renamed acl-overview to index, fixed formatting, reworded node/service ID intros
This commit is contained in:
parent
5578217d5c
commit
d27895f068
|
@ -70,7 +70,9 @@ Roles may contain the following table describe the attributes:
|
|||
|
||||
<!-- -> Added in Consul 1.5.0 # Remove and lean on versioning?-->
|
||||
|
||||
You can specify a service identity when configuring roles or linking tokens to policies. Service identities are used during the authorization process to automatically generate a policy for the service(s) specifed. The policy will be linked to the role or token so that the service(s) can _be discovered_ and _discover other healthy service instances_ in a service mesh. See [Service Mesh](/docs/connect) for additional information about Consul service mesh. Service identities enable you to quickly construct policies for services, rather than creating identical polices for each service.
|
||||
You can specify a service identity when configuring roles or linking tokens to policies. Service identities enable you to quickly construct policies for services, rather than creating identical polices for each service.
|
||||
|
||||
Service identities are used during the authorization process to automatically generate a policy for the service(s) specifed. The policy will be linked to the role or token so that the service(s) can _be discovered_ and _discover other healthy service instances_ in a service mesh. Refer to the [service mesh](/docs/connect) topic for additional information about Consul service mesh.
|
||||
|
||||
### Service Identity Specification
|
||||
|
||||
|
@ -242,9 +244,9 @@ node_prefix "" {
|
|||
|
||||
<!-- -> Added in Consul 1.8.1 -- remove and lean on doc version? -->
|
||||
|
||||
You can specify a node identity when configuring roles or linking tokens to policies. Node identities are used during the authorization process to automatically generate a policy for the node(s) specifed. In most cases, "node" refers to a Consul agent.
|
||||
You can specify a node identity when configuring roles or linking tokens to policies. _Node_ commonly refers to a Consul agent, but a node can also be a physical server, cloud instance, virtual machine, or container.
|
||||
|
||||
You can specify the token linked to the policy in the [`acl_tokens_agent`](/docs/agent/options#acl_tokens_agent) field when configuring the agent. Node identities enable you to quickly construct policies for nodes, rather than creating identical polices for each node.
|
||||
Node identities enable you to quickly construct policies for nodes, rather than manually creating identical polices for each node. They are used during the authorization process to automatically generate a policy for the node(s) specifed. You can specify the token linked to the policy in the [`acl_tokens_agent`](/docs/agent/options#acl_tokens_agent) field when configuring the agent.
|
||||
|
||||
### Node Identity Specification
|
||||
|
||||
|
|
|
@ -106,7 +106,7 @@ In the following example, the agent is configured to use a default token:
|
|||
|
||||
</CodeTabs>
|
||||
|
||||
Refer to the [agent configurations documentation]() for additional information.
|
||||
Refer to the [agent configurations documentation](/docs/agent/options) for additional information.
|
||||
|
||||
### Command Line Requests
|
||||
|
||||
|
|
|
@ -27,9 +27,9 @@ Implementations may vary depending on the needs of the organization, but the fol
|
|||
1. The person responsible for administrating ACLs in your organization specifies one or more authentication rules to define a [policy](#policies).
|
||||
1. The ACL administrator uses the Consul API to generate and link a [token](#tokens) to one or more policies. The following diagram illustrates the relationship between rules, policies, and tokens:
|
||||
|
||||
![ACL system component relationships](/img/acl-token-policy-rule-relationship.png)
|
||||
![ACL system component relationships](/img/acl-token-policy-rule-relationship.png)
|
||||
|
||||
The ACL administrator can create and link additional artifacts to tokens, such as [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements.
|
||||
The ACL administrator can create and link additional artifacts to tokens, such as [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements.
|
||||
|
||||
1. Tokens are distributed to end users and incorporated into their services.
|
||||
1. Agents and services present the token when making requests.
|
|
@ -868,7 +868,7 @@
|
|||
"routes": [
|
||||
{
|
||||
"title": "ACL System Overview",
|
||||
"path": "security/acl/acl-system"
|
||||
"path": "security/acl"
|
||||
},
|
||||
{
|
||||
"title": "Tokens",
|
||||
|
|
Loading…
Reference in New Issue