Updates consul exec docs to mention ACLs. (#3308)

* Update documentation for consul exec to mention all permissions it needs.

* Removed node write perm, not needed for consul exec

* Converts ACL note into a table like the API docs, adds ACL guide x-ref.

website/source/api/acl.html.md

@@ -8,7 +8,8 @@ description: |-
 
 # ACL HTTP API
 
-The `/acl` endpoints create, update, destroy, and query ACL tokens in Consul.
+The `/acl` endpoints create, update, destroy, and query ACL tokens in Consul. If
+you are looking for general information about ACLs, please see the [ACL Guide](/docs/guides/acl.html).
 
 ## Create ACL Token
 

website/source/docs/commands/exec.html.markdown.erb

@@ -29,6 +29,16 @@ through the Consul servers and the Raft consensus algorithm, so having a large
 number of nodes in the cluster flow a large amount of data through the KV store
 could make the cluster unavailable.
 
+The table below shows the [required ACLs](/api/index.html#acls) in order to
+execute this command.
+
+| ACL Required    | Scope             |
+| ------------    | ------------      |
+| `agent:read`    | local agent       |
+| `session:write` | local agent       |
+| `key:write`     | `"_rexec"` prefix |
+| `event:write`   | `"_rexec"` prefix |
+
 ## Usage
 
 Usage: `consul exec [options] [-|command...]`