Skip to content

Commit

Permalink
Add read-only to docs
Browse files Browse the repository at this point in the history
  • Loading branch information
jjacobson93 committed Jul 28, 2023
1 parent 4a376a6 commit 75552a9
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions website/content/docs/security/acl/acl-policies.mdx
Original file line number Diff line number Diff line change
Expand Up @@ -393,6 +393,10 @@ New installations of Consul ship with the following built-in policies.

The `global-management` policy grants unrestricted privileges to any token linked to it. The policy is assigned the reserved ID of `00000000-0000-0000-0000-000000000001`. You can rename the global management policy, but Consul will prevent you from modifying any other attributes, including the rule set and datacenter scope.

### Global Read-Only

The `builtin/global-read-only` policy grants unrestricted _read-only_ privileges to any token linked to it. The policy is assigned the reserved ID of `00000000-0000-0000-0000-000000000002`. You can rename the global read-only policy, but Consul will prevent you from modifying any other attributes, including the rule set and datacenter scope.

### Namespace Management <EnterpriseAlert inline />

The `namespace-management` policy will be injected into all namespaces you create. The policy will be assigned a randomized UUID and can be managed as a normal, user-defined policy within the namespace. This feature was added in Consul Enterprise 1.7.0.
Expand Down

0 comments on commit 75552a9

Please sign in to comment.