d647d2 100644 --- a/website/content/commands/acl/binding-rule/list.mdx +++ b/website/content/commands/acl/binding-rule/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/binding-rules](/api-docs/acl/b The `acl binding-rule list` command lists all binding rules. By default it will not show metadata. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/binding-rule/read.mdx b/website/content/commands/acl/binding-rule/read.mdx index 15b66acb6..1ac0e2c85 100644 --- a/website/content/commands/acl/binding-rule/read.mdx +++ b/website/content/commands/acl/binding-rule/read.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/binding-rule/:id](/api-docs/ac The `acl binding-rule read` command reads and displays a binding rules details. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/binding-rule/update.mdx b/website/content/commands/acl/binding-rule/update.mdx index 2fb1496ab..320979663 100644 --- a/website/content/commands/acl/binding-rule/update.mdx +++ b/website/content/commands/acl/binding-rule/update.mdx @@ -15,7 +15,7 @@ provided to the command invocation. Therefore to update just one field, only the `-id` option and the option to modify must be provided. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/bootstrap.mdx b/website/content/commands/acl/bootstrap.mdx index 28592f0e7..534674267 100644 --- a/website/content/commands/acl/bootstrap.mdx +++ b/website/content/commands/acl/bootstrap.mdx @@ -15,7 +15,7 @@ will be disabled. If all tokens are lost and you need to bootstrap again you can [reset procedure](https://learn.hashicorp.com/consul/security-networking/acl-troubleshooting?utm_source=consul.io&utm_medium=docs#reset-the-acl-system). The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/policy/create.mdx b/website/content/commands/acl/policy/create.mdx index 8cdcd20b7..2cf29f87b 100644 --- a/website/content/commands/acl/policy/create.mdx +++ b/website/content/commands/acl/policy/create.mdx @@ -20,7 +20,7 @@ To load the value from a file prefix the value with an `@`. Any other values will be used directly. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/policy/delete.mdx b/website/content/commands/acl/policy/delete.mdx index c903545c7..9449a5edc 100644 --- a/website/content/commands/acl/policy/delete.mdx +++ b/website/content/commands/acl/policy/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/policy/:id](/api-docs/acl/p The `acl policy delete` command deletes a policy. Policies may be deleted by their ID or by name. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/policy/index.mdx b/website/content/commands/acl/policy/index.mdx index 79f4a136a..dcfdbdf31 100644 --- a/website/content/commands/acl/policy/index.mdx +++ b/website/content/commands/acl/policy/index.mdx @@ -11,7 +11,7 @@ The `acl policy` command is used to manage Consul's ACL policies. It exposes commands for creating, updating, reading, deleting, and listing policies. This command is available in Consul 1.4.0 and newer. -ACL policies may also be managed via the [HTTP API](/api/acl/policies). +ACL policies may also be managed via the [HTTP API](/api-docs/acl/policies). -> **Note:** All of the example subcommands in this document will require a valid Consul token with the appropriate permissions. Either set the diff --git a/website/content/commands/acl/policy/list.mdx b/website/content/commands/acl/policy/list.mdx index dd2a6606b..acb0bebae 100644 --- a/website/content/commands/acl/policy/list.mdx +++ b/website/content/commands/acl/policy/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/policies](/api-docs/acl/polici The `acl policy list` command lists all policies. By default it will not show metadata. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/policy/read.mdx b/website/content/commands/acl/policy/read.mdx index 0f45b18cb..119a71c1d 100644 --- a/website/content/commands/acl/policy/read.mdx +++ b/website/content/commands/acl/policy/read.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoints: [\[GET\] /v1/acl/policy/:id](/api-docs/acl/pol The `acl policy read` command reads and displays a policies details. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/policy/update.mdx b/website/content/commands/acl/policy/update.mdx index 4beeec210..c3b23278e 100644 --- a/website/content/commands/acl/policy/update.mdx +++ b/website/content/commands/acl/policy/update.mdx @@ -16,7 +16,7 @@ policies requires both the `-id` and `-name` as the new name cannot yet be used policy. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/role/create.mdx b/website/content/commands/acl/role/create.mdx index 37b3a9a00..fea5919b8 100644 --- a/website/content/commands/acl/role/create.mdx +++ b/website/content/commands/acl/role/create.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/role](/api-docs/acl/roles#crea The `acl role create` command creates new roles. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/role/delete.mdx b/website/content/commands/acl/role/delete.mdx index 3f37cf51e..d0b9823d2 100644 --- a/website/content/commands/acl/role/delete.mdx +++ b/website/content/commands/acl/role/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/role/:id](/api-docs/acl/rol The `acl role delete` command deletes a role. Roles may be deleted by their ID or by name. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/role/index.mdx b/website/content/commands/acl/role/index.mdx index 422c514af..b14cd6f63 100644 --- a/website/content/commands/acl/role/index.mdx +++ b/website/content/commands/acl/role/index.mdx @@ -11,7 +11,7 @@ The `acl role` command is used to manage Consul's ACL roles. It exposes commands for creating, updating, reading, deleting, and listing roles. This command is available in Consul 1.5.0 and newer. -ACL roles may also be managed via the [HTTP API](/api/acl/roles). +ACL roles may also be managed via the [HTTP API](/api-docs/acl/roles). -> **Note:** All of the example subcommands in this document will require a valid Consul token with the appropriate permissions. Either set the diff --git a/website/content/commands/acl/role/list.mdx b/website/content/commands/acl/role/list.mdx index 9ba9115ce..dd973c630 100644 --- a/website/content/commands/acl/role/list.mdx +++ b/website/content/commands/acl/role/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/roles](/api-docs/acl/roles#lis The `acl role list` command lists all roles. By default it will not show metadata. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/role/read.mdx b/website/content/commands/acl/role/read.mdx index b28aa6bfd..ef45e636c 100644 --- a/website/content/commands/acl/role/read.mdx +++ b/website/content/commands/acl/role/read.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoints: [\[GET\] /v1/acl/role/:id](/api-docs/acl/roles The `acl role read` command reads and displays a roles details. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/role/update.mdx b/website/content/commands/acl/role/update.mdx index 17469059c..52133e117 100644 --- a/website/content/commands/acl/role/update.mdx +++ b/website/content/commands/acl/role/update.mdx @@ -16,7 +16,7 @@ modify must be provided. Note that renaming roles requires both the `-id` and `-name` as the new name cannot yet be used to lookup the role. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/set-agent-token.mdx b/website/content/commands/acl/set-agent-token.mdx index af142a694..201e8b6ed 100644 --- a/website/content/commands/acl/set-agent-token.mdx +++ b/website/content/commands/acl/set-agent-token.mdx @@ -17,7 +17,7 @@ is `true`, so tokens will need to be updated again if that option is `false` and the agent is restarted. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/clone.mdx b/website/content/commands/acl/token/clone.mdx index 2b7b3ca9b..7dafeb34e 100644 --- a/website/content/commands/acl/token/clone.mdx +++ b/website/content/commands/acl/token/clone.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/token/:AccessorID/clone](/api- The `acl token clone` command clones an existing token. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/create.mdx b/website/content/commands/acl/token/create.mdx index b9e2e0ae1..8690e5b76 100644 --- a/website/content/commands/acl/token/create.mdx +++ b/website/content/commands/acl/token/create.mdx @@ -14,7 +14,7 @@ either the `-policy-id` or the `-policy-name` options. When specifying policies may use a unique prefix of the UUID as a shortcut for specifying the entire UUID. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/delete.mdx b/website/content/commands/acl/token/delete.mdx index 20545e319..eee3e5db6 100644 --- a/website/content/commands/acl/token/delete.mdx +++ b/website/content/commands/acl/token/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/token/:AccessorID](/api-doc The `acl token delete` command deletes a token. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/index.mdx b/website/content/commands/acl/token/index.mdx index 2198eb572..9c3e497d7 100644 --- a/website/content/commands/acl/token/index.mdx +++ b/website/content/commands/acl/token/index.mdx @@ -11,7 +11,7 @@ The `acl token` command is used to manage Consul's ACL tokens. It exposes commands for creating, updating, reading, deleting, and listing tokens. This command is available in Consul 1.4.0 and newer. -ACL tokens may also be managed via the [HTTP API](/api/acl/tokens). +ACL tokens may also be managed via the [HTTP API](/api-docs/acl/tokens). -> **Note:** All of the example subcommands in this document will require a valid Consul token with the appropriate permissions. Either set the diff --git a/website/content/commands/acl/token/list.mdx b/website/content/commands/acl/token/list.mdx index 0439dc7ed..f3a64c1ca 100644 --- a/website/content/commands/acl/token/list.mdx +++ b/website/content/commands/acl/token/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/tokens](/api-docs/acl/tokens#l The `acl token list` command lists all tokens. By default it will not show metadata. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/read.mdx b/website/content/commands/acl/token/read.mdx index 6d3aefadb..e249e1b38 100644 --- a/website/content/commands/acl/token/read.mdx +++ b/website/content/commands/acl/token/read.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/token/:AccessorID](/api-docs/a The `acl token read` command reads and displays a token details. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/token/update.mdx b/website/content/commands/acl/token/update.mdx index ca9c04e1f..b7c2b5bbc 100644 --- a/website/content/commands/acl/token/update.mdx +++ b/website/content/commands/acl/token/update.mdx @@ -13,7 +13,7 @@ The `acl token update` command will update a token. Some parts of the token like token is local to the datacenter cannot be changed. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/acl/translate-rules.mdx b/website/content/commands/acl/translate-rules.mdx index 6501b56e0..1255de367 100644 --- a/website/content/commands/acl/translate-rules.mdx +++ b/website/content/commands/acl/translate-rules.mdx @@ -15,7 +15,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/rules/translate/:accessor_id]( This command translates the legacy ACL rule syntax into the new syntax. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/catalog/datacenters.mdx b/website/content/commands/catalog/datacenters.mdx index 8d329b786..1f823d1d1 100644 --- a/website/content/commands/catalog/datacenters.mdx +++ b/website/content/commands/catalog/datacenters.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/catalog/datacenters](/api-docs/cat The `catalog datacenters` command prints all known datacenters. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/catalog/index.mdx b/website/content/commands/catalog/index.mdx index c95bae537..63b213a6c 100644 --- a/website/content/commands/catalog/index.mdx +++ b/website/content/commands/catalog/index.mdx @@ -11,7 +11,7 @@ The `catalog` command is used to interact with Consul's catalog via the command line. It exposes top-level commands for reading and filtering data from the registry. -The catalog is also accessible via the [HTTP API](/api/catalog). +The catalog is also accessible via the [HTTP API](/api-docs/catalog). ## Basic Examples diff --git a/website/content/commands/catalog/nodes.mdx b/website/content/commands/catalog/nodes.mdx index 386948d29..7537ce1ef 100644 --- a/website/content/commands/catalog/nodes.mdx +++ b/website/content/commands/catalog/nodes.mdx @@ -14,7 +14,7 @@ It can also query for nodes that match a particular metadata or provide a particular service. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -84,7 +84,7 @@ Usage: `consul catalog nodes [options]` - `-filter=` - Expression to use for filtering the results. Can be passed via stdin by using `-` for the value or from a file by passing `@`. - See the [`/catalog/nodes` API documentation](/api/catalog#filtering) for a + See the [`/catalog/nodes` API documentation](/api-docs/catalog#filtering) for a description of what is filterable. #### Enterprise Options diff --git a/website/content/commands/catalog/services.mdx b/website/content/commands/catalog/services.mdx index 8c414653c..d4653f04f 100644 --- a/website/content/commands/catalog/services.mdx +++ b/website/content/commands/catalog/services.mdx @@ -14,7 +14,7 @@ for services that match particular metadata or list the services that a particular node provides. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/config/delete.mdx b/website/content/commands/config/delete.mdx index a869d17aa..bee966700 100644 --- a/website/content/commands/config/delete.mdx +++ b/website/content/commands/config/delete.mdx @@ -14,7 +14,7 @@ kind and name. See the [configuration entries docs](/docs/agent/config-entries) for more details about configuration entries. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required1 | diff --git a/website/content/commands/config/list.mdx b/website/content/commands/config/list.mdx index a2e5a7c49..8ceec02b6 100644 --- a/website/content/commands/config/list.mdx +++ b/website/content/commands/config/list.mdx @@ -14,7 +14,7 @@ See the [configuration entries docs](/docs/agent/config-entries) for more details about configuration entries. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required1 | diff --git a/website/content/commands/config/read.mdx b/website/content/commands/config/read.mdx index 3df4009b3..b57f74de9 100644 --- a/website/content/commands/config/read.mdx +++ b/website/content/commands/config/read.mdx @@ -15,7 +15,7 @@ kind and name and outputs its JSON representation. See the details about configuration entries. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required1 | diff --git a/website/content/commands/config/write.mdx b/website/content/commands/config/write.mdx index 214b92a24..01c0b7d06 100644 --- a/website/content/commands/config/write.mdx +++ b/website/content/commands/config/write.mdx @@ -14,7 +14,7 @@ See the [configuration entries docs](/docs/agent/config-entries) for more details about configuration entries. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required1 | diff --git a/website/content/commands/connect/ca.mdx b/website/content/commands/connect/ca.mdx index 3b037ea4a..e00be9f94 100644 --- a/website/content/commands/connect/ca.mdx +++ b/website/content/commands/connect/ca.mdx @@ -43,7 +43,7 @@ Subcommands: This command displays the current CA configuration. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -78,7 +78,7 @@ being used, the [Root Rotation](/docs/connect/ca#root-certificate-rotation) proc will be triggered. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -99,7 +99,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/connect/ca/configuration](/api-doc - `-config-file` - (required) Specifies a JSON-formatted file to use for the new configuration. The format of this config file matches the request payload documented in the - [Update CA Configuration API](/api/connect/ca#update-ca-configuration). + [Update CA Configuration API](/api-docs/connect/ca#update-ca-configuration). - `-force-without-cross-signing` `(bool: )` - Indicates that the CA change should be forced to complete even if the current CA doesn't support cross diff --git a/website/content/commands/event.mdx b/website/content/commands/event.mdx index 96edc4d34..ec85dba6c 100644 --- a/website/content/commands/event.mdx +++ b/website/content/commands/event.mdx @@ -38,7 +38,7 @@ parameters of the event, but the payload should be kept very small (< 100 bytes). Specifying too large of an event will return an error. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/force-leave.mdx b/website/content/commands/force-leave.mdx index f923b746f..399bf412b 100644 --- a/website/content/commands/force-leave.mdx +++ b/website/content/commands/force-leave.mdx @@ -33,7 +33,7 @@ if the agent returns after transitioning to the "left" state, but before it is r from the member list, then it will rejoin the cluster. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/check.mdx b/website/content/commands/intention/check.mdx index a8641b653..02b6abb73 100644 --- a/website/content/commands/intention/check.mdx +++ b/website/content/commands/intention/check.mdx @@ -24,7 +24,7 @@ defined as _deny_ intentions during evaluation, as this endpoint is only suited for networking layer 4 (e.g. TCP) integration. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/create.mdx b/website/content/commands/intention/create.mdx index 37b70b92b..4b3cd5d43 100644 --- a/website/content/commands/intention/create.mdx +++ b/website/content/commands/intention/create.mdx @@ -18,7 +18,7 @@ Corresponding HTTP API Endpoint: [\[POST\] /v1/connect/intentions](/api-docs/con The `intention create` command creates or updates an L4 intention. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/delete.mdx b/website/content/commands/intention/delete.mdx index d2b58545e..474065332 100644 --- a/website/content/commands/intention/delete.mdx +++ b/website/content/commands/intention/delete.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoints: [\[DELETE\] /v1/connect/intentions/exact](/api The `intention delete` command deletes a matching intention. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/get.mdx b/website/content/commands/intention/get.mdx index b1252a1b4..f61ab5e93 100644 --- a/website/content/commands/intention/get.mdx +++ b/website/content/commands/intention/get.mdx @@ -17,7 +17,7 @@ Consul 1.9.0. Intentions no longer need IDs when represented as entries. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/index.mdx b/website/content/commands/intention/index.mdx index 8ba1dd996..b907d144b 100644 --- a/website/content/commands/intention/index.mdx +++ b/website/content/commands/intention/index.mdx @@ -15,7 +15,7 @@ This command is available in Consul 1.2 and later. Intentions are managed primarily via [`service-intentions`](/docs/connect/config-entries/service-intentions) config entries after Consul 1.9. Intentions may also be managed via the [HTTP -API](/api/connect/intentions). +API](/api-docs/connect/intentions). ~> **Deprecated** - This command is deprecated in Consul 1.9.0 in favor of using the [config entry CLI command](/commands/config/write). To create an diff --git a/website/content/commands/intention/list.mdx b/website/content/commands/intention/list.mdx index 03dd93248..004914a73 100644 --- a/website/content/commands/intention/list.mdx +++ b/website/content/commands/intention/list.mdx @@ -12,7 +12,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/connect/intentions](/api-docs/conn The `intention list` command shows all intentions including ID and precedence. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/intention/match.mdx b/website/content/commands/intention/match.mdx index 49694551a..b7d456c4f 100644 --- a/website/content/commands/intention/match.mdx +++ b/website/content/commands/intention/match.mdx @@ -17,7 +17,7 @@ The [check](/commands/intention/check) command can be used to check whether an L4 connection would be authorized between any two services. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/join.mdx b/website/content/commands/join.mdx index 2186e67e8..85125d75f 100644 --- a/website/content/commands/join.mdx +++ b/website/content/commands/join.mdx @@ -23,7 +23,7 @@ An agent which is already part of a cluster may join an agent in a different cluster, causing the two clusters to be merged into a single cluster. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/keyring.mdx b/website/content/commands/keyring.mdx index 0dbcb98b4..50494a66d 100644 --- a/website/content/commands/keyring.mdx +++ b/website/content/commands/keyring.mdx @@ -30,7 +30,7 @@ are no errors. If any node fails to reply or reports failure, the exit code will be 1. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required1 | diff --git a/website/content/commands/kv/delete.mdx b/website/content/commands/kv/delete.mdx index 6789fa810..8fe1f5bb1 100644 --- a/website/content/commands/kv/delete.mdx +++ b/website/content/commands/kv/delete.mdx @@ -13,7 +13,7 @@ The `kv delete` command removes the value from Consul's KV store at the given path. If no key exists at the path, no action is taken. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/kv/export.mdx b/website/content/commands/kv/export.mdx index 97f675966..b117de87c 100644 --- a/website/content/commands/kv/export.mdx +++ b/website/content/commands/kv/export.mdx @@ -13,7 +13,7 @@ stdout. This can be used with the command "consul kv import" to move entire trees between Consul clusters. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/kv/get.mdx b/website/content/commands/kv/get.mdx index 044e557bb..44e2c8bc8 100644 --- a/website/content/commands/kv/get.mdx +++ b/website/content/commands/kv/get.mdx @@ -21,7 +21,7 @@ Consul clusters. Alternatively, the [transaction API](/api-docs/txn) provides support for performing up to 64 KV operations atomically. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/kv/import.mdx b/website/content/commands/kv/import.mdx index ab9acf229..f8ef0b670 100644 --- a/website/content/commands/kv/import.mdx +++ b/website/content/commands/kv/import.mdx @@ -11,7 +11,7 @@ The `kv import` command is used to import KV pairs from the JSON representation generated by the `kv export` command. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/kv/index.mdx b/website/content/commands/kv/index.mdx index b3c525ff8..49bfcc6b4 100644 --- a/website/content/commands/kv/index.mdx +++ b/website/content/commands/kv/index.mdx @@ -13,7 +13,7 @@ and deleting from the store. This command is available in Consul 0.7.1 and later. The KV store is also accessible via the -[HTTP API](/api/kv). +[HTTP API](/api-docs/kv). ## Usage diff --git a/website/content/commands/kv/put.mdx b/website/content/commands/kv/put.mdx index 8769d726f..f8c9dd137 100644 --- a/website/content/commands/kv/put.mdx +++ b/website/content/commands/kv/put.mdx @@ -17,7 +17,7 @@ The `kv put` command writes the data to the given path in the KV store. 64 KV operations atomically. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/leave.mdx b/website/content/commands/leave.mdx index 527a617bf..a987338b8 100644 --- a/website/content/commands/leave.mdx +++ b/website/content/commands/leave.mdx @@ -26,7 +26,7 @@ Running `consul leave` on a server explicitly will reduce the quorum size. Even This means you could end up with just one server that is still able to commit writes because quorum is only 1, but those writes might be lost if that server fails before more are added. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/license.mdx b/website/content/commands/license.mdx index e8073e844..7b19228d4 100644 --- a/website/content/commands/license.mdx +++ b/website/content/commands/license.mdx @@ -129,7 +129,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/license](/api-docs/operat This command sets the Consul Enterprise license. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -169,7 +169,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/license](/api-docs/operat This command gets the Consul Enterprise license. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -214,7 +214,7 @@ Resets license for the datacenter to the one builtin in Consul binary, if it is If the builtin license is invalid, the current one stays active. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/login.mdx b/website/content/commands/login.mdx index ff04c51a4..715ba71c5 100644 --- a/website/content/commands/login.mdx +++ b/website/content/commands/login.mdx @@ -18,7 +18,7 @@ command `consul logout` should be used to destroy any tokens created this way to avoid a resource leak. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/logout.mdx b/website/content/commands/logout.mdx index 4c0af4a97..67c39910a 100644 --- a/website/content/commands/logout.mdx +++ b/website/content/commands/logout.mdx @@ -16,7 +16,7 @@ The `logout` command will destroy the provided token if it was created from `consul login`. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/maint.mdx b/website/content/commands/maint.mdx index 221e7e67d..2bd327b34 100644 --- a/website/content/commands/maint.mdx +++ b/website/content/commands/maint.mdx @@ -22,7 +22,7 @@ critical status against a service, and deactivated by deregistering the health check. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/members.mdx b/website/content/commands/members.mdx index 98a1ac58b..fe0c3120c 100644 --- a/website/content/commands/members.mdx +++ b/website/content/commands/members.mdx @@ -22,7 +22,7 @@ reconnect with failed nodes for a certain amount of time in the case that the failure is actually just a network partition. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/create.mdx b/website/content/commands/namespace/create.mdx index ccadc6204..6fd8e083c 100644 --- a/website/content/commands/namespace/create.mdx +++ b/website/content/commands/namespace/create.mdx @@ -15,7 +15,7 @@ This `namespace create` command creates a namespaces using the CLI parameters pr This was added in Consul Enterprise 1.7.2. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/delete.mdx b/website/content/commands/namespace/delete.mdx index 95fd4b9e9..5854b585f 100644 --- a/website/content/commands/namespace/delete.mdx +++ b/website/content/commands/namespace/delete.mdx @@ -15,7 +15,7 @@ This `namespace delete` command deletes a namespace. This was added in Consul En ACLs are enabled then this command will require a token with `operator:write` privileges. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/list.mdx b/website/content/commands/namespace/list.mdx index 1ce45328c..ede6da945 100644 --- a/website/content/commands/namespace/list.mdx +++ b/website/content/commands/namespace/list.mdx @@ -17,7 +17,7 @@ within the target namespaces. The results will be filtered based on the ACL toke see a partial list. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/read.mdx b/website/content/commands/namespace/read.mdx index b008977b7..d194a7ff6 100644 --- a/website/content/commands/namespace/read.mdx +++ b/website/content/commands/namespace/read.mdx @@ -16,7 +16,7 @@ ACLs are enabled then this command will require a token with `operator:read` pri within the target namespace. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/update.mdx b/website/content/commands/namespace/update.mdx index bcbb571b4..e74dbc66e 100644 --- a/website/content/commands/namespace/update.mdx +++ b/website/content/commands/namespace/update.mdx @@ -15,7 +15,7 @@ This `namespace update` command updates a namespaces using the CLI parameters pr This was added in Consul Enterprise 1.7.2. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/namespace/write.mdx b/website/content/commands/namespace/write.mdx index 1fe3e5d69..ddcc04348 100644 --- a/website/content/commands/namespace/write.mdx +++ b/website/content/commands/namespace/write.mdx @@ -14,7 +14,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/namespace/:name](/api-docs/namespa This `namespace write` command creates or updates a namespace's configuration from its full definition. This was added in Consul Enterprise 1.7.0. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/operator/area.mdx b/website/content/commands/operator/area.mdx index 17f2881f5..ae61c6b31 100644 --- a/website/content/commands/operator/area.mdx +++ b/website/content/commands/operator/area.mdx @@ -52,7 +52,7 @@ Corresponding HTTP API Endpoint: [\[POST\] /v1/operator/area](/api-docs/operator This command creates a new network area. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -94,7 +94,7 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/operator/area/:uuid](/api-docs/ This command deletes an existing network area. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -133,7 +133,7 @@ This command joins Consul servers into an existing network area by address, such an IP or hostname with an optional port. Multiple addresses may be given. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -177,7 +177,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/area](/api-docs/operator/ This command lists all network areas. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -216,7 +216,7 @@ This command displays Consul server nodes present in a network area, or all areas if no area is specified. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -280,7 +280,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/area/:uuid](/api-docs/ope This command updates the configuration of network area. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/operator/autopilot.mdx b/website/content/commands/operator/autopilot.mdx index ccd395b35..e78ade6a7 100644 --- a/website/content/commands/operator/autopilot.mdx +++ b/website/content/commands/operator/autopilot.mdx @@ -33,7 +33,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/autopilot/configuration]( This command displays the current autopilot configuration. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -68,7 +68,7 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/autopilot/configuration]( Modifies the current Autopilot configuration. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -126,7 +126,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/autopilot/state](/api-doc This command displays the current autopilot state. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/operator/index.mdx b/website/content/commands/operator/index.mdx index 0e0b46019..067632298 100644 --- a/website/content/commands/operator/index.mdx +++ b/website/content/commands/operator/index.mdx @@ -22,7 +22,7 @@ if required, so this can be run from any Consul node in a cluster. See the See the [Outage Recovery](https://learn.hashicorp.com/consul/day-2-operations/outage) guide for some examples of how this command is used. For an API to perform these operations programmatically, -please see the documentation for the [Operator](/api/operator) +please see the documentation for the [Operator](/api-docs/operator) endpoint. ## Usage diff --git a/website/content/commands/operator/raft.mdx b/website/content/commands/operator/raft.mdx index 2f10cac74..6c0e1f22d 100644 --- a/website/content/commands/operator/raft.mdx +++ b/website/content/commands/operator/raft.mdx @@ -34,7 +34,7 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/status/peers](/api-docs/status#lis This command displays the current Raft peer configuration. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -86,7 +86,7 @@ clean up by simply running instead of this command. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/reload.mdx b/website/content/commands/reload.mdx index def20e377..40d234a15 100644 --- a/website/content/commands/reload.mdx +++ b/website/content/commands/reload.mdx @@ -26,7 +26,7 @@ Not all configuration options are reloadable. See the section on the agent options page for details on which options are supported. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/rtt.mdx b/website/content/commands/rtt.mdx index 4f7fd6e3a..3f8a1f819 100644 --- a/website/content/commands/rtt.mdx +++ b/website/content/commands/rtt.mdx @@ -18,7 +18,7 @@ See the [Network Coordinates](/docs/architecture/coordinates) internals guide for more information on how these coordinates are computed. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/services/deregister.mdx b/website/content/commands/services/deregister.mdx index 7b3afb066..e61456b69 100644 --- a/website/content/commands/services/deregister.mdx +++ b/website/content/commands/services/deregister.mdx @@ -21,7 +21,7 @@ deregister. See [Service Definition](/docs/discovery/services) for more information about registering services generally. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | diff --git a/website/content/commands/services/register.mdx b/website/content/commands/services/register.mdx index 22a960325..7c0b04446 100644 --- a/website/content/commands/services/register.mdx +++ b/website/content/commands/services/register.mdx @@ -20,10 +20,10 @@ in the Consul agent configuration directory and issuing a [reload](/commands/reload). This approach is easiest for configuration management systems that other systems that have access to the configuration directory. Clients may also use the -[HTTP API](/api/agent/service) directly. +[HTTP API](/api-docs/agent/service) directly. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -44,7 +44,7 @@ This command returns after registration succeeds. It must be paired with a deregistration command or API call to remove the service. To ensure that services are properly deregistered, it is **highly recommended** that a check is created with the -[`DeregisterCriticalServiceAfter`](/api/agent/check#deregistercriticalserviceafter) +[`DeregisterCriticalServiceAfter`](/api-docs/agent/check#deregistercriticalserviceafter) configuration set. This will ensure that even if deregistration failed for any reason, the agent will automatically deregister the service instance after it is unhealthy for the specified period of time. diff --git a/website/content/commands/snapshot/agent.mdx b/website/content/commands/snapshot/agent.mdx index 2be5a849b..f70525389 100644 --- a/website/content/commands/snapshot/agent.mdx +++ b/website/content/commands/snapshot/agent.mdx @@ -49,7 +49,7 @@ remote storage. Snapshots can be restored using the [`consul snapshot restore`](/commands/snapshot/restore) command, or -the [HTTP API](/api/snapshot). +the [HTTP API](/api-docs/snapshot). ## ACL permissions @@ -372,7 +372,7 @@ leader election or service registration: $ consul snapshot agent -interval=0 ``` -Please see the [HTTP API](/api/snapshot) documentation for +Please see the [HTTP API](/api-docs/snapshot) documentation for more details about snapshot internals. ## Licensing @@ -391,4 +391,4 @@ then the order of precedence is as follows: The ability to load licenses from the configuration or environment was added in v1.10.0, v1.9.7 and v1.8.13. See the [licensing documentation](/docs/enterprise/license/overview) for -more information about Consul Enterprise license management. \ No newline at end of file +more information about Consul Enterprise license management. diff --git a/website/content/commands/snapshot/index.mdx b/website/content/commands/snapshot/index.mdx index 6892b07e3..8c872642a 100644 --- a/website/content/commands/snapshot/index.mdx +++ b/website/content/commands/snapshot/index.mdx @@ -12,7 +12,7 @@ state of the Consul servers for disaster recovery. These are atomic, point-in-ti snapshots which include key/value entries, service catalog, prepared queries, sessions, and ACLs. This command is available in Consul 0.7.1 and later. -Snapshots are also accessible via the [HTTP API](/api/snapshot). +Snapshots are also accessible via the [HTTP API](/api-docs/snapshot). ## Usage diff --git a/website/content/commands/snapshot/inspect.mdx b/website/content/commands/snapshot/inspect.mdx index 9db0bac0c..3a5e0b32d 100644 --- a/website/content/commands/snapshot/inspect.mdx +++ b/website/content/commands/snapshot/inspect.mdx @@ -112,7 +112,7 @@ $ consul snapshot inspect -kvdetails -kvdepth 3 -kvfilter vault/core backup.snap Total 5.9KB ``` -Please see the [HTTP API](/api/snapshot) documentation for +Please see the [HTTP API](/api-docs/snapshot) documentation for more details about snapshot internals. To inspect an internal snapshot directly from a Consul server data directory: diff --git a/website/content/commands/snapshot/restore.mdx b/website/content/commands/snapshot/restore.mdx index bc7d68fa1..1657033d1 100644 --- a/website/content/commands/snapshot/restore.mdx +++ b/website/content/commands/snapshot/restore.mdx @@ -20,7 +20,7 @@ intended to be used when recovering from a disaster, restoring into a fresh cluster of Consul servers. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -46,5 +46,5 @@ $ consul snapshot restore backup.snap Restored snapshot ``` -Please see the [HTTP API](/api/snapshot) documentation for +Please see the [HTTP API](/api-docs/snapshot) documentation for more details about snapshot internals. diff --git a/website/content/commands/snapshot/save.mdx b/website/content/commands/snapshot/save.mdx index 38b9a2708..f2c2afede 100644 --- a/website/content/commands/snapshot/save.mdx +++ b/website/content/commands/snapshot/save.mdx @@ -28,7 +28,7 @@ the context of the server process. If you're using Systemd to manage your Consul processes, then adding `Environment=TMPDIR=/path/to/dir` to your Consul unit file will work. The table below shows this command's [required ACLs](/api#authentication). Configuration of -[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching) +[blocking queries](/api-docs/features/blocking) and [agent caching](/api-docs/features/caching) are not supported from commands, but may be from the corresponding HTTP endpoint. | ACL Required | @@ -73,5 +73,5 @@ This is useful for situations where a cluster is in a degraded state and no leader is available. To target a specific server for a snapshot, you can run the `consul snapshot save` command on that specific server. -Please see the [HTTP API](/api/snapshot) documentation for +Please see the [HTTP API](/api-docs/snapshot) documentation for more details about snapshot internals. diff --git a/website/content/docs/agent/config-entries.mdx b/website/content/docs/agent/config-entries.mdx index 7a9dfa75d..d477db6b2 100644 --- a/website/content/docs/agent/config-entries.mdx +++ b/website/content/docs/agent/config-entries.mdx @@ -55,7 +55,7 @@ See [Kubernetes Custom Resource Definitions](/docs/k8s/crds). ## Managing Configuration Entries Outside Of Kubernetes Configuration entries outside of Kubernetes should be managed with the Consul -[CLI](/commands/config) or [API](/api/config). Additionally, as a +[CLI](/commands/config) or [API](/api-docs/config). Additionally, as a convenience for initial cluster bootstrapping, configuration entries can be specified in the Consul servers agent's [configuration files](/docs/agent/options#config_entries_bootstrap) diff --git a/website/content/docs/agent/options.mdx b/website/content/docs/agent/options.mdx index b35e964ff..2b1c1b867 100644 --- a/website/content/docs/agent/options.mdx +++ b/website/content/docs/agent/options.mdx @@ -709,7 +709,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." - `enable_token_replication` ((#acl_enable_token_replication)) - By default secondary Consul datacenters will perform replication of only ACL policies and roles. Setting this configuration will will enable ACL token replication and - allow for the creation of both [local tokens](/api/acl/tokens#local) and + allow for the creation of both [local tokens](/api-docs/acl/tokens#local) and [auth methods](/docs/security/acl/auth-methods) in connected secondary datacenters. ~> **Warning:** When enabling ACL token replication on the secondary datacenter, @@ -761,7 +761,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." - `agent_recovery` ((#acl_tokens_agent_recovery)) - This is available in Consul 1.11 and later. In prior versions, use [`acl.tokens.agent_master`](#acl_tokens_agent_master). - Used to access [agent endpoints](/api/agent) that require agent read or write privileges, + Used to access [agent endpoints](/api-docs/agent) that require agent read or write privileges, or node read privileges, even if Consul servers aren't present to validate any tokens. This should only be used by operators during outages, regular ACL tokens should normally be used by applications. @@ -771,7 +771,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." - `replication` ((#acl_tokens_replication)) - The ACL token used to authorize secondary datacenters with the primary datacenter for replication - operations. This token is required for servers outside the [`primary_datacenter`](#primary_datacenter) when ACLs are enabled. This token may be provided later using the [agent token API](/api/agent#update-acl-tokens) on each server. This token must have at least "read" permissions on ACL data but if ACL token replication is enabled then it must have "write" permissions. This also enables Connect replication, for which the token will require both operator "write" and intention "read" permissions for replicating CA and Intention data. + operations. This token is required for servers outside the [`primary_datacenter`](#primary_datacenter) when ACLs are enabled. This token may be provided later using the [agent token API](/api-docs/agent#update-acl-tokens) on each server. This token must have at least "read" permissions on ACL data but if ACL token replication is enabled then it must have "write" permissions. This also enables Connect replication, for which the token will require both operator "write" and intention "read" permissions for replicating CA and Intention data. ~> **Warning:** When enabling ACL token replication on the secondary datacenter, policies and roles already present in the secondary datacenter will be lost. For @@ -828,7 +828,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." - `acl_agent_master_token` ((#acl_agent_master_token_legacy)) - **Deprecated in Consul 1.4.0. See the [`acl.tokens.agent_master`](#acl_tokens_agent_master) - field instead.** Used to access [agent endpoints](/api/agent) that + field instead.** Used to access [agent endpoints](/api-docs/agent) that require agent read or write privileges, or node read privileges, even if Consul servers aren't present to validate any tokens. This should only be used by operators during outages, regular ACL tokens should normally be used by applications. This @@ -859,7 +859,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." using this ACL replication using this token to retrieve and replicate the ACLs to the non-authoritative local datacenter. In Consul 0.9.1 and later you can enable ACL replication using [`acl.enable_token_replication`](#acl_enable_token_replication) and then - set the token later using the [agent token API](/api/agent#update-acl-tokens) + set the token later using the [agent token API](/api-docs/agent#update-acl-tokens) on each server. If the `acl_replication_token` is set in the config, it will automatically set [`acl.enable_token_replication`](#acl_enable_token_replication) to true for backward compatibility. @@ -1164,7 +1164,7 @@ Valid time units are 'ns', 'us' (or 'µs'), 'ms', 's', 'm', 'h'." - `claim_assertions` (Defaults to `[]`) List of assertions about the mapped claims required to authorize the incoming RPC request. The syntax uses [github.com/hashicorp/go-bexpr](https://github.com/hashicorp/go-bexpr) which is shared with the - [API filtering feature](/api/features/filtering). For example, the following + [API filtering feature](/api-docs/features/filtering). For example, the following configurations when combined will ensure that the JWT `sub` matches the node name requested by the client. @@ -1319,12 +1319,12 @@ bind_addr = "{{ GetPrivateInterfaces | include \"network\" \"10.0.0.0/8\" | attr - `ca_provider` ((#connect_ca_provider)) Controls which CA provider to use for Connect's CA. Currently only the `aws-pca`, `consul`, and `vault` providers are supported. This is only used when initially bootstrapping the cluster. For an existing cluster, - use the [Update CA Configuration Endpoint](/api/connect/ca#update-ca-configuration). + use the [Update CA Configuration Endpoint](/api-docs/connect/ca#update-ca-configuration). - `ca_config` ((#connect_ca_config)) An object which allows setting different config options based on the CA provider chosen. This is only used when initially bootstrapping the cluster. For an existing cluster, use the [Update CA Configuration - Endpoint](/api/connect/ca#update-ca-configuration). + Endpoint](/api-docs/connect/ca#update-ca-configuration). The following providers are supported: @@ -1598,12 +1598,12 @@ There are also a number of common configuration options supported by all provide in seconds, default value is 600, ie: 10 minutes. - `use_cache` ((#dns_use_cache)) - When set to true, DNS resolution will - use the agent cache described in [agent caching](/api/features/caching). + use the agent cache described in [agent caching](/api-docs/features/caching). This setting affects all service and prepared queries DNS requests. Implies [`allow_stale`](#allow_stale) - `cache_max_age` ((#dns_cache_max_age)) - When [use_cache](#dns_use_cache) is enabled, the agent will attempt to re-fetch the result from the servers if - the cached value is older than this duration. See: [agent caching](/api/features/caching). + the cached value is older than this duration. See: [agent caching](/api-docs/features/caching). **Note** that unlike the `max-age` HTTP header, a value of 0 for this field is equivalent to "no max age". To get a fresh value from the cache use a very small value @@ -1622,7 +1622,7 @@ There are also a number of common configuration options supported by all provide - `enable_acl_replication` **Deprecated in Consul 1.11. Use the [`acl.enable_token_replication`](#acl_enable_token_replication) field instead.** When set on a Consul server, enables ACL replication without having to set the replication token via [`acl_replication_token`](#acl_replication_token). Instead, enable ACL replication - and then introduce the token using the [agent token API](/api/agent#update-acl-tokens) on each server. + and then introduce the token using the [agent token API](/api-docs/agent#update-acl-tokens) on each server. See [`acl_replication_token`](#acl_replication_token) for more details. ~> **Warning:** When enabling ACL token replication on the secondary datacenter, @@ -1801,7 +1801,7 @@ There are also a number of common configuration options supported by all provide - `allow_write_http_from` This object is a list of networks in CIDR notation (eg "127.0.0.0/8") that are allowed to call the agent write endpoints. It defaults to an empty list, which means all networks are allowed. This is used to make the agent read-only, except for select ip ranges. - To block write calls from anywhere, use `[ "255.255.255.255/32" ]`. - To only allow write calls from localhost, use `[ "127.0.0.0/8" ]` - To only allow specific IPs, use `[ "10.0.0.1/32", "10.0.0.2/32" ]` - - `use_cache` ((#http_config_use_cache)) Defaults to true. If disabled, the agent won't be using [agent caching](/api/features/caching) to answer the request. Even when the url parameter is provided. + - `use_cache` ((#http_config_use_cache)) Defaults to true. If disabled, the agent won't be using [agent caching](/api-docs/features/caching) to answer the request. Even when the url parameter is provided. - `max_header_bytes` This setting controls the maximum number of bytes the consul http server will read parsing the request header's keys and values, including the request line. It does not limit the size of the request body. If zero, or negative, http.DefaultMaxHeaderBytes is used, which equates to 1 Megabyte. @@ -1820,8 +1820,8 @@ There are also a number of common configuration options supported by all provide - `rpc_max_conns_per_client` - Configures a limit of how many concurrent TCP connections a single source IP address is allowed to open to a single server. It affects both clients connections and other server connections. In general Consul clients multiplex many RPC calls over a single TCP connection so this can typically be kept low. It needs to be more than one though since servers open at least one additional connection for raft RPC, possibly more for WAN federation when using network areas, and snapshot requests from clients run over a separate TCP conn. A reasonably low limit significantly reduces the ability of an unauthenticated attacker to consume unbounded resources by holding open many connections. You may need to increase this if WAN federated servers connect via proxies or NAT gateways or similar causing many legitimate connections from a single source IP. Default value is `100` which is designed to be extremely conservative to limit issues with certain deployment patterns. Most deployments can probably reduce this safely. 100 connections on modern server hardware should not cause a significant impact on resource usage from an unauthenticated attacker though. - `rpc_rate` - Configures the RPC rate limiter on Consul _clients_ by setting the maximum request rate that this agent is allowed to make for RPC requests to Consul servers, in requests per second. Defaults to infinite, which disables rate limiting. - `rpc_max_burst` - The size of the token bucket used to recharge the RPC rate limiter on Consul _clients_. Defaults to 1000 tokens, and each token is good for a single RPC call to a Consul server. See https://en.wikipedia.org/wiki/Token_bucket for more details about how token bucket rate limiters operate. - - `kv_max_value_size` - **(Advanced)** Configures the maximum number of bytes for a kv request body to the [`/v1/kv`](/api/kv) endpoint. This limit defaults to [raft's](https://github.com/hashicorp/raft) suggested max size (512KB). **Note that tuning these improperly can cause Consul to fail in unexpected ways**, it may potentially affect leadership stability and prevent timely heartbeat signals by increasing RPC IO duration. This option affects the txn endpoint too, but Consul 1.7.2 introduced `txn_max_req_len` which is the preferred way to set the limit for the txn endpoint. If both limits are set, the higher one takes precedence. - - `txn_max_req_len` - **(Advanced)** Configures the maximum number of bytes for a transaction request body to the [`/v1/txn`](/api/txn) endpoint. This limit defaults to [raft's](https://github.com/hashicorp/raft) suggested max size (512KB). **Note that tuning these improperly can cause Consul to fail in unexpected ways**, it may potentially affect leadership stability and prevent timely heartbeat signals by increasing RPC IO duration. + - `kv_max_value_size` - **(Advanced)** Configures the maximum number of bytes for a kv request body to the [`/v1/kv`](/api-docs/kv) endpoint. This limit defaults to [raft's](https://github.com/hashicorp/raft) suggested max size (512KB). **Note that tuning these improperly can cause Consul to fail in unexpected ways**, it may potentially affect leadership stability and prevent timely heartbeat signals by increasing RPC IO duration. This option affects the txn endpoint too, but Consul 1.7.2 introduced `txn_max_req_len` which is the preferred way to set the limit for the txn endpoint. If both limits are set, the higher one takes precedence. + - `txn_max_req_len` - **(Advanced)** Configures the maximum number of bytes for a transaction request body to the [`/v1/txn`](/api-docs/txn) endpoint. This limit defaults to [raft's](https://github.com/hashicorp/raft) suggested max size (512KB). **Note that tuning these improperly can cause Consul to fail in unexpected ways**, it may potentially affect leadership stability and prevent timely heartbeat signals by increasing RPC IO duration. - `log_file` Equivalent to the [`-log-file` command-line flag](#_log_file). @@ -2238,7 +2238,7 @@ There are also a number of common configuration options supported by all provide 2 times the interval of scrape of Prometheus, but you might also put a very high retention time such as a few days (for instance 744h to enable retention to 31 days). Fetching the metrics using prometheus can then be performed using the - [`/v1/agent/metrics?format=prometheus`](/api/agent#view-metrics) endpoint. + [`/v1/agent/metrics?format=prometheus`](/api-docs/agent#view-metrics) endpoint. The format is compatible natively with prometheus. When running in this mode, it is recommended to also enable the option [`disable_hostname`](#telemetry-disable_hostname) to avoid having prefixed metrics with hostname. Consul does not use the default @@ -2288,11 +2288,11 @@ There are also a number of common configuration options supported by all provide The following endpoints translate addresses: - - [`/v1/catalog/nodes`](/api/catalog#list-nodes) - - [`/v1/catalog/node/`](/api/catalog#retrieve-map-of-services-for-a-node) - - [`/v1/catalog/service/`](/api/catalog#list-nodes-for-service) - - [`/v1/health/service/`](/api/health#list-nodes-for-service) - - [`/v1/query//execute`](/api/query#execute-prepared-query) + - [`/v1/catalog/nodes`](/api-docs/catalog#list-nodes) + - [`/v1/catalog/node/`](/api-docs/catalog#retrieve-map-of-services-for-a-node) + - [`/v1/catalog/service/`](/api-docs/catalog#list-nodes-for-service) + - [`/v1/health/service/`](/api-docs/health#list-nodes-for-service) + - [`/v1/query//execute`](/api-docs/query#execute-prepared-query) - `ui` - **This field is deprecated in Consul 1.9.0. See the [`ui_config.enabled`](#ui_config_enabled) field instead.** Equivalent to the [`-ui`](#_ui) command-line flag. diff --git a/website/content/docs/agent/sentinel.mdx b/website/content/docs/agent/sentinel.mdx index b86e12942..c25da5293 100644 --- a/website/content/docs/agent/sentinel.mdx +++ b/website/content/docs/agent/sentinel.mdx @@ -54,7 +54,7 @@ Consul passes some context as variables into Sentinel, which are available to us | ------------- | -------- | ---------------------- | | `key` | `string` | Key being written | | `value` | `string` | Value being written | -| `flags` | `uint64` | [Flags](/api/kv#flags) | +| `flags` | `uint64` | [Flags](/api-docs/kv#flags) | ## Sentinel Examples diff --git a/website/content/docs/agent/telemetry.mdx b/website/content/docs/agent/telemetry.mdx index 1c02cebf0..e17b75396 100644 --- a/website/content/docs/agent/telemetry.mdx +++ b/website/content/docs/agent/telemetry.mdx @@ -36,7 +36,7 @@ it can be aggregated and flushed to Graphite or any other metrics store. For a configuration example for Telegraf, review the [Monitoring with Telegraf tutorial](https://learn.hashicorp.com/tutorials/consul/monitor-health-telegraf?utm_source=consul.io&utm_medium=docs). This -information can also be viewed with the [metrics endpoint](/api/agent#view-metrics) in JSON +information can also be viewed with the [metrics endpoint](/api-docs/agent#view-metrics) in JSON format or using [Prometheus](https://prometheus.io/) format. diff --git a/website/content/docs/architecture/consensus.mdx b/website/content/docs/architecture/consensus.mdx index 9a172a54b..361d2336e 100644 --- a/website/content/docs/architecture/consensus.mdx +++ b/website/content/docs/architecture/consensus.mdx @@ -73,7 +73,7 @@ _committed_, it can be _applied_ to a finite state machine. The finite state mac is application specific; in Consul's case, we use [MemDB](https://github.com/hashicorp/go-memdb) to maintain cluster state. Consul's writes block until it is both _committed_ and _applied_. This achieves read after write semantics -when used with the [consistent](/api/features/consistency#consistent) mode for queries. +when used with the [consistent](/api-docs/features/consistency#consistent) mode for queries. Obviously, it would be undesirable to allow a replicated log to grow in an unbounded fashion. Raft provides a mechanism by which the current state is snapshotted and the @@ -168,7 +168,7 @@ The three read modes are: a cluster that is unavailable will still be able to respond. For more documentation about using these various modes, see the -[HTTP API](/api/features/consistency). +[HTTP API](/api-docs/features/consistency). ## Deployment Table ((#deployment_table)) diff --git a/website/content/docs/architecture/coordinates.mdx b/website/content/docs/architecture/coordinates.mdx index 082273fef..1e642b31b 100644 --- a/website/content/docs/architecture/coordinates.mdx +++ b/website/content/docs/architecture/coordinates.mdx @@ -25,15 +25,15 @@ Network coordinates manifest in several ways inside Consul: - The [`consul rtt`](/commands/rtt) command can be used to query for the network round trip time between any two nodes. -- The [Catalog endpoints](/api/catalog) and - [Health endpoints](/api/health) can sort the results of queries based +- The [Catalog endpoints](/api-docs/catalog) and + [Health endpoints](/api-docs/health) can sort the results of queries based on the network round trip time from a given node using a "?near=" parameter. -- [Prepared queries](/api/query) can automatically fail over services +- [Prepared queries](/api-docs/query) can automatically fail over services to other Consul datacenters based on network round trip times. See the [Geo Failover](https://learn.hashicorp.com/tutorials/consul/automate-geo-failover) for some examples. -- The [Coordinate endpoint](/api/coordinate) exposes raw network +- The [Coordinate endpoint](/api-docs/coordinate) exposes raw network coordinates for use in other applications. Consul uses Serf to manage two different gossip pools, one for the LAN with members @@ -46,7 +46,7 @@ LAN coordinates, and WAN coordinates only make sense with other WAN coordinates. Computing the estimated network round trip time between any two nodes is simple once you have their coordinates. Here's a sample coordinate, as returned from the -[Coordinate endpoint](/api/coordinate). +[Coordinate endpoint](/api-docs/coordinate). diff --git a/website/content/docs/connect/ca/consul.mdx b/website/content/docs/connect/ca/consul.mdx index 2c7b08d74..1094ffd25 100644 --- a/website/content/docs/connect/ca/consul.mdx +++ b/website/content/docs/connect/ca/consul.mdx @@ -60,7 +60,7 @@ configuration file. [SPIFFE SVID signing certificate](https://github.com/spiffe/spiffe/blob/master/standards/X509-SVID.md) and the URI in the SAN must match the cluster identifier created at bootstrap with the ".consul" TLD. The cluster identifier can be found - using the [CA List Roots endpoint](/api/connect/ca#list-ca-root-certificates). + using the [CA List Roots endpoint](/api-docs/connect/ca#list-ca-root-certificates). @include 'http_api_connect_ca_common_options.mdx' @@ -72,7 +72,7 @@ the Consul CA provider to use a specific private key and root certificate. This is particularly useful if you have an external PKI system that doesn't currently integrate with Consul directly. -To view the current CA configuration, use the [Get CA Configuration endpoint](/api/connect/ca#get-ca-configuration): +To view the current CA configuration, use the [Get CA Configuration endpoint](/api-docs/connect/ca#get-ca-configuration): ```shell-session $ curl localhost:8500/v1/connect/ca/configuration @@ -93,7 +93,7 @@ been generated (as seen above in the roots list). There are two ways to have the Consul CA use a custom private key and root certificate: either through the `ca_config` section of the [Agent configuration](/docs/agent/options#connect_ca_config) (which can only be used during the cluster's -initial bootstrap) or through the [Update CA Configuration endpoint](/api/connect/ca#update-ca-configuration). +initial bootstrap) or through the [Update CA Configuration endpoint](/api-docs/connect/ca#update-ca-configuration). Currently Consul requires that root certificates are valid [SPIFFE SVID Signing certificates](https://github.com/spiffe/spiffe/blob/master/standards/X509-SVID.md) and that the URI encoded in the SAN is the cluster identifier created at bootstrap with the ".consul" TLD. In this diff --git a/website/content/docs/connect/ca/index.mdx b/website/content/docs/connect/ca/index.mdx index d4caf7ed5..dc035b4e4 100644 --- a/website/content/docs/connect/ca/index.mdx +++ b/website/content/docs/connect/ca/index.mdx @@ -49,7 +49,7 @@ state. For the initial bootstrap, the CA provider can be configured through the [Agent configuration](/docs/agent/options#connect_ca_config). After initialization, the CA can only be updated through the -[Update CA Configuration API endpoint](/api/connect/ca#update-ca-configuration). +[Update CA Configuration API endpoint](/api-docs/connect/ca#update-ca-configuration). If a CA is already initialized, any changes to the CA configuration in the agent configuration file (including removing the configuration completely) will have no effect. @@ -61,7 +61,7 @@ be generated automatically. ## Viewing Root Certificates Root certificates can be queried with the -[list CA Roots endpoint](/api/connect/ca#list-ca-root-certificates). +[list CA Roots endpoint](/api-docs/connect/ca#list-ca-root-certificates). With this endpoint, you can see the list of currently trusted root certificates. When a cluster first initializes, this will only list one trusted root. Multiple roots may appear as part of @@ -96,7 +96,7 @@ $ curl http://localhost:8500/v1/connect/ca/roots ## CA Configuration After initialization, the CA provider configuration can be viewed with the -[Get CA Configuration API endpoint](/api/connect/ca#get-ca-configuration). +[Get CA Configuration API endpoint](/api-docs/connect/ca#get-ca-configuration). Consul will filter sensitive values from this endpoint depending on the provider in use, so the configuration may not be complete. @@ -114,7 +114,7 @@ $ curl http://localhost:8500/v1/connect/ca/configuration ``` The CA provider can be reconfigured using the -[Update CA Configuration API endpoint](/api/connect/ca#update-ca-configuration). +[Update CA Configuration API endpoint](/api-docs/connect/ca#update-ca-configuration). Specific options for reconfiguration can be found in the specific CA provider documentation in the sidebar to the left. @@ -147,7 +147,7 @@ certificate or CA provider has been set up, the new root becomes the active one and is immediately used for signing any new incoming certificate requests. If we check the [list CA roots -endpoint](/api/connect/ca#list-ca-root-certificates) after updating the +endpoint](/api-docs/connect/ca#list-ca-root-certificates) after updating the configuration with a new root certificate, we can see both the old and new root certificates are present, and the currently active root has an intermediate certificate which has been generated and cross-signed automatically by the old @@ -244,6 +244,6 @@ to each cluster and can be looked up by examining the `TrustDomain` field in the [List CA Roots](/api-docs/connect/ca#list-ca-root-certificates) endpoint. The contents of the generated cert and private key files from the above step should then be used with -the [Update CA Configuration](/api/connect/ca#update-ca-configuration) endpoint. Once the CA configuration is +the [Update CA Configuration](/api-docs/connect/ca#update-ca-configuration) endpoint. Once the CA configuration is updated on the primary datacenter, all secondary datacenters will pick up the changes and regenerate their intermediate and leaf certificates, after which any new requests that require certificate verification will succeed. diff --git a/website/content/docs/connect/config-entries/ingress-gateway.mdx b/website/content/docs/connect/config-entries/ingress-gateway.mdx index 918177e4c..78773188d 100644 --- a/website/content/docs/connect/config-entries/ingress-gateway.mdx +++ b/website/content/docs/connect/config-entries/ingress-gateway.mdx @@ -937,7 +937,7 @@ You can specify the following parameters to configure ingress gateway configurat enterprise: true, description: 'Specifies the namespace in which the configuration entry will apply. The value must match the namespace in which the gateway is registered.' + - ' If omitted, the namespace will be inherited from the `ns` request parameter (refer to the [`config` API endpoint documentation](/api/config#ns)).' + + ' If omitted, the namespace will be inherited from the `ns` request parameter (refer to the [`config` API endpoint documentation](/api-docs/config#ns)).' + ' or will default to the `default` namespace.', yaml: false, }, @@ -954,7 +954,7 @@ You can specify the following parameters to configure ingress gateway configurat enterprise: true, description: 'Specifies the admin partition in which the configuration will apply. The value must match the partition in which the gateway is registered.' + - ' If omitted, the partition will be inherited from the request (refer to the [`config` API endpoint documentation](/api/config)).' + + ' If omitted, the partition will be inherited from the request (refer to the [`config` API endpoint documentation](/api-docs/config)).' + ' See [Admin Partitions](/docs/enterprise/admin-partitions) for additional information.', yaml: false, }, diff --git a/website/content/docs/connect/config-entries/service-resolver.mdx b/website/content/docs/connect/config-entries/service-resolver.mdx index da4f24e0c..056c7ba02 100644 --- a/website/content/docs/connect/config-entries/service-resolver.mdx +++ b/website/content/docs/connect/config-entries/service-resolver.mdx @@ -405,10 +405,10 @@ spec: { name: 'Filter', type: 'string: ""', - description: `The [filter expression](/api/features/filtering) to be used for selecting + description: `The [filter expression](/api-docs/features/filtering) to be used for selecting instances of the requested service. If empty all healthy instances are returned. This expression can filter on the same selectors as the - [Health API endpoint](/api/health#filtering-2).`, + [Health API endpoint](/api-docs/health#filtering-2).`, }, { name: 'OnlyPassing', diff --git a/website/content/docs/connect/config-entries/terminating-gateway.mdx b/website/content/docs/connect/config-entries/terminating-gateway.mdx index c5efc511a..8da3b20e6 100644 --- a/website/content/docs/connect/config-entries/terminating-gateway.mdx +++ b/website/content/docs/connect/config-entries/terminating-gateway.mdx @@ -568,7 +568,7 @@ spec: enterprise: true, description: 'Specifies the namespace to which the configuration entry will apply. This must match the namespace in which the gateway is registered.' + - ' If omitted, the namespace will be inherited from [the request](/api/config#ns)' + + ' If omitted, the namespace will be inherited from [the request](/api-docs/config#ns)' + ' or will default to the `default` namespace.', yaml: false, }, @@ -578,7 +578,7 @@ spec: enterprise: true, description: 'Specifies the admin partition to which the configuration entry will apply. This must match the partition in which the gateway is registered.' + - ' If omitted, the partition will be inherited from [the request](/api/config)' + + ' If omitted, the partition will be inherited from [the request](/api-docs/config)' + ' or will default to the `default` partition.', yaml: false, }, diff --git a/website/content/docs/connect/connect-internals.mdx b/website/content/docs/connect/connect-internals.mdx index c55ab2942..7e49c9936 100644 --- a/website/content/docs/connect/connect-internals.mdx +++ b/website/content/docs/connect/connect-internals.mdx @@ -30,14 +30,14 @@ This enables Connect services to establish and accept connections with other SPIFFE-compliant systems. The client service verifies the destination service certificate -against the [public CA bundle](/api/connect/ca#list-ca-root-certificates). +against the [public CA bundle](/api-docs/connect/ca#list-ca-root-certificates). This is very similar to a typical HTTPS web browser connection. In addition to this, the client provides its own client certificate to show its identity to the destination service. If the connection handshake succeeds, the connection is encrypted and authorized. The destination service verifies the client certificate against the [public CA -bundle](/api/connect/ca#list-ca-root-certificates). After verifying the +bundle](/api-docs/connect/ca#list-ca-root-certificates). After verifying the certificate, the next step depends upon the configured application protocol of the destination service. TCP (L4) services must authorize incoming _connections_ against the configured set of Consul [intentions](/docs/connect/intentions), @@ -54,15 +54,15 @@ and can be extended to support any system by adding additional CA providers. All APIs required for Connect typically respond in microseconds and impose minimal overhead to existing services. To ensure this, Connect-related API calls are all made to the local Consul agent over a loopback interface, and all [agent -Connect endpoints](/api/agent/connect) implement local caching, background +Connect endpoints](/api-docs/agent/connect) implement local caching, background updating, and support blocking queries. Most API calls operate on purely local in-memory data. ## Agent Caching and Performance To enable fast responses on endpoints such as the [agent Connect -API](/api/agent/connect), the Consul agent locally caches most Connect-related -data and sets up background [blocking queries](/api/features/blocking) against +API](/api-docs/agent/connect), the Consul agent locally caches most Connect-related +data and sets up background [blocking queries](/api-docs/features/blocking) against the server to update the cache in the background. This allows most API calls such as retrieving certificates or authorizing connections to use in-memory data and respond very quickly. diff --git a/website/content/docs/connect/gateways/ingress-gateway.mdx b/website/content/docs/connect/gateways/ingress-gateway.mdx index 50c796532..9f181850e 100644 --- a/website/content/docs/connect/gateways/ingress-gateway.mdx +++ b/website/content/docs/connect/gateways/ingress-gateway.mdx @@ -13,7 +13,7 @@ description: >- Ingress gateways enable connectivity within your organizational network from services outside the Consul service mesh to services in the mesh. An ingress gateway is a type of proxy and must be registered as a service in Consul, with the -[kind](/api/agent/service#kind) set to "ingress-gateway". They are an +[kind](/api-docs/agent/service#kind) set to "ingress-gateway". They are an entrypoint for outside traffic and allow you to define what services should be exposed and on what port. You configure an ingress gateway by defining a set of [listeners](/docs/connect/config-entries/ingress-gateway#listeners) that each map @@ -53,7 +53,7 @@ review the [ingress gateway tutorial](https://learn.hashicorp.com/tutorials/cons ## Ingress Gateway Configuration Ingress gateways are configured in service definitions and registered with Consul like other services, with two exceptions. -The first is that the [kind](/api/agent/service#kind) must be "ingress-gateway". Second, +The first is that the [kind](/api-docs/agent/service#kind) must be "ingress-gateway". Second, the ingress gateway service definition may contain a `Proxy.Config` entry just like a Connect proxy service, to define opaque configuration parameters useful for the actual proxy software. For Envoy there are some supported [gateway options](/docs/connect/proxies/envoy#gateway-options) as well as @@ -279,4 +279,4 @@ Listeners = [ Separate certificates may be loaded per listener or per-service with hostname (SNI) switching. See the [Config Entry -reference](/docs/connect/config-entries/ingress-gateway) for more details. \ No newline at end of file +reference](/docs/connect/config-entries/ingress-gateway) for more details. diff --git a/website/content/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways.mdx b/website/content/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways.mdx index 69399111b..aac107b2e 100644 --- a/website/content/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways.mdx +++ b/website/content/docs/connect/gateways/mesh-gateway/wan-federation-via-mesh-gateways.mdx @@ -179,5 +179,5 @@ expected result: their _local_ ip addresses and are listed as `alive`. - Ensure any API request that activates datacenter request forwarding. such as - [`/v1/catalog/services?dc=`](/api/catalog#dc-1) + [`/v1/catalog/services?dc=`](/api-docs/catalog#dc-1) succeeds. diff --git a/website/content/docs/connect/gateways/terminating-gateway.mdx b/website/content/docs/connect/gateways/terminating-gateway.mdx index 31aeddc41..81e18d19f 100644 --- a/website/content/docs/connect/gateways/terminating-gateway.mdx +++ b/website/content/docs/connect/gateways/terminating-gateway.mdx @@ -73,7 +73,7 @@ Connect proxies that send upstream traffic through a gateway aren't affected when you deploy terminating gateways. If you are using non-Envoy proxies as Connect proxies they will continue to work for traffic directed at services linked to a terminating gateway as long as they discover upstreams with the -[/health/connect](/api/health#list-nodes-for-connect-capable-service) endpoint. +[/health/connect](/api-docs/health#list-nodes-for-connect-capable-service) endpoint. ## Running and Using a Terminating Gateway @@ -83,7 +83,7 @@ services outside the mesh, review the [terminating gateway tutorial](https://lea ## Terminating Gateway Configuration Terminating gateways are configured in service definitions and registered with Consul like other services, with two exceptions. -The first is that the [kind](/api/agent/service#kind) must be "terminating-gateway". Second, +The first is that the [kind](/api-docs/agent/service#kind) must be "terminating-gateway". Second, the terminating gateway service definition may contain a `Proxy.Config` entry just like a Connect proxy service, to define opaque configuration parameters useful for the actual proxy software. For Envoy there are some supported [gateway options](/docs/connect/proxies/envoy#gateway-options) as well as @@ -98,7 +98,7 @@ must also provide `agent:read` for its node's name in order to discover the agen Linking services to a terminating gateway is done with a `terminating-gateway` [configuration entry](/docs/connect/config-entries/terminating-gateway). This config entry can be applied via the -[CLI](/commands/config/write) or [API](/api/config#apply-configuration). +[CLI](/commands/config/write) or [API](/api-docs/config#apply-configuration). Gateways with the same name in Consul's service catalog are configured with a single configuration entry. This means that additional gateway instances registered with the same name will determine their routing based on the existing configuration entry. @@ -113,12 +113,12 @@ sets of services within their datacenter then the terminating gateways **must** The services that the terminating gateway will proxy for must be registered with Consul, even the services outside the mesh. They must also be registered in the same Consul datacenter as the terminating gateway. Otherwise the terminating gateway will not be able to discover the services' addresses. These services can be registered with a local Consul agent. -If there is no agent present, the services can be registered [directly in the catalog](/api/catalog#register-entity) +If there is no agent present, the services can be registered [directly in the catalog](/api-docs/catalog#register-entity) by sending the registration request to a client or server agent on a different host. All services registered in the Consul catalog must be associated with a node, even when their node is not managed by a Consul client agent. All agent-less services with the same address can be registered under the same node name and address. -However, ensure that the [node name](/api/catalog#node) for external services registered directly in the catalog +However, ensure that the [node name](/api-docs/catalog#node) for external services registered directly in the catalog does not match the node name of any Consul client agent node. If the node name overlaps with the node name of a Consul client agent, Consul's [anti-entropy sync](/docs/architecture/anti-entropy) will delete the services registered via the `/catalog/register` HTTP API endpoint. diff --git a/website/content/docs/connect/intentions-legacy.mdx b/website/content/docs/connect/intentions-legacy.mdx index 240f0aea8..1939db196 100644 --- a/website/content/docs/connect/intentions-legacy.mdx +++ b/website/content/docs/connect/intentions-legacy.mdx @@ -107,7 +107,7 @@ top to bottom, with larger numbers being evaluated first. | Exact | `*` | `*` | `*` | 2 | | `*` | `*` | `*` | `*` | 1 | -The precedence value can be read from the [API](/api/connect/intentions) +The precedence value can be read from the [API](/api-docs/connect/intentions) after an intention is created. Precedence cannot be manually overridden today. This is a feature that will be added in a later version of Consul. diff --git a/website/content/docs/connect/intentions.mdx b/website/content/docs/connect/intentions.mdx index 9f3ea2c42..e76db2511 100644 --- a/website/content/docs/connect/intentions.mdx +++ b/website/content/docs/connect/intentions.mdx @@ -43,7 +43,7 @@ At any given point in time, between any pair of services **only one intention controls authorization**. This may be either an L4 intention or an L7 intention, but at any given point in time only one of those applies. -The [intention match API](/api/connect/intentions#list-matching-intentions) +The [intention match API](/api-docs/connect/intentions#list-matching-intentions) should be periodically called to retrieve all relevant intentions for the target destination. After verifying the TLS client certificate, the cached intentions should be consulted for each incoming connection/request to diff --git a/website/content/docs/connect/l7-traffic/discovery-chain.mdx b/website/content/docs/connect/l7-traffic/discovery-chain.mdx index 41a32a9b5..dc9594e61 100644 --- a/website/content/docs/connect/l7-traffic/discovery-chain.mdx +++ b/website/content/docs/connect/l7-traffic/discovery-chain.mdx @@ -11,7 +11,7 @@ description: >- -> **1.6.0+:** This feature is available in Consul versions 1.6.0 and newer. -~> This topic is part of a [low-level API](/api/discovery-chain) +~> This topic is part of a [low-level API](/api-docs/discovery-chain) primarily targeted at developers building external [Connect proxy integrations](/docs/connect/proxies/integrate). @@ -74,7 +74,7 @@ discovery chain, we first compile them into a form more directly usable by the layers responsible for configuring Connect sidecar proxies. You can interact with the compiler directly using the [discovery-chain -API](/api/discovery-chain). +API](/api-docs/discovery-chain). ### Compilation Parameters @@ -102,7 +102,7 @@ The response is a single wrapped `CompiledDiscoveryChain` field: The chain encodes a digraph of [nodes](#discoverygraphnode) and [targets](#discoverytarget). Nodes are the compiled representation of various discovery chain stages and targets are instructions on how to use the [health -API](/api/health#list-nodes-for-connect-capable-service) to retrieve +API](/api-docs/health#list-nodes-for-connect-capable-service) to retrieve relevant service instance lists. You should traverse the nodes starting with [`StartNode`](#startnode). The @@ -219,7 +219,7 @@ A single node in the compiled discovery chain. definition for this target. - `Filter` `(string: "")` - The - [filter expression](/api/features/filtering) to be used for selecting + [filter expression](/api-docs/features/filtering) to be used for selecting instances of the requested service. If empty all healthy instances are returned. diff --git a/website/content/docs/connect/native/go.mdx b/website/content/docs/connect/native/go.mdx index 879bb9ea6..43016a851 100644 --- a/website/content/docs/connect/native/go.mdx +++ b/website/content/docs/connect/native/go.mdx @@ -179,7 +179,7 @@ the following specific limitations: - `.service[.].consul` to discover a healthy service instance for a given service. - `.query[.].consul` to discover an instance via - [Prepared Query](/api/query). + [Prepared Query](/api-docs/query). - The top-level domain _must_ be `.consul` even if your cluster has a custom `domain` configured for its DNS interface. This might be relaxed in the future. diff --git a/website/content/docs/connect/native/index.mdx b/website/content/docs/connect/native/index.mdx index e90d833b9..57b7e461d 100644 --- a/website/content/docs/connect/native/index.mdx +++ b/website/content/docs/connect/native/index.mdx @@ -37,9 +37,9 @@ to integrate with Connect. ## Overview The primary work involved in natively integrating with Connect is -[acquiring the proper TLS certificate](/api/agent/connect#service-leaf-certificate), -[verifying TLS certificates](/api/agent/connect#certificate-authority-ca-roots), -and [authorizing inbound connections or requests](/api/connect/intentions#list-matching-intentions). +[acquiring the proper TLS certificate](/api-docs/agent/connect#service-leaf-certificate), +[verifying TLS certificates](/api-docs/agent/connect#certificate-authority-ca-roots), +and [authorizing inbound connections or requests](/api-docs/connect/intentions#list-matching-intentions). All of this is done using the Consul HTTP APIs linked above. @@ -50,7 +50,7 @@ an API call to verify the incoming client certificate. ![Native Integration Overview](/img/connect-native-overview.png) -> **Note:** This diagram depicts the simpler networking layer 4 (e.g. TCP) [integration -mechanism](/api/agent/connect#authorize). +mechanism](/api-docs/agent/connect#authorize). Details on the steps are below: @@ -62,21 +62,21 @@ Details on the steps are below: - **Mutual TLS** - As a client, connect to the discovered service address over normal TLS. As part of the TLS connection, provide the - [service certificate](/api/agent/connect#service-leaf-certificate) + [service certificate](/api-docs/agent/connect#service-leaf-certificate) as the client certificate. Verify the remote certificate against the - [public CA roots](/api/agent/connect#certificate-authority-ca-roots). + [public CA roots](/api-docs/agent/connect#certificate-authority-ca-roots). As a client, if the connection is established then you've established a Connect-based connection and there are no further steps! - **Authorization** - As a server accepting connections, verify the client certificate against the [public CA - roots](/api/agent/connect#certificate-authority-ca-roots). After verifying + roots](/api-docs/agent/connect#certificate-authority-ca-roots). After verifying the certificate, parse some basic fields from it and use those to determine if the connection should be allowed. How this is done is dependent on the level of integration desired: - **Simple integration (TCP-only)** - Call the [authorizing - API](/api/agent/connect#authorize) against the local agent. If this returns + API](/api-docs/agent/connect#authorize) against the local agent. If this returns successfully, complete the TLS handshake and establish the connection. If authorization fails, close the connection. @@ -89,7 +89,7 @@ Details on the steps are below: - **Complete integration** - Like how the calls to acquire the leaf certificate and CA roots are expected to be done out of band and reused, so should the [intention match - API](/api/connect/intentions#list-matching-intentions). With all of the + API](/api-docs/connect/intentions#list-matching-intentions). With all of the relevant intentions cached for the destination, all enforcement operations can be done entirely by the service without calling any Consul APIs in the connection or request path. If the service is networking layer 7 (e.g. @@ -104,10 +104,10 @@ so that new connections are not disrupted. This can be done through Consul blocking queries (HTTP long polling) or through periodic polling. The API calls for -[acquiring a leaf TLS certificate](/api/agent/connect#service-leaf-certificate) -and [reading CA roots](/api/agent/connect#certificate-authority-ca-roots) +[acquiring a leaf TLS certificate](/api-docs/agent/connect#service-leaf-certificate) +and [reading CA roots](/api-docs/agent/connect#certificate-authority-ca-roots) both support -[blocking queries](/api/features/blocking). By using blocking +[blocking queries](/api-docs/features/blocking). By using blocking queries, an application can efficiently wait for an updated value. For example, the leaf certificate API will block until the certificate is near expiration or the signing certificates have changed and will issue and return a new @@ -116,7 +116,7 @@ certificate. In some languages, using blocking queries may not be simple. In that case, we still recommend using the blocking query parameters but with a very short `timeout` value set. Doing this is documented with -[blocking queries](/api/features/blocking). The low timeout will +[blocking queries](/api-docs/features/blocking). The low timeout will ensure the API responds quickly. We recommend that applications poll the certificate endpoints frequently, such as multiple times per minute. diff --git a/website/content/docs/connect/proxies/integrate.mdx b/website/content/docs/connect/proxies/integrate.mdx index bdf59a1af..6b1f64612 100644 --- a/website/content/docs/connect/proxies/integrate.mdx +++ b/website/content/docs/connect/proxies/integrate.mdx @@ -57,15 +57,15 @@ transport layer. -> **Note:** Some features, such as (local) rate limiting or max connections, are expected to be proxy-level configurations enforced separately when authorization calls are made. Proxies can enforce the configurations based on information about request rates and other states that should already be available. -The proxy can authorize the connection by either calling the [`/v1/agent/connect/authorize`](/api/agent/connect) API endpoint or by querying the [intention match API](/api/connect/intentions#list-matching-intentions) endpoint. +The proxy can authorize the connection by either calling the [`/v1/agent/connect/authorize`](/api-docs/agent/connect) API endpoint or by querying the [intention match API](/api-docs/connect/intentions#list-matching-intentions) endpoint. -The [`/v1/agent/connect/authorize`](/api/agent/connect) endpoint should be called in the connection path for each received connection. +The [`/v1/agent/connect/authorize`](/api-docs/agent/connect) endpoint should be called in the connection path for each received connection. If the local Consul agent is down or unresponsive, the success rate of new connections will be compromised. The agent uses locally-cached data to authorize the connection and typically responds in microseconds. As a result, the TLS handshake typically spans microseconds. ~> **Note:** This endpoint is only suitable for L4 (e.g., TCP) integration. The endpoint always treats intentions with `Permissions` defined (i.e., L7 criteria) as `deny` intentions during evaluation. -The proxy can query the [intention match API](/api/connect/intentions#list-matching-intentions) endpoint on startup to retrieve a list of intentions that match the proxy destination. The matches should be stored in the native filter configuration of the proxy, such as RBAC for Envoy. +The proxy can query the [intention match API](/api-docs/connect/intentions#list-matching-intentions) endpoint on startup to retrieve a list of intentions that match the proxy destination. The matches should be stored in the native filter configuration of the proxy, such as RBAC for Envoy. For performance and reliability reasons, querying the intention match API endpoint is the recommended method for implementing intention enforcement. The cached intentions should be consulted for each incoming connection (L4) or request (L7) to determine if the connection or request should be accepted or rejected. @@ -90,7 +90,7 @@ background. The leaf, roots, and intentions should be updated in the background by the proxy. The leaf cert, root cert, and intentions endpoints support [blocking -queries](/api/features/blocking), which should be used to get near-immediate +queries](/api-docs/features/blocking), which should be used to get near-immediate updates for root key rotations, new leaf certs before expiry, and intention changes. @@ -111,7 +111,7 @@ endpoint for a service and provide a client certificate from the ## Configuration Discovery -The [`/v1/agent/service/:service_id`](/api/agent/service#get-service-configuration) +The [`/v1/agent/service/:service_id`](/api-docs/agent/service#get-service-configuration) API endpoint enables any proxy to discover proxy configurations registered with a local service. This endpoint supports hash-based blocking, which enables long-polling for changes to the registration/configuration. Any changes to the registration/config will result in the new config being returned immediately. @@ -119,11 +119,11 @@ result in the new config being returned immediately. Refer to the [built-in proxy](/docs/connect/proxies/built-in) for an example implementation. Using the Go SDK, the proxy calls the HTTP "pull" API via the `watch` package: [`consul/connect/proxy/config.go`]. The [discovery chain] for each upstream service should be fetched from the -[`/v1/discovery-chain/:service_id`](/api/discovery-chain#read-compiled-discovery-chain) +[`/v1/discovery-chain/:service_id`](/api-docs/discovery-chain#read-compiled-discovery-chain) API endpoint. This will return a compiled graph of configurations a sidecar needs for a particular upstream service. If you are only implementing L4 support in your proxy, set the -[`OverrideProtocol`](/api/discovery-chain#overrideprotocol) value to `tcp` when +[`OverrideProtocol`](/api-docs/discovery-chain#overrideprotocol) value to `tcp` when fetching the discovery chain so that L7 features, such as HTTP routing rules, are not returned. @@ -140,7 +140,7 @@ documentation for details about supported configuration parameters. ### Service Discovery -Proxies can use Consul's [service discovery API](`/v1/health/connect/:service_id`) to return all available, Connect-capable endpoints for a given service. This endpoint supports a `cached` query parameter, which uses [agent caching](/api/features/caching) to improve +Proxies can use Consul's [service discovery API](`/v1/health/connect/:service_id`) to return all available, Connect-capable endpoints for a given service. This endpoint supports a `cached` query parameter, which uses [agent caching](/api-docs/features/caching) to improve performance. The API package provides a [`UseCache`] query option to leverage caching. In addition to performance improvements, using the cache makes the mesh more resilient to Consul server outages. This is because the mesh "fails static" with the last known set of service instances still used, rather than errors on new connections. @@ -152,7 +152,7 @@ proxies are likely to find it easier to integrate by pulling the set of endpoints and maintaining it in local memory using blocking queries. Upstreams may be defined with the Prepared Query target type. These upstreams -should use Consul's [prepared query](/api/query) API to determine a list of upstream endpoints for the service. Note that the `PreparedQuery` API does not support blocking, so proxies choosing to populate endpoints in memory will need to poll the endpoint at a suitable and, ideally, configurable frequency. +should use Consul's [prepared query](/api-docs/query) API to determine a list of upstream endpoints for the service. Note that the `PreparedQuery` API does not support blocking, so proxies choosing to populate endpoints in memory will need to poll the endpoint at a suitable and, ideally, configurable frequency. -> **Long-term support for [`service-resolver`](/docs/connect/config-entries/service-resolver) configuration entries**. The `service-resolver` configuration will completely replace prepared queries in future versions of Consul. In some instances, however, prepared queries are still used. diff --git a/website/content/docs/connect/proxies/managed-deprecated.mdx b/website/content/docs/connect/proxies/managed-deprecated.mdx index a1d918772..6b97e006d 100644 --- a/website/content/docs/connect/proxies/managed-deprecated.mdx +++ b/website/content/docs/connect/proxies/managed-deprecated.mdx @@ -177,7 +177,7 @@ reference](/docs/connect/configuration). ### Prepared Query Upstreams The upstream destination may also be a -[prepared query](/api/query). +[prepared query](/api-docs/query). This allows complex service discovery behavior such as connecting to the nearest neighbor or filtering by tags. diff --git a/website/content/docs/discovery/checks.mdx b/website/content/docs/discovery/checks.mdx index bd1617795..61fec921a 100644 --- a/website/content/docs/discovery/checks.mdx +++ b/website/content/docs/discovery/checks.mdx @@ -88,9 +88,9 @@ There are several different kinds of checks: dead man's switch, relies on the application to directly report its health. For example, a healthy app can periodically `PUT` a status update to the HTTP endpoint; if the app fails, the TTL will expire and the health check enters a critical state. - The endpoints used to update health information for a given check are: [pass](/api/agent/check#ttl-check-pass), - [warn](/api/agent/check#ttl-check-warn), [fail](/api/agent/check#ttl-check-fail), - and [update](/api/agent/check#ttl-check-update). TTL checks also persist their + The endpoints used to update health information for a given check are: [pass](/api-docs/agent/check#ttl-check-pass), + [warn](/api-docs/agent/check#ttl-check-warn), [fail](/api-docs/agent/check#ttl-check-fail), + and [update](/api-docs/agent/check#ttl-check-update). TTL checks also persist their last known status to disk. This allows the Consul agent to restore the last known status of the check across restarts. Persisted check status is valid through the end of the TTL from the time of the last check. diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx index 47807e62f..5023b7b12 100644 --- a/website/content/docs/discovery/dns.mdx +++ b/website/content/docs/discovery/dns.mdx @@ -335,11 +335,11 @@ The `datacenter` is optional, and if not provided, the datacenter of this Consul agent is assumed. The `query or name` is the ID or given name of an existing -[Prepared Query](/api/query). These behave like standard service +[Prepared Query](/api-docs/query). These behave like standard service queries but provide a much richer set of features, such as filtering by multiple tags and automatically failing over to look for services in remote datacenters if no healthy nodes are available in the local datacenter. Consul 0.6.4 and later also -added support for [prepared query templates](/api/query#prepared-query-templates) +added support for [prepared query templates](/api-docs/query#prepared-query-templates) which can match names using a prefix match, allowing one template to apply to potentially many services. @@ -369,7 +369,7 @@ applications. This endpoint currently only finds services within the same datacenter and doesn't support tags. This DNS interface will be expanded over time. If you need more complex behavior, please use the -[catalog API](/api/catalog). +[catalog API](/api-docs/catalog). ### Service Virtual IP Lookups @@ -400,7 +400,7 @@ endpoints for the given `service`. This endpoint currently only finds services within the same datacenter and doesn't support tags. This DNS interface will be expanded over time. If you need more complex behavior, please use the -[catalog API](/api/catalog). +[catalog API](/api-docs/catalog). ### UDP Based DNS Queries @@ -508,7 +508,7 @@ DNS lookups and required policies when ACLs are enabled: | ------------------------------------------------------------------------------ | -------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `*.node.consul` | [Node](#node-lookups) | Allow resolving DNS requests for the target node (i.e., `.node.consul`) | [`node:read`](/docs/security/acl/acl-rules#node-rules) | | `*.service.consul`, `*.connect.consul`, `*.ingress.consul`, `*.virtual.consul` | [Service: standard](#service-lookups) | Allow resolving DNS requests for target service (e.g., `.service.consul`) instances running on ACL-authorized nodes | [`service:read`](/docs/security/acl/acl-rules#service-rules), [`node:read`](/docs/security/acl/acl-rules#node-rules) | -| `*.query.consul` | [Service: prepared query](#prepared-query-lookups) | Allow resolving DNS requests for [service instances specified](/api/query#service-1) by the target prepared query (i.e., `.query.consul`) running on ACL-authorized nodes | [`query:read`](/docs/security/acl/acl-rules#prepared-query-rules), [`service:read`](/docs/security/acl/acl-rules#service-rules), [`node:read`](/docs/security/acl/acl-rules#node-rules) | +| `*.query.consul` | [Service: prepared query](#prepared-query-lookups) | Allow resolving DNS requests for [service instances specified](/api-docs/query#service-1) by the target prepared query (i.e., `.query.consul`) running on ACL-authorized nodes | [`query:read`](/docs/security/acl/acl-rules#prepared-query-rules), [`service:read`](/docs/security/acl/acl-rules#service-rules), [`node:read`](/docs/security/acl/acl-rules#node-rules) | For guidance on how to configure an appropriate token for DNS, refer to the securing Consul with ACLs guides for: diff --git a/website/content/docs/dynamic-app-config/kv.mdx b/website/content/docs/dynamic-app-config/kv.mdx index 2e9a7b94c..501abf027 100644 --- a/website/content/docs/dynamic-app-config/kv.mdx +++ b/website/content/docs/dynamic-app-config/kv.mdx @@ -28,7 +28,7 @@ Learn. ## Accessing the KV store The KV store can be accessed by the [consul kv CLI -subcommands](/commands/kv), [HTTP API](/api/kv), and Consul UI. +subcommands](/commands/kv), [HTTP API](/api-docs/kv), and Consul UI. To restrict access, enable and configure [ACLs](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production). Once the ACL system has been bootstrapped, users and services, will need a diff --git a/website/content/docs/enterprise/namespaces.mdx b/website/content/docs/enterprise/namespaces.mdx index ed90fd303..34bca5862 100644 --- a/website/content/docs/enterprise/namespaces.mdx +++ b/website/content/docs/enterprise/namespaces.mdx @@ -24,7 +24,7 @@ For more information on how to use namespaces with Consul Enterprise please revi ## Namespace Definition -Namespaces are managed exclusively through the [HTTP API](/api/namespaces) and the [Consul CLI](/commands/namespace). +Namespaces are managed exclusively through the [HTTP API](/api-docs/namespaces) and the [Consul CLI](/commands/namespace). The HTTP API accepts only JSON formatted definitions while the CLI will parse either JSON or HCL. An example namespace definition looks like the following: diff --git a/website/content/docs/install/performance.mdx b/website/content/docs/install/performance.mdx index a2d30e369..ca9c0e538 100644 --- a/website/content/docs/install/performance.mdx +++ b/website/content/docs/install/performance.mdx @@ -118,7 +118,7 @@ Here are some general recommendations: respect them. - In other applications that perform high volumes of reads against Consul, consider using the - [stale consistency mode](/api/features/consistency#stale) available to allow reads to scale + [stale consistency mode](/api-docs/features/consistency#stale) available to allow reads to scale across all the servers and not just be forwarded to the leader. - In Consul 0.9.3 and later, a new [`limits`](/docs/agent/options#limits) configuration is @@ -158,7 +158,7 @@ RAM NEEDED = number of keys * average key size * 2-3x Since writes must be synced to disk (persistent storage) on a quorum of servers before they are committed, deploying a disk with high write throughput (or an SSD) will enhance performance on the write side. ([Documentation](/docs/agent/options#_data_dir)) -For a **read-heavy** workload, configure all Consul server agents with the `allow_stale` DNS option, or query the API with the `stale` [consistency mode](/api/features/consistency). By default, all queries made to the server are RPC forwarded to and serviced by the leader. By enabling stale reads, any server will respond to any query, thereby reducing overhead on the leader. Typically, the stale response is `100ms` or less from consistent mode but it drastically improves performance and reduces latency under high load. +For a **read-heavy** workload, configure all Consul server agents with the `allow_stale` DNS option, or query the API with the `stale` [consistency mode](/api-docs/features/consistency). By default, all queries made to the server are RPC forwarded to and serviced by the leader. By enabling stale reads, any server will respond to any query, thereby reducing overhead on the leader. Typically, the stale response is `100ms` or less from consistent mode but it drastically improves performance and reduces latency under high load. If the leader server is out of memory or the disk is full, the server eventually stops responding, loses its election and cannot move past its last commit time. However, by configuring `max_stale` and setting it to a large value, Consul will continue to respond to queries during such outage scenarios. ([max_stale documentation](/docs/agent/options#max_stale)). diff --git a/website/content/docs/k8s/connect/connect-ca-provider.mdx b/website/content/docs/k8s/connect/connect-ca-provider.mdx index d5a824270..4fb45c82c 100644 --- a/website/content/docs/k8s/connect/connect-ca-provider.mdx +++ b/website/content/docs/k8s/connect/connect-ca-provider.mdx @@ -8,7 +8,7 @@ description: Configuring a Connect CA Provider ~> **NOTE:** The instructions below should only be used for initially bootstrapping a cluster with **Consul K8s 0.38.0+.** To update the Connect CA provider on an existing cluster or to update any properties, such as tokens, of the CA provider, -please use the [Update CA Configuration Endpoint](/api/connect/ca#update-ca-configuration). +please use the [Update CA Configuration Endpoint](/api-docs/connect/ca#update-ca-configuration). Consul has support for different certificate authority (CA) providers to be used with the Consul Service Mesh. Please see [Connect Certificate Management](/docs/connect/ca) for the information on the providers @@ -193,7 +193,7 @@ The [`ca_config`] and [`ca_provider`] options defined in the Consul agent configuration are only used when initially bootstrapping the cluster. Once the cluster is running, subsequent changes to the [`ca_provider`] config are **ignored**–even if `consul reload` is run or the servers are restarted. -To update any settings under these keys, you must use Consul's [Update CA Configuration](/api/connect/ca#update-ca-configuration) API or the [`consul connect ca set-config`](/commands/connect/ca#set-config) command. +To update any settings under these keys, you must use Consul's [Update CA Configuration](/api-docs/connect/ca#update-ca-configuration) API or the [`consul connect ca set-config`](/commands/connect/ca#set-config) command. #### Renewing Vault Token diff --git a/website/content/docs/k8s/installation/install.mdx b/website/content/docs/k8s/installation/install.mdx index e128ccef0..f437467cf 100644 --- a/website/content/docs/k8s/installation/install.mdx +++ b/website/content/docs/k8s/installation/install.mdx @@ -303,7 +303,7 @@ The Consul HTTP API should be accessed by communicating to the local agent running on the same node. While technically any listening agent (client or server) can respond to the HTTP API, communicating with the local agent has important caching behavior, and allows you to use the simpler -[`/agent` endpoints for services and checks](/api/agent). +[`/agent` endpoints for services and checks](/api-docs/agent). For Consul installed via the Helm chart, a client agent is installed on each Kubernetes node. This is explained in the [architecture](/docs/k8s/installation/install#client-agents) diff --git a/website/content/docs/nia/installation/requirements.mdx b/website/content/docs/nia/installation/requirements.mdx index f8ae5831e..ee30a49f4 100644 --- a/website/content/docs/nia/installation/requirements.mdx +++ b/website/content/docs/nia/installation/requirements.mdx @@ -33,7 +33,7 @@ For information on compatible Consul versions, refer to the [Consul compatibilit The Consul agent must be running in order to dynamically update network devices. To run the local Consul agent, you can run Consul in development mode which can be started with `consul agent -dev` for simplicity. For more details on running Consul agent, refer to the [Getting Started: Run the Consul Agent Tutorial](https://learn.hashicorp.com/tutorials/consul/get-started-agent?in=consul/getting-started). -When running a Consul agent with CTS in production, we suggest to keep a few considerations in mind. CTS uses [blocking queries](/api/features/blocking) to monitor task dependencies, like changes to registered services. This results in multiple long running TCP connections between CTS and the agent to poll changes for each dependency. Monitoring a high number of services may quickly hit the default Consul agent connection limits. +When running a Consul agent with CTS in production, we suggest to keep a few considerations in mind. CTS uses [blocking queries](/api-docs/features/blocking) to monitor task dependencies, like changes to registered services. This results in multiple long running TCP connections between CTS and the agent to poll changes for each dependency. Monitoring a high number of services may quickly hit the default Consul agent connection limits. There are 2 ways to fix this issue. The first and recommended fix is to use HTTP/2 (requires HTTPS) to communicate between CTS and the Consul agent. When using HTTP/2 only a single connection is made and reused for all communications. See the [Consul Configuration section](/docs/nia/configuration#consul) for more. The other option is to configure [`limits.http_max_conns_per_client`](/docs/agent/options#http_max_conns_per_client) for the agent to a reasonable value proportional to the number of services monitored by CTS. diff --git a/website/content/docs/security/acl/acl-federated-datacenters.mdx b/website/content/docs/security/acl/acl-federated-datacenters.mdx index e13627d17..045680ec2 100644 --- a/website/content/docs/security/acl/acl-federated-datacenters.mdx +++ b/website/content/docs/security/acl/acl-federated-datacenters.mdx @@ -67,7 +67,7 @@ acl = { ~> **Warning:** Note that most enterprise deployments have security requirements that prevent specifying tokens in configuration files. The `enable_token_persistence` flag is also set in the configuration example so that the token is stored to disk in the agent's -[data directory](/docs/agent/options#_data_dir). Any future changes to the token that are made through the [API](/api/agent#update-acl-tokens) will +[data directory](/docs/agent/options#_data_dir). Any future changes to the token that are made through the [API](/api-docs/agent#update-acl-tokens) will be persisted to the same location, and the value in the config file will be ignored. The ACL agent token can also be set using the [`consul acl set-agent-token`](/commands/acl/set-agent-token) CLI as shown below. diff --git a/website/content/docs/security/acl/acl-legacy.mdx b/website/content/docs/security/acl/acl-legacy.mdx index 629fa0b1e..ea58bef0d 100644 --- a/website/content/docs/security/acl/acl-legacy.mdx +++ b/website/content/docs/security/acl/acl-legacy.mdx @@ -72,18 +72,18 @@ key_prefix "foo" { policy = "write" } The "old" API endpoints below continue to work for backwards compatibility but will continue to create or show only "legacy" tokens that can't take full advantage of the new ACL system improvements. They are documented fully under -[Legacy Tokens](/api/acl/legacy). +[Legacy Tokens](/api-docs/acl/legacy). -- [`PUT /acl/create` - Create Legacy Token](/api/acl/legacy#create-acl-token) -- [`PUT /acl/update` - Update Legacy Token](/api/acl/legacy#update-acl-token) -- [`PUT /acl/destroy/:uuid` - Delete Legacy Token](/api/acl/legacy#delete-acl-token) -- [`GET /acl/info/:uuid` - Read Legacy Token](/api/acl/legacy#read-acl-token) -- [`PUT /acl/clone/:uuid` - Clone Legacy Token](/api/acl/legacy#clone-acl-token) -- [`GET /acl/list` - List Legacy Tokens](/api/acl/legacy#list-acls) +- [`PUT /acl/create` - Create Legacy Token](/api-docs/acl/legacy#create-acl-token) +- [`PUT /acl/update` - Update Legacy Token](/api-docs/acl/legacy#update-acl-token) +- [`PUT /acl/destroy/:uuid` - Delete Legacy Token](/api-docs/acl/legacy#delete-acl-token) +- [`GET /acl/info/:uuid` - Read Legacy Token](/api-docs/acl/legacy#read-acl-token) +- [`PUT /acl/clone/:uuid` - Clone Legacy Token](/api-docs/acl/legacy#clone-acl-token) +- [`GET /acl/list` - List Legacy Tokens](/api-docs/acl/legacy#list-acls) The new ACL system includes new API endpoints to manage -the [ACL System](/api-docs/acl), [Tokens](/api/acl/tokens) -and [Policies](/api/acl/policies). +the [ACL System](/api-docs/acl), [Tokens](/api-docs/acl/tokens) +and [Policies](/api-docs/acl/policies). # Legacy ACL System @@ -139,28 +139,28 @@ rules: | Policy | Scope | | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [`agent`](#agent-rules) | Utility operations in the [Agent API](/api/agent), other than service and check registration | -| [`event`](#event-rules) | Listing and firing events in the [Event API](/api/event) | -| [`key`](#key-value-rules) | Key/value store operations in the [KV Store API](/api/kv) | -| [`keyring`](#keyring-rules) | Keyring operations in the [Keyring API](/api/operator/keyring) | -| [`node`](#node-rules) | Node-level catalog operations in the [Catalog API](/api/catalog), [Health API](/api/health), [Prepared Query API](/api/query), [Network Coordinate API](/api/coordinate), and [Agent API](/api/agent) | -| [`operator`](#operator-rules) | Cluster-level operations in the [Operator API](/api/operator), other than the [Keyring API](/api/operator/keyring) | -| [`query`](#prepared-query-rules) | Prepared query operations in the [Prepared Query API](/api/query) | -| [`service`](#service-rules) | Service-level catalog operations in the [Catalog API](/api/catalog), [Health API](/api/health), [Prepared Query API](/api/query), and [Agent API](/api/agent) | -| [`session`](#session-rules) | Session operations in the [Session API](/api/session) | +| [`agent`](#agent-rules) | Utility operations in the [Agent API](/api-docs/agent), other than service and check registration | +| [`event`](#event-rules) | Listing and firing events in the [Event API](/api-docs/event) | +| [`key`](#key-value-rules) | Key/value store operations in the [KV Store API](/api-docs/kv) | +| [`keyring`](#keyring-rules) | Keyring operations in the [Keyring API](/api-docs/operator/keyring) | +| [`node`](#node-rules) | Node-level catalog operations in the [Catalog API](/api-docs/catalog), [Health API](/api-docs/health), [Prepared Query API](/api-docs/query), [Network Coordinate API](/api-docs/coordinate), and [Agent API](/api-docs/agent) | +| [`operator`](#operator-rules) | Cluster-level operations in the [Operator API](/api-docs/operator), other than the [Keyring API](/api-docs/operator/keyring) | +| [`query`](#prepared-query-rules) | Prepared query operations in the [Prepared Query API](/api-docs/query) | +| [`service`](#service-rules) | Service-level catalog operations in the [Catalog API](/api-docs/catalog), [Health API](/api-docs/health), [Prepared Query API](/api-docs/query), and [Agent API](/api-docs/agent) | +| [`session`](#session-rules) | Session operations in the [Session API](/api-docs/session) | Since Consul snapshots actually contain ACL tokens, the -[Snapshot API](/api/snapshot) requires a management token for snapshot operations +[Snapshot API](/api-docs/snapshot) requires a management token for snapshot operations and does not use a special policy. The following resources are not covered by ACL policies: -1. The [Status API](/api/status) is used by servers when bootstrapping and exposes +1. The [Status API](/api-docs/status) is used by servers when bootstrapping and exposes basic IP and port information about the servers, and does not allow modification of any state. 2. The datacenter listing operation of the - [Catalog API](/api/catalog#list-datacenters) similarly exposes the names of known + [Catalog API](/api-docs/catalog#list-datacenters) similarly exposes the names of known Consul datacenters, and does not allow modification of any state. Constructing rules from these policies is covered in detail in the @@ -212,13 +212,13 @@ system, or accessing Consul in special situations: | Special Token | Servers | Clients | Purpose | | ----------------------------------------------------------------------------- | ---------- | ---------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [`acl_agent_master_token`](/docs/agent/options#acl_agent_master_token_legacy) | `OPTIONAL` | `OPTIONAL` | Special token that can be used to access [Agent API](/api/agent) when the ACL datacenter isn't available, or servers are offline (for clients); used for setting up the cluster such as doing initial join operations, see the [ACL Agent Master Token](#acl-agent-master-token) section for more details | +| [`acl_agent_master_token`](/docs/agent/options#acl_agent_master_token_legacy) | `OPTIONAL` | `OPTIONAL` | Special token that can be used to access [Agent API](/api-docs/agent) when the ACL datacenter isn't available, or servers are offline (for clients); used for setting up the cluster such as doing initial join operations, see the [ACL Agent Master Token](#acl-agent-master-token) section for more details | | [`acl_agent_token`](/docs/agent/options#acl_agent_token_legacy) | `OPTIONAL` | `OPTIONAL` | Special token that is used for an agent's internal operations, see the [ACL Agent Token](#acl-agent-token) section for more details | | [`acl_master_token`](/docs/agent/options#acl_master_token_legacy) | `REQUIRED` | `N/A` | Special token used to bootstrap the ACL system, see the [Bootstrapping ACLs](#bootstrapping-acls) section for more details | | [`acl_token`](/docs/agent/options#acl_token_legacy) | `OPTIONAL` | `OPTIONAL` | Default token to use for client requests where no token is supplied; this is often configured with read-only access to services to enable DNS service discovery on agents | In Consul 0.9.1 and later, the agent ACL tokens can be introduced or updated via the -[/v1/agent/token API](/api/agent#update-acl-tokens). +[/v1/agent/token API](/api-docs/agent#update-acl-tokens). #### ACL Agent Master Token @@ -234,13 +234,13 @@ node "" { ``` In Consul 0.9.1 and later, the agent ACL tokens can be introduced or updated via the -[/v1/agent/token API](/api/agent#update-acl-tokens). +[/v1/agent/token API](/api-docs/agent#update-acl-tokens). #### ACL Agent Token The [`acl_agent_token`](/docs/agent/options#acl_agent_token) is a special token that is used for an agent's internal operations. It isn't used directly for any user-initiated operations like the [`acl_token`](/docs/agent/options#acl_token), though if the `acl_agent_token` isn't configured the `acl_token` will be used. The ACL agent token is used for the following operations by the agent: -1. Updating the agent's node entry using the [Catalog API](/api/catalog), including updating its node metadata, tagged addresses, and network coordinates +1. Updating the agent's node entry using the [Catalog API](/api-docs/catalog), including updating its node metadata, tagged addresses, and network coordinates 2. Performing [anti-entropy](/docs/architecture/anti-entropy) syncing, in particular reading the node metadata and services registered with the catalog 3. Reading and writing the special `_rexec` section of the KV store when executing [`consul exec`](/commands/exec) commands @@ -261,7 +261,7 @@ key "_rexec" { The `service` policy needs `read` access for any services that can be registered on the agent. If [remote exec is disabled](/docs/agent/options#disable_remote_exec), the default, then the `key` policy can be omitted. In Consul 0.9.1 and later, the agent ACL tokens can be introduced or updated via the -[/v1/agent/token API](/api/agent#update-acl-tokens). +[/v1/agent/token API](/api-docs/agent#update-acl-tokens). ## Bootstrapping ACLs @@ -556,7 +556,7 @@ supplied, the [`acl_token`](/docs/agent/options#acl_token) will be used for the instead of being left empty which would normally invoke the anonymous token. In Consul 0.9.1 and later, the agent ACL tokens can be introduced or updated via the -[/v1/agent/token API](/api/agent#update-acl-tokens). +[/v1/agent/token API](/api-docs/agent#update-acl-tokens). This behaves very similarly to the anonymous token, but can be configured differently on each agent, if desired. For example, this allows more fine grained control of what DNS requests a @@ -702,7 +702,7 @@ or the `CONSUL_HTTP_TOKEN` environment variable. #### Agent Rules -The `agent` policy controls access to the utility operations in the [Agent API](/api/agent), +The `agent` policy controls access to the utility operations in the [Agent API](/api-docs/agent), such as join and leave. All of the catalog-related operations are covered by the [`node`](#node-rules) and [`service`](#service-rules) policies instead. @@ -725,14 +725,14 @@ the example above, the rules allow read-only access to any node name with the em read-write access to any node name that starts with "foo", and deny all access to any node name that starts with "bar". -Since [Agent API](/api/agent) utility operations may be required before an agent is joined to +Since [Agent API](/api-docs/agent) utility operations may be required before an agent is joined to a cluster, or during an outage of the Consul servers or ACL datacenter, a special token may be configured with [`acl_agent_master_token`](/docs/agent/options#acl_agent_master_token) to allow write access to these operations even if no ACL resolution capability is available. #### Event Rules -The `event` policy controls access to event operations in the [Event API](/api/event), such as +The `event` policy controls access to event operations in the [Event API](/api-docs/event), such as firing events and listing events. Event rules look like this: @@ -757,7 +757,7 @@ give agents a token with access to this event prefix, in addition to configuring #### Key/Value Rules -The `key` policy controls access to key/value store operations in the [KV API](/api/kv). Key +The `key` policy controls access to key/value store operations in the [KV API](/api-docs/kv). Key rules look like this: ```hcl @@ -781,7 +781,7 @@ starts with "bar". Consul 1.0 introduces a new `list` policy for keys that is only enforced when opted in via the boolean config param "acl_enable_key_list_policy". `list` controls access to recursively list entries and keys, and enables more fine grained policies. With "acl_enable_key_list_policy", -recursive reads via [the KV API](/api/kv#recurse) with an invalid token result in a 403. Example: +recursive reads via [the KV API](/api-docs/kv#recurse) with an invalid token result in a 403. Example: ```hcl key "" { @@ -825,7 +825,7 @@ For more detailed information, see the [Consul Sentinel documentation](/docs/age #### Keyring Rules The `keyring` policy controls access to keyring operations in the -[Keyring API](/api/operator/keyring). +[Keyring API](/api-docs/operator/keyring). Keyring rules look like this: @@ -838,8 +838,8 @@ dispositions. In the example above, the keyring may be read and updated. #### Node Rules -The `node` policy controls node-level registration and read access to the [Catalog API](/api/catalog), -service discovery with the [Health API](/api/health), and filters results in [Agent API](/api/agent) +The `node` policy controls node-level registration and read access to the [Catalog API](/api-docs/catalog), +service discovery with the [Health API](/api-docs/health), and filters results in [Agent API](/api-docs/agent) operations like fetching the list of cluster members. Node rules look like this: @@ -874,7 +874,7 @@ When reading from the catalog or retrieving information from the health endpoint used to filter the results of the query. This allows for configurations where a token has access to a given service name, but only on an allowed subset of node names. -Node rules come into play when using the [Agent API](/api/agent) to register node-level +Node rules come into play when using the [Agent API](/api-docs/agent) to register node-level checks. The agent will check tokens locally as a check is registered, and Consul also performs periodic [anti-entropy](/docs/architecture/anti-entropy) syncs, which may require an ACL token to complete. To accommodate this, Consul provides two methods of configuring ACL tokens @@ -897,7 +897,7 @@ script checks. #### Operator Rules The `operator` policy controls access to cluster-level operations in the -[Operator API](/api/operator), other than the [Keyring API](/api/operator/keyring). +[Operator API](/api-docs/operator), other than the [Keyring API](/api-docs/operator/keyring). Operator rules look like this: @@ -912,7 +912,7 @@ diagnostic purposes but not make any changes. #### Prepared Query Rules The `query` policy controls access to create, update, and delete prepared queries in the -[Prepared Query API](/api/query). Executing queries is subject to `node` and `service` +[Prepared Query API](/api-docs/query). Executing queries is subject to `node` and `service` policies, as will be explained below. Query rules look like this: @@ -955,7 +955,7 @@ here, with examples: that is used and known by many clients to provide geo-failover behavior for a database. -- [Template queries](/api/query#prepared-query-templates) +- [Template queries](/api-docs/query#prepared-query-templates) queries work like static queries with a `Name` defined, except that a catch-all template with an empty `Name` requires an ACL token that can write to any query prefix. @@ -1002,8 +1002,8 @@ These differences are outlined in the table below: #### Service Rules -The `service` policy controls service-level registration and read access to the [Catalog API](/api/catalog) -and service discovery with the [Health API](/api/health). +The `service` policy controls service-level registration and read access to the [Catalog API](/api-docs/catalog) +and service discovery with the [Health API](/api-docs/health). Service rules look like this: @@ -1031,7 +1031,7 @@ given service, then the DNS interface will return no records when queried for it When reading from the catalog or retrieving information from the health endpoints, service rules are used to filter the results of the query. -Service rules come into play when using the [Agent API](/api/agent) to register services or +Service rules come into play when using the [Agent API](/api-docs/agent) to register services or checks. The agent will check tokens locally as a service or check is registered, and Consul also performs periodic [anti-entropy](/docs/architecture/anti-entropy) syncs, which may require an ACL token to complete. To accommodate this, Consul provides two methods of configuring ACL tokens @@ -1058,7 +1058,7 @@ set to `true` in order to enable script checks. #### Session Rules -The `session` policy controls access to [Session API](/api/session) operations. +The `session` policy controls access to [Session API](/api-docs/session) operations. Session rules look like this: @@ -1099,7 +1099,7 @@ configuration on the servers in the non-authoritative datacenters. In Consul 0.9.1 and later you can enable ACL replication using [`enable_acl_replication`](/docs/agent/options#enable_acl_replication) and then set the token later using the -[agent token API](/api/agent#update-acl-tokens) on each server. This can +[agent token API](/api-docs/agent#update-acl-tokens) on each server. This can also be used to rotate the token without restarting the Consul servers. With replication enabled, the servers will maintain a replica of the authoritative diff --git a/website/content/docs/security/acl/acl-migrate-tokens.mdx b/website/content/docs/security/acl/acl-migrate-tokens.mdx index fc1a8e522..36387783c 100644 --- a/website/content/docs/security/acl/acl-migrate-tokens.mdx +++ b/website/content/docs/security/acl/acl-migrate-tokens.mdx @@ -59,7 +59,7 @@ blank `AccessorID`. In addition, it is assumed that all clients that might _create_ ACL tokens (e.g. Vault's Consul secrets engine) have been updated to use the [new ACL -APIs](/api/acl/tokens). +APIs](/api-docs/acl/tokens). Specifically if you are using Vault's Consul secrets engine you need to be running Vault 1.0.0 or higher, _and_ you must update all roles defined in Vault @@ -135,7 +135,7 @@ necessary access for existing clients; this is up to the operator to ensure. #### Update via API -Use the [`PUT /v1/acl/token/:AccessorID`](/api/acl/tokens#update-a-token) +Use the [`PUT /v1/acl/token/:AccessorID`](/api-docs/acl/tokens#update-a-token) endpoint. Specifically, ensure that the `Rules` field is omitted or empty. Empty `Rules` indicates that this is now treated as a new token. diff --git a/website/content/docs/security/acl/acl-policies.mdx b/website/content/docs/security/acl/acl-policies.mdx index 485b1a8f9..1a72774cf 100644 --- a/website/content/docs/security/acl/acl-policies.mdx +++ b/website/content/docs/security/acl/acl-policies.mdx @@ -318,7 +318,7 @@ You can can define several attributes that attach additional metadata and specif ### HTTP API Endpoint -The endpoint takes data formatted in HCL or JSON. Refer to the [ACL HTTP API endpoint documentation](/api/acl/acl) for details about the API. +The endpoint takes data formatted in HCL or JSON. Refer to the [ACL HTTP API endpoint documentation](/api-docs/acl/acl) for details about the API. The following example adds a set of rules to a policy called `my-app-policy`. The policy defines access to the `key` resource (Consul K/V). The rules are formatted in HCL, but they are wrapped in JSON so that the data can be sent using cURL: @@ -540,4 +540,4 @@ session_prefix "" { } ``` - \ No newline at end of file + diff --git a/website/content/docs/security/acl/acl-roles.mdx b/website/content/docs/security/acl/acl-roles.mdx index c5bd0661b..1b16e37e2 100644 --- a/website/content/docs/security/acl/acl-roles.mdx +++ b/website/content/docs/security/acl/acl-roles.mdx @@ -106,7 +106,7 @@ Use the following syntax to define a service identity: - `ServiceIdentities.ServiceName`: String value that specifies the name of the service you want to associate with the policy. - `ServiceIdentitites.Datacenters`: Array that specifies the names of datacenters in which the service identity applies. This field is optional. -Refer to the the [API documentation for roles](/api/acl/roles#sample-payload) for additional information and examples. +Refer to the the [API documentation for roles](/api-docs/acl/roles#sample-payload) for additional information and examples. -> **Scope for Namespace and Admin Partition** - In Consul Enterprise, service identities inherit the namespace or admin partition scope of the corresponding ACL token or role. @@ -280,7 +280,7 @@ NodeIdentities = { - `NodeIdentities.NodeName`: String value that specifies the name of the node you want to associate with the policy. - `NodeIdentitites.Datacenters`: Array that specifies the names of datacenters in which the node identity applies. This field is optional. -Refer to the the [API documentation for roles](/api/acl/roles#sample-payload) for additional information and examples. +Refer to the the [API documentation for roles](/api-docs/acl/roles#sample-payload) for additional information and examples. -> **Consul Enterprise Namespacing** - Node Identities can only be applied to tokens and roles in the `default` namespace. The generated policy rules allow for `service:read` permissions on all services in all namespaces. diff --git a/website/content/docs/security/acl/acl-rules.mdx b/website/content/docs/security/acl/acl-rules.mdx index ddce746cc..28fe09a70 100644 --- a/website/content/docs/security/acl/acl-rules.mdx +++ b/website/content/docs/security/acl/acl-rules.mdx @@ -15,25 +15,25 @@ The following table provides an overview of the resources you can use to create | Resource | Description | Labels | | ---------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------ | -| `acl` | Controls access to ACL operations in the [ACL API](/api/acl/acl).
See [ACL Resource Rules](#acl-resource-rules) for details. | No | +| `acl` | Controls access to ACL operations in the [ACL API](/api-docs/acl/acl).
See [ACL Resource Rules](#acl-resource-rules) for details. | No | | `partition`
`partition_prefix` | Controls access to one or more admin partitions.
See [Admin Partition Rules](#admin-partition-rules) for details. | Yes | -| `agent`
`agent_prefix` | Controls access to the utility operations in the [Agent API](/api/agent), such as `join` and `leave`.
See [Agent Rules](#agent-rules) for details. | Yes | -| `event`
`event_prefix` | Controls access to event operations in the [Event API](/api/event), such as firing and listing events.
See [Event Rules](#event-rules) for details. | Yes | -| `key`
`key_prefix`   | Controls access to key/value store operations in the [KV API](/api/kv).
Can also use the `list` access level when setting the policy disposition.
Has additional value options in Consul Enterprise for integrating with [Sentinel](https://docs.hashicorp.com/sentinel/consul).
See [Key/Value Rules](#key-value-rules) for details. | Yes | -| `keyring`       | Controls access to keyring operations in the [Keyring API](/api/keyring).
See [Keyring Rules](#keyring-rules) for details. | No | +| `agent`
`agent_prefix` | Controls access to the utility operations in the [Agent API](/api-docs/agent), such as `join` and `leave`.
See [Agent Rules](#agent-rules) for details. | Yes | +| `event`
`event_prefix` | Controls access to event operations in the [Event API](/api-docs/event), such as firing and listing events.
See [Event Rules](#event-rules) for details. | Yes | +| `key`
`key_prefix`   | Controls access to key/value store operations in the [KV API](/api-docs/kv).
Can also use the `list` access level when setting the policy disposition.
Has additional value options in Consul Enterprise for integrating with [Sentinel](https://docs.hashicorp.com/sentinel/consul).
See [Key/Value Rules](#key-value-rules) for details. | Yes | +| `keyring`       | Controls access to keyring operations in the [Keyring API](/api-docs/keyring).
See [Keyring Rules](#keyring-rules) for details. | No | | `mesh`       | Provides operator-level permissions for resources in the admin partition, such as ingress gateways or mesh proxy defaults. See [Mesh Rules](#mesh-rules) for details. | No | | `namespace`
`namespace_prefix` | Controls access to one or more namespaces.
See [Namespace Rules](#namespace-rules) for details. | Yes | -| `node`
`node_prefix`   | Controls access to node-level operations in the [Catalog API](/api/catalog), [Health API](/api/health), [Prepared Query API](/api/query), [Network Coordinate API](/api/coordinate), and [Agent API](/api/agent)
See [Node Rules](#node-rules) for details. | Yes | -| `operator`       | Controls access to cluster-level operations available in the [Operator API](/api/operator) excluding keyring API endpoints.
See [Operator Rules](#operator-rules) for details. | No | -| `query`
`query_prefix` | Controls access to create, update, and delete prepared queries in the [Prepared Query API](/api/query). Access to the [node](#node-rules) and [service](#service-rules) must also be granted.
See [Prepared Query Rules](#prepared-query-rules) for details. | Yes | -| `service`
`service_prefix` | Controls service-level operations in the [Catalog API](/api/catalog), [Health API](/api/health), [Intentions API](/api/connect/intentions), [Prepared Query API](/api/query), and [Agent API](/api/agent).
See [Service Rules](#node-rules) for details. | Yes | -| `session`
`session_prefix` | Controls access to operations in the [Session API](/api/session).
See [Session Rules](#session-rules) for details. | Yes | +| `node`
`node_prefix`   | Controls access to node-level operations in the [Catalog API](/api-docs/catalog), [Health API](/api-docs/health), [Prepared Query API](/api-docs/query), [Network Coordinate API](/api-docs/coordinate), and [Agent API](/api-docs/agent)
See [Node Rules](#node-rules) for details. | Yes | +| `operator`       | Controls access to cluster-level operations available in the [Operator API](/api-docs/operator) excluding keyring API endpoints.
See [Operator Rules](#operator-rules) for details. | No | +| `query`
`query_prefix` | Controls access to create, update, and delete prepared queries in the [Prepared Query API](/api-docs/query). Access to the [node](#node-rules) and [service](#service-rules) must also be granted.
See [Prepared Query Rules](#prepared-query-rules) for details. | Yes | +| `service`
`service_prefix` | Controls service-level operations in the [Catalog API](/api-docs/catalog), [Health API](/api-docs/health), [Intentions API](/api-docs/connect/intentions), [Prepared Query API](/api-docs/query), and [Agent API](/api-docs/agent).
See [Service Rules](#node-rules) for details. | Yes | +| `session`
`session_prefix` | Controls access to operations in the [Session API](/api-docs/session).
See [Session Rules](#session-rules) for details. | Yes | The following resources are not covered by ACL policies: -- The [Status API](/api/status) is used by servers when bootstrapping and exposes basic IP and port information about the servers, and does not allow modification of any state. -- The datacenter listing operation of the [Catalog API](/api/catalog#list-datacenters) similarly exposes the names of known Consul datacenters, and does not allow modification of any state. -- The [connect CA roots endpoint](/api/connect/ca#list-ca-root-certificates) exposes just the public TLS certificate which other systems can use to verify the TLS connection with Consul. +- The [Status API](/api-docs/status) is used by servers when bootstrapping and exposes basic IP and port information about the servers, and does not allow modification of any state. +- The datacenter listing operation of the [Catalog API](/api-docs/catalog#list-datacenters) similarly exposes the names of known Consul datacenters, and does not allow modification of any state. +- The [connect CA roots endpoint](/api-docs/connect/ca#list-ca-root-certificates) exposes just the public TLS certificate which other systems can use to verify the TLS connection with Consul. -> **Consul Enterprise Namespace** - In addition to directly-linked policies, roles, and service identities, Consul Enterprise enables ACL policies and roles to be defined in the [Namespaces definition](/docs/enterprise/namespaces#namespace-definition) (Consul Enterprise 1.7.0+). @@ -179,7 +179,7 @@ partition_prefix "ex-" { ## Agent Rules -The `agent` and `agent_prefix` resources control access to the utility operations in the [Agent API](/api/agent), +The `agent` and `agent_prefix` resources control access to the utility operations in the [Agent API](/api-docs/agent), such as join and leave. All of the catalog-related operations are covered by the [`node` or `node_prefix`](#node-rules) and [`service` or `service_prefix`](#service-rules) policies instead. @@ -225,14 +225,14 @@ allow read-only access to any node name by using the empty prefix, read-write ac the node with the _exact_ name `foo`, and denies all access to any node name that starts with `bar`. -Since [Agent API](/api/agent) utility operations may be required before an agent is joined to +Since [Agent API](/api-docs/agent) utility operations may be required before an agent is joined to a cluster, or during an outage of the Consul servers or ACL datacenter, a special token may be configured with [`acl.tokens.agent_recovery`](/docs/agent/options#acl_tokens_agent_recovery) to allow write access to these operations even if no ACL resolution capability is available. ## Event Rules -The `event` and `event_prefix` resources control access to event operations in the [Event API](/api/event), such as +The `event` and `event_prefix` resources control access to event operations in the [Event API](/api-docs/event), such as firing events and listing events. @@ -276,7 +276,7 @@ give agents a token with access to this event prefix, in addition to configuring ## Key/Value Rules -The `key` and `key_prefix` resources control access to key/value store operations in the [KV API](/api/kv). +The `key` and `key_prefix` resources control access to key/value store operations in the [KV API](/api-docs/kv). @@ -320,7 +320,7 @@ to any key name with the empty prefix rule, allow read-write access to the "foo" ### List Policy for Keys -Enable the `list` policy disposition (Consul 1.0+) by setting the `acl.enable_key_list_policy` parameter to `true`. The disposition provides recursive access to `key` entries. Refer to the [KV API](/api/kv#recurse) documentation for additional information. In the following example, `key` resources that start with `bar` are listed. +Enable the `list` policy disposition (Consul 1.0+) by setting the `acl.enable_key_list_policy` parameter to `true`. The disposition provides recursive access to `key` entries. Refer to the [KV API](/api-docs/kv#recurse) documentation for additional information. In the following example, `key` resources that start with `bar` are listed. @@ -385,7 +385,7 @@ For more detailed information, see the [Consul Sentinel documentation](/docs/age ## Keyring Rules -The `keyring` resource controls access to keyring operations in the [Keyring API](/api/operator/keyring). Only one keyring policy is allowed per rule set. The value is set to one of the policy dispositions, but may be read and updated. +The `keyring` resource controls access to keyring operations in the [Keyring API](/api-docs/operator/keyring). Only one keyring policy is allowed per rule set. The value is set to one of the policy dispositions, but may be read and updated. @@ -592,9 +592,9 @@ specific namespace are prevented from accessing resources in another namespace. The `node` and `node_prefix` resources control access to the following API behaviors: -- node-level registration and read access to the [Catalog API](/api/catalog) -- service discovery with the [Health API](/api/health) -- filtering results in [Agent API](/api/agent) operations, such as fetching the list of cluster members. +- node-level registration and read access to the [Catalog API](/api-docs/catalog) +- service discovery with the [Health API](/api-docs/health) +- filtering results in [Agent API](/api-docs/agent) operations, such as fetching the list of cluster members. You can use resource labels to scope the rule to a specific resource or set of resources. @@ -659,7 +659,7 @@ These actions may required an ACL token to complete. Use the following methods t ## Operator Rules The `operator` resource controls access to cluster-level operations in the -[Operator API](/api/operator), other than the [Keyring API](/api/operator/keyring). +[Operator API](/api-docs/operator), other than the [Keyring API](/api-docs/operator/keyring). Only one operator rule allowed per rule set. In the following example, the token may be used to query the operator endpoints for diagnostic purposes but it will not make changes. @@ -684,7 +684,7 @@ operator = "read" ## Prepared Query Rules The `query` and `query_prefix` resources control access to create, update, and delete prepared queries in the -[Prepared Query API](/api/query). Specify the resource label in query rules to determine the scope of the rule. +[Prepared Query API](/api-docs/query). Specify the resource label in query rules to determine the scope of the rule. The resource label in the following example is empty. As a result, the rules allow read-only access to query resources with any name. The rules also grant read-write access to the query named `foo`, which allows control of the query namespace to be delegated based on ACLs: @@ -745,7 +745,7 @@ here, with examples: that is used and known by many clients to provide geo-failover behavior for a database. -- [Template queries](/api/query#prepared-query-templates) +- [Template queries](/api-docs/query#prepared-query-templates) queries work like static queries with a `Name` defined, except that a catch-all template with an empty `Name` requires an ACL token that can write to any query prefix. @@ -792,7 +792,7 @@ These differences are outlined in the table below: ## Service Rules -The `service` and `service_prefix` resources control service-level registration and read access to the [Catalog API](/api/catalog) and service discovery with the [Health API](/api/health). +The `service` and `service_prefix` resources control service-level registration and read access to the [Catalog API](/api-docs/catalog) and service discovery with the [Health API](/api-docs/health). Specify the resource label in service rules to set the scope of the rule. The resource label in the following example is empty. As a result, the rules allow read-only access to any service name with the empty prefix. The rules also allow read-write access to the `app` service and deny all access to the `admin` service: @@ -841,7 +841,7 @@ given service, then the DNS interface will return no records when queried for it When reading from the catalog or retrieving information from the health endpoints, service rules are used to filter the results of the query. -Service rules come into play when using the [Agent API](/api/agent) to register services or +Service rules come into play when using the [Agent API](/api-docs/agent) to register services or checks. The agent will check tokens locally as a service or check is registered, and Consul also performs periodic [anti-entropy](/docs/architecture/anti-entropy) syncs, which may require an ACL token to complete. To accommodate this, Consul provides two methods of configuring ACL tokens @@ -900,7 +900,7 @@ for more information about managing intentions access with service rules. ## Session Rules -The `session` and `session_prefix` resources controls access to [Session API](/api/session) operations. +The `session` and `session_prefix` resources controls access to [Session API](/api-docs/session) operations. Specify the resource label in session rules to set the scope of the rule. The resource label in the following example is empty. As a result, the rules allow read-only access to all sessions. diff --git a/website/content/docs/security/acl/acl-tokens.mdx b/website/content/docs/security/acl/acl-tokens.mdx index 66d886ecb..89999008b 100644 --- a/website/content/docs/security/acl/acl-tokens.mdx +++ b/website/content/docs/security/acl/acl-tokens.mdx @@ -160,22 +160,22 @@ system or accessing Consul under specific conditions. The following table descri | Token | Servers | Clients | Description | | ------------------------------------------------------------------------------------ | ---------- | ---------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -| [`acl.tokens.agent_recovery`](/docs/agent/options#acl_tokens_agent_recovery) | `OPTIONAL` | `OPTIONAL` | Enables access to the [Agent API](/api/agent) when remote bearer token resolution fails.
Used for setting up the cluster and performing initial join operations.
See [ACL Agent Recovery Token](#acl-agent-recovery-token) for details. | +| [`acl.tokens.agent_recovery`](/docs/agent/options#acl_tokens_agent_recovery) | `OPTIONAL` | `OPTIONAL` | Enables access to the [Agent API](/api-docs/agent) when remote bearer token resolution fails.
Used for setting up the cluster and performing initial join operations.
See [ACL Agent Recovery Token](#acl-agent-recovery-token) for details. | | [`acl.tokens.agent`](/docs/agent/options#acl_tokens_agent) | `OPTIONAL` | `OPTIONAL` | Used for internal agent operations. See [ACL Agent Token](#acl-agent-token) for details. | | [`acl.tokens.initial_management`](/docs/agent/options#acl_tokens_initial_management) | `OPTIONAL` | `N/A` | Used to bootstrap the ACL system. See [Initial Management Token](#initial-management-token). | | [`acl.tokens.default`](/docs/agent/options#acl_tokens_default) | `OPTIONAL` | `OPTIONAL` | Specifies a default token to use for client requests if no token is supplied. This is commonly configured with read-only access to services to enable DNS service discovery on agents. | -All reserved tokens except the `initial_management` token can be created or updated using the [/v1/agent/token API](/api/agent#update-acl-tokens). +All reserved tokens except the `initial_management` token can be created or updated using the [/v1/agent/token API](/api-docs/agent#update-acl-tokens). ### Snapshot Tokens -Snapshots are artifacts created with the [snapshot API](/api/snapshot) for backup and recovery purposes. Snapshots contain ACL tokens and require, and interacting with them requires a token with `write` privileges. +Snapshots are artifacts created with the [snapshot API](/api-docs/snapshot) for backup and recovery purposes. Snapshots contain ACL tokens and require, and interacting with them requires a token with `write` privileges. ### ACL Agent Token The [`acl.tokens.agent`](/docs/agent/options#acl_tokens_agent) is a special token that is used for an agent's internal operations. It isn't used directly for any user-initiated operations like the [`acl.tokens.default`](/docs/agent/options#acl_tokens_default), though if the `acl.tokens.agent` isn't configured the `acl.tokens.default` will be used. The ACL agent token is used for the following operations by the agent: -1. Updating the agent's node entry using the [Catalog API](/api/catalog), including updating its node metadata, tagged addresses, and network coordinates +1. Updating the agent's node entry using the [Catalog API](/api-docs/catalog), including updating its node metadata, tagged addresses, and network coordinates 2. Performing [anti-entropy](/docs/internals/anti-entropy) syncing, in particular reading the node metadata and services registered with the catalog 3. Reading and writing the special `_rexec` section of the KV store when executing [`consul exec`](/commands/exec) commands diff --git a/website/content/docs/security/acl/auth-methods/index.mdx b/website/content/docs/security/acl/auth-methods/index.mdx index 6f3385a03..c1e29d504 100644 --- a/website/content/docs/security/acl/auth-methods/index.mdx +++ b/website/content/docs/security/acl/auth-methods/index.mdx @@ -49,7 +49,7 @@ using the API or command line before they can be used by applications. details about how to authenticate application credentials. Successful validation of application credentials will return a set of trusted identity attributes (such as a username). These can be managed with the `consul acl auth-method` subcommands or the corresponding [API - endpoints](/api/acl/auth-methods). The specific details of + endpoints](/api-docs/acl/auth-methods). The specific details of configuration are type dependent and described in their own documentation pages. @@ -57,7 +57,7 @@ using the API or command line before they can be used by applications. how to translate trusted identity attributes from each auth method into privileges assigned to the ACL token that is created. These can be managed with the `consul acl binding-rule` subcommands or the corresponding [API - endpoints](/api/acl/binding-rules). + endpoints](/api-docs/acl/binding-rules). -> **Note** - To configure auth methods in any connected secondary datacenter, [ACL token replication](/docs/agent/options#acl_enable_token_replication) @@ -83,7 +83,7 @@ Each binding rule is composed of two portions: - **Selector** - A logical query that must match the trusted identity attributes for the binding rule to be applicable to a given login attempt. The syntax uses github.com/hashicorp/go-bexpr which is shared with the [API - filtering feature](/api/features/filtering). For example: + filtering feature](/api-docs/features/filtering). For example: `"serviceaccount.namespace==default and serviceaccount.name!=vault"` - **Bind Type and Name** - A binding rule can bind a token to a diff --git a/website/content/docs/security/acl/auth-methods/jwt.mdx b/website/content/docs/security/acl/auth-methods/jwt.mdx index d3d8130c6..60fe15891 100644 --- a/website/content/docs/security/acl/auth-methods/jwt.mdx +++ b/website/content/docs/security/acl/auth-methods/jwt.mdx @@ -28,7 +28,7 @@ processing of the claims data in the JWT. ## Config Parameters -The following auth method [`Config`](/api/acl/auth-methods#config) +The following auth method [`Config`](/api-docs/acl/auth-methods#config) parameters are required to properly configure an auth method of type `jwt`: diff --git a/website/content/docs/security/acl/auth-methods/kubernetes.mdx b/website/content/docs/security/acl/auth-methods/kubernetes.mdx index e1490ba8e..8d84d0ca1 100644 --- a/website/content/docs/security/acl/auth-methods/kubernetes.mdx +++ b/website/content/docs/security/acl/auth-methods/kubernetes.mdx @@ -21,7 +21,7 @@ documentation](/docs/security/acl/auth-methods). ## Config Parameters -The following auth method [`Config`](/api/acl/auth-methods#config) +The following auth method [`Config`](/api-docs/acl/auth-methods#config) parameters are required to properly configure an auth method of type `kubernetes`: @@ -37,27 +37,27 @@ parameters are required to properly configure an auth method of type validate application JWTs during login. - `MapNamespaces` `(bool: )` - - **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules).** + **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules).** Indicates whether the auth method should attempt to map the Kubernetes namespace to a Consul namespace instead of creating tokens in the auth methods own namespace. Note that mapping namespaces requires the auth method to reside within the `default` namespace. - Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules). + Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules). - `ConsulNamespacePrefix` `(string: )` - - **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules).** + **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules).** When `MapNamespaces` is enabled, this value will be prefixed to the Kubernetes namespace to determine the Consul namespace to create the new token within. - Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules). + Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules). - `ConsulNamespaceOverrides` `(map: )` - - **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules).** + **Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules).** This field is a mapping of Kubernetes namespace names to Consul namespace names. If a Kubernetes namespace is present within this map, the value will be used without adding the `ConsulNamespacePrefix`. If the value in the map is `""` then the auth methods namespace will be used instead of attempting to determine an alternate namespace. - Deprecated in Consul 1.8.0 in favor of [namespace rules](/api/acl/auth-methods#namespacerules). + Deprecated in Consul 1.8.0 in favor of [namespace rules](/api-docs/acl/auth-methods#namespacerules). ### Sample Config diff --git a/website/content/docs/security/acl/auth-methods/oidc.mdx b/website/content/docs/security/acl/auth-methods/oidc.mdx index 5c9605831..07ca08a89 100644 --- a/website/content/docs/security/acl/auth-methods/oidc.mdx +++ b/website/content/docs/security/acl/auth-methods/oidc.mdx @@ -34,7 +34,7 @@ processing of the claims data in the JWT. ## Config Parameters -The following auth method [`Config`](/api/acl/auth-methods#config) +The following auth method [`Config`](/api-docs/acl/auth-methods#config) parameters are required to properly configure an auth method of type `oidc`: diff --git a/website/content/docs/security/acl/index.mdx b/website/content/docs/security/acl/index.mdx index 197d63250..d0676d14d 100644 --- a/website/content/docs/security/acl/index.mdx +++ b/website/content/docs/security/acl/index.mdx @@ -76,7 +76,7 @@ Service identities enable you to quickly construct policies for services, rather Refer to the following topics for additional information about service identities: - [Service Identities](/docs/security/acl/acl-roles#service-identities) -- [API documentation for roles](/api/acl/roles#sample-payload) +- [API documentation for roles](/api-docs/acl/roles#sample-payload) ## Node Identities @@ -87,4 +87,4 @@ Node identities enable you to quickly construct policies for nodes, rather than Refer to the following topics for additional information about node identities: - [Node Identities](/docs/security/acl/acl-roles#node-identities) -- [API documentation for roles](/api/acl/roles#sample-payload) +- [API documentation for roles](/api-docs/acl/roles#sample-payload) diff --git a/website/content/docs/upgrading/upgrade-specific.mdx b/website/content/docs/upgrading/upgrade-specific.mdx index 096ecba58..e7284dd38 100644 --- a/website/content/docs/upgrading/upgrade-specific.mdx +++ b/website/content/docs/upgrading/upgrade-specific.mdx @@ -403,7 +403,7 @@ will not upgrade more than one batch per second so on a cluster with 10,000 tokens, this may take several minutes. While this is happening both old and new ACLs will work correctly with the -caveat that new ACL [Token APIs](/api/acl/tokens) may not return an +caveat that new ACL [Token APIs](/api-docs/acl/tokens) may not return an accessor ID for legacy tokens that are not yet migrated. #### Migrating Existing ACLs @@ -417,8 +417,8 @@ API so existing integrations that create tokens (e.g. Vault) will continue to work. The "legacy" tokens generated though will not be able to take advantage of new policy features. It's recommended that you complete migration of all tokens as soon as possible after upgrade, as well as updating any integrations to work -with the the new ACL [Token](/api/acl/tokens) and -[Policy](/api/acl/policies) APIs. +with the the new ACL [Token](/api-docs/acl/tokens) and +[Policy](/api-docs/acl/policies) APIs. More complete details on how to upgrade "legacy" tokens is available [here](/docs/security/acl/acl-migrate-tokens). @@ -718,7 +718,7 @@ directly returning one of Consul's internal data structures. This configuration structure has been moved under `DebugConfig`, and is documents as for debugging use and subject to change, and a small set of elements of `Config` have been maintained and documented. See [Read -Configuration](/api/agent#read-configuration) endpoint documentation for +Configuration](/api-docs/agent#read-configuration) endpoint documentation for details. #### Deprecated `configtest` Command Removed @@ -950,7 +950,7 @@ to upgrade all agents to a newer version of Consul before upgrading to Consul #### Prepared Query Changes Consul version 0.7 adds a feature which allows prepared queries to store a -[`Near` parameter](/api/query#near) in the query definition +[`Near` parameter](/api-docs/query#near) in the query definition itself. This feature enables using the distance sorting features of prepared queries without explicitly providing the node to sort near in requests, but requires the agent servicing a request to send additional information about diff --git a/website/next.config.js b/website/next.config.js index 0ddf76822..f90501d0d 100644 --- a/website/next.config.js +++ b/website/next.config.js @@ -10,12 +10,6 @@ module.exports = withHashicorp({ transpileModules: ['@hashicorp/flight-icons'], })({ svgo: { plugins: [{ removeViewBox: false }] }, - rewrites: () => [ - { - source: '/api/:path*', - destination: '/api-docs/:path*', - }, - ], redirects: () => redirects, // Note: These are meant to be public, it's not a mistake that they are here env: { diff --git a/website/redirects.next.js b/website/redirects.next.js index 484d912a1..3517dc5e3 100644 --- a/website/redirects.next.js +++ b/website/redirects.next.js @@ -357,10 +357,10 @@ module.exports = [ }, { source: '/docs/agent/http/:path*', - destination: '/api/:path*', + destination: '/api-docs/:path*', permanent: true, }, - { source: '/docs/agent/http', destination: '/api', permanent: true }, + { source: '/docs/agent/http', destination: '/api-docs', permanent: true }, // CLI Redirects { source: '/docs/commands', destination: '/commands', permanent: true }, { @@ -1254,4 +1254,9 @@ module.exports = [ destination: '/docs/releases/release-notes/v1_9_0', permanent: true, }, + { + source: '/api/:path*', + destination: '/api-docs/:path*', + permanent: true, + }, ]