docs: add an overview section for the auth method docs (#5772)
This commit is contained in:
parent
70c03e6ac4
commit
eb24e73cfd
|
@ -8,7 +8,9 @@ description: |-
|
|||
|
||||
# ACL Documentation and Guides
|
||||
|
||||
Consul uses Access Control Lists (ACLs) to secure the UI, API, CLI, service communications, and agent communications. At the core, ACLs operate by grouping rules into policies, then associating one or more policies with a token.
|
||||
Consul uses Access Control Lists (ACLs) to secure the UI, API, CLI, service
|
||||
communications, and agent communications. At the core, ACLs operate by grouping
|
||||
rules into policies, then associating one or more policies with a token.
|
||||
|
||||
The following documentation and guides will help you understand and implement
|
||||
ACLs.
|
||||
|
@ -17,37 +19,51 @@ ACLs.
|
|||
|
||||
### ACL System
|
||||
|
||||
Consul provides an optional Access Control List (ACL) system which can be used to control access to data and APIs. The ACL system is a Capability-based system that relies on tokens which can have fine grained rules applied to them. The [ACL System documentation](/docs/acl/acl-system.html) details the functionality of Consul ACLs.
|
||||
Consul provides an optional Access Control List (ACL) system which can be used
|
||||
to control access to data and APIs. The ACL system is a Capability-based system
|
||||
that relies on tokens which can have fine grained rules applied to them. The
|
||||
[ACL System documentation](/docs/acl/acl-system.html) details the functionality
|
||||
of Consul ACLs.
|
||||
|
||||
### ACL Rules
|
||||
|
||||
A core part of the ACL system is the rule language, which is used to describe the policy that must be enforced. Read the ACL rules [documentation](/docs/acl/acl-rules.html)
|
||||
to learn about rule specifications.
|
||||
A core part of the ACL system is the rule language, which is used to describe
|
||||
the policy that must be enforced. Read the ACL rules
|
||||
[documentation](/docs/acl/acl-rules.html) to learn about rule specifications.
|
||||
|
||||
### ACL Auth Methods
|
||||
|
||||
An auth method is a component in Consul that performs authentication against a
|
||||
trusted external party to authorize the creation of an ACL tokens usable within
|
||||
the local datacenter. Read the ACL auth method
|
||||
[documentation](/docs/acl/acl-auth-methods.html) to learn more about how they
|
||||
work and why you may want to use them.
|
||||
|
||||
### ACL Legacy System
|
||||
|
||||
The ACL system in Consul 1.3.1 and older is now called legacy. For information on bootstrapping the legacy system, ACL rules, and a general ACL system overview, read the legacy [documentation](/docs/acl/acl-legacy.html).
|
||||
The ACL system in Consul 1.3.1 and older is now called legacy. For information
|
||||
on bootstrapping the legacy system, ACL rules, and a general ACL system
|
||||
overview, read the legacy [documentation](/docs/acl/acl-legacy.html).
|
||||
|
||||
### ACL Migration
|
||||
|
||||
[The migration documentation](/docs/acl/acl-migrate-tokens.html) details how to upgrade
|
||||
existing legacy tokens after upgrading to 1.4.0. It will briefly describe what changed, and then walk through the high-level migration process options, finally giving some specific examples of migration strategies. The new ACL system has improvements for the security and management of ACL tokens and policies.
|
||||
[The migration documentation](/docs/acl/acl-migrate-tokens.html) details how to
|
||||
upgrade existing legacy tokens after upgrading to 1.4.0. It will briefly
|
||||
describe what changed, and then walk through the high-level migration process
|
||||
options, finally giving some specific examples of migration strategies. The new
|
||||
ACL system has improvements for the security and management of ACL tokens and
|
||||
policies.
|
||||
|
||||
## ACL Guides on Learn
|
||||
## Learn ACL Guide
|
||||
|
||||
We have several guides for setting up and configuring Consul's ACL system. They include how to bootstrap the ACL system in Consul version 1.4.0 and newer. Please select one of the following guides to get started.
|
||||
|
||||
~> Note: the following are located on HashiCorp Learn. By selecting
|
||||
one of the guides, you will be directed to a new site.
|
||||
|
||||
### Bootstrapping the ACL System
|
||||
|
||||
Learn how to control access to Consul resources with this step-by-step [guide](https://learn.hashicorp.com/consul/advanced/day-1-operations/acl-guide) on bootstrapping the ACL system in Consul 1.4.0 and newer. This guide also includes additional steps for configuring the anonymous token, setting up agent-specific default tokens, and creating tokens for Consul UI use.
|
||||
~> Note: the following guide is located on HashiCorp Learn. By selecting it,
|
||||
you will be directed to a new site.
|
||||
|
||||
### Securing Consul with ACLs
|
||||
|
||||
The _Bootstrapping the ACL System_ guide walks you through how to set up ACLs on a single datacenter. Because it introduces the basic concepts and syntax we recommend completing it before starting the [Securing Consul with ACLs](https://learn.hashicorp.com/consul/advanced/day-1-operations/production-acls) which has recommendations for production workloads on a single datacenter.
|
||||
|
||||
|
||||
|
||||
|
||||
In this guide, you will learn how to secure the UI, API, CLI, service
|
||||
communications, and agent communications with ACLs. When securing your cluster
|
||||
you should configure the ACLs first. The ACL documentation introduces basic
|
||||
concepts and syntax for the ACL system, and we recommend that you read it
|
||||
before you begin [this
|
||||
guide](https://learn.hashicorp.com/consul/security-networking/production-acls).
|
||||
|
|
Loading…
Reference in New Issue