0963230b8c
The ACL policy examples documented on the Consul Storage Backend and Consul Service Registration pages are too permissive. Both policies unnecessarily grant agent:write and node:write access for all agents within the Consul datacenter. When Consul is used solely for service registration, `service:write` is only required permission. This commit modifies the policy for the Consul Storage Backend to remove node:write access, and changes agent:write to agent:read. The policy on the Consul Service Registration page is updated to remove all KV-related privileges, and solely grant the necessary service:write permission. |
||
|---|---|---|
| .. | ||
| consul.mdx | ||
| index.mdx | ||
| kubernetes.mdx | ||