diff --git a/website/content/docs/security/acl/tokens/create/create-a-mesh-gateway-token.mdx b/website/content/docs/security/acl/tokens/create/create-a-mesh-gateway-token.mdx index dda33e706789..189e3c6efd1a 100644 --- a/website/content/docs/security/acl/tokens/create/create-a-mesh-gateway-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-a-mesh-gateway-token.mdx @@ -1,13 +1,13 @@ --- layout: docs page_title: Create a token for mesh gateway registration -Description: >- +description: >- Learn how to create ACL tokens that your mesh gateway can present to Consul servers so that they can register with the Consul catalog. --- # Create a mesh gateway token -This topic describes how to create a token to enable a mesh gateway to register. +This topic describes how to create a token to enable a mesh gateway to register. ## Introduction @@ -27,7 +27,7 @@ To create a token for the mesh gateway, you must define a policy, register the p ### Define a custom policy -You can send custom policy definitions as command line or API arguments or define them in an external HCL or JSON file. The following example policies are externally defined policies. Refer to [ACL Rules](/consul/docs/security/acl/acl-rules) for details about all of the rules you can use in your policies. +You can send custom policy definitions as command line or API arguments or define them in an external HCL or JSON file. The following example policies are externally defined policies. Refer to [ACL Rules](/consul/docs/security/acl/acl-rules) for details about all of the rules you can use in your policies. #### Consul OSS @@ -35,7 +35,7 @@ The following example policy grants the mesh gateway the appropriate permissions -```hcl +```hcl mesh = "write" peering = "read" service "mesh-gateway" { @@ -246,7 +246,7 @@ You can specify an admin partition when creating policies in Consul Enterprise. consul acl policy create \ -name mgw-register -rules @mgw-register.hcl \ -description "Mesh gateway policy" \ - -partition ptn1 + -partition ptn1 ``` Refer to [Consul ACL Policy Create](/consul/commands/acl/policy/create) for details about the `consul acl policy create` command. @@ -295,7 +295,7 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/policy \ }' ``` -Refer to [ACL Policy HTTP API](/consul/api-docs/acl/policies) for additional information about using the API endpoint. +Refer to [ACL Policy HTTP API](/consul/api-docs/acl/policies) for additional information about using the API endpoint. ### Link the policy to a token @@ -307,7 +307,7 @@ Run the `consul acl token create` command and specify the policy name or ID to c ##### Consul OSS -The following command creates the ACL token linked to the policy `mgw-register`. +The following command creates the ACL token linked to the policy `mgw-register`. ```shell-session $ consul acl token create \ @@ -338,10 +338,10 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "Policies": [ { - "Name": "mgw-register" + "Name": "mgw-register" } ] -}' +}' ``` ##### Consul Enterprise @@ -354,11 +354,11 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "Policies": [ { - "Name": "mgw-register" + "Name": "mgw-register" } ], "Partition": "ptn1" -}' +}' ``` @include 'create-token-auth-methods.mdx' diff --git a/website/content/docs/security/acl/tokens/create/create-a-service-token.mdx b/website/content/docs/security/acl/tokens/create/create-a-service-token.mdx index 8098bb832496..e812c767f238 100644 --- a/website/content/docs/security/acl/tokens/create/create-a-service-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-a-service-token.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Create tokens for service registration -Description: >- +description: >- Learn how to create ACL tokens that your services can present to Consul servers so that they can register with the Consul catalog. --- @@ -297,7 +297,7 @@ The following commands create the ACL token linked to the policy `svc1-register` ```shell-session $ consul acl token create -partition "ptn1" -namespace "ns1" \ -description "Service token for svc1" \ - -policy-name "svc1-register" + -policy-name "svc1-register" ``` #### API diff --git a/website/content/docs/security/acl/tokens/create/create-a-terminating-gateway-token.mdx b/website/content/docs/security/acl/tokens/create/create-a-terminating-gateway-token.mdx index 777efc634081..6f574da5f373 100644 --- a/website/content/docs/security/acl/tokens/create/create-a-terminating-gateway-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-a-terminating-gateway-token.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Create a token for terminating gateway registration -Description: >- +description: >- Learn how to create ACL tokens that your terminating gateway can present to Consul servers so that they can register with the Consul catalog. --- diff --git a/website/content/docs/security/acl/tokens/create/create-a-ui-token.mdx b/website/content/docs/security/acl/tokens/create/create-a-ui-token.mdx index 61355a39a7d0..f9dad0ce94d9 100644 --- a/website/content/docs/security/acl/tokens/create/create-a-ui-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-a-ui-token.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Create tokens for agent registration -Description: >- +description: >- Learn how to create ACL tokens that your Consul agents can present to Consul servers so that they can join the Consul cluster. --- diff --git a/website/content/docs/security/acl/tokens/create/create-an-agent-token.mdx b/website/content/docs/security/acl/tokens/create/create-an-agent-token.mdx index 41cd23041401..123acb6effa9 100644 --- a/website/content/docs/security/acl/tokens/create/create-an-agent-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-an-agent-token.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Create tokens for agent registration -Description: >- +description: >- Learn how to create ACL tokens that your Consul agents can present to Consul servers so that they can join the Consul cluster. --- @@ -60,9 +60,9 @@ $ consul acl token create -partition "ptn1" \ ### API -Send a PUT request to the `/acl/token` endpoint and specify a node identity in the request body to create a token linked to the node identity. An ACL token linked to a policy with permissions to use the API endpoint is required. Refer to [ACL Token HTTP API](/consul/api-docs/acl/tokens) for additional information about using the API endpoint. +Send a PUT request to the `/acl/token` endpoint and specify a node identity in the request body to create a token linked to the node identity. An ACL token linked to a policy with permissions to use the API endpoint is required. Refer to [ACL Token HTTP API](/consul/api-docs/acl/tokens) for additional information about using the API endpoint. -The following example creates a token linked to a node identity named `node1`: +The following example creates a token linked to a node identity named `node1`: #### Consul OSS @@ -72,8 +72,8 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "NodeIdentities": [ { - "NodeName": "node1", - "Datacenter": "dc1" + "NodeName": "node1", + "Datacenter": "dc1" } ] }' @@ -89,8 +89,8 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "NodeIdentities": [ { - "NodeName": "node1", - "Datacenter": "dc1" + "NodeName": "node1", + "Datacenter": "dc1" } ], "Partition": "ptn1" @@ -113,7 +113,7 @@ The following example policy grants the agent node `write` permission for node ` -```hcl +```hcl node "node1" { policy = "write" } @@ -185,7 +185,7 @@ partition "ptn1" { ### Register policies with Consul -After defining the custom policies, you can register them with Consul using the command line or API endpoint. +After defining the custom policies, you can register them with Consul using the command line or API endpoint. #### CLI @@ -238,7 +238,7 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/policy \ }' ``` -Refer to [ACL Policy HTTP API](/consul/api-docs/acl/policies) for additional information about using the API endpoint. +Refer to [ACL Policy HTTP API](/consul/api-docs/acl/policies) for additional information about using the API endpoint. ### Link custom policies to tokens @@ -250,7 +250,7 @@ Run the `consul acl token create` command and specify the policy name or ID to c ##### Consul OSS -The following command creates the ACL token linked to the policy `node1-register`. +The following command creates the ACL token linked to the policy `node1-register`. ```shell-session $ consul acl token create \ @@ -272,7 +272,7 @@ Send a PUT request to the `/acl/token` endpoint and specify the policy name or I ##### Consul OSS -The following example creates an ACL token that the agent can use to register as node `node1` in the catalog: +The following example creates an ACL token that the agent can use to register as node `node1` in the catalog: ```shell-session $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ @@ -280,10 +280,10 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "Policies": [ { - "Name": "node1-register" + "Name": "node1-register" } ] -}' +}' ``` ##### Consul Enterprise @@ -296,24 +296,24 @@ $ curl --request PUT http://127.0.0.1:8500/v1/acl/token \ --data '{ "Policies": [ { - "Name": "node1-register" + "Name": "node1-register" } ], "Partition": "ptn1" -}' +}' ``` @include 'create-token-auth-methods.mdx' -## Apply the token +## Apply the token Configure the Consul agent to present the token by either specifying the token in the agent configuration file or by using the `consul set-agent-token` command. ### Apply the token in a file -Specify the token in the [`acl.token.agent`](/consul/docs/agent/config/config-files#acl_tokens_agent) field of the agent configuration file so that the agent can present it and register into the catalog on startup. +Specify the token in the [`acl.token.agent`](/consul/docs/agent/config/config-files#acl_tokens_agent) field of the agent configuration file so that the agent can present it and register into the catalog on startup. -```hcl +```hcl acl = { enabled = true tokens = { diff --git a/website/content/docs/security/acl/tokens/create/create-an-ingress-gateway-token.mdx b/website/content/docs/security/acl/tokens/create/create-an-ingress-gateway-token.mdx index 70a1974cfc39..096c79ce5f4d 100644 --- a/website/content/docs/security/acl/tokens/create/create-an-ingress-gateway-token.mdx +++ b/website/content/docs/security/acl/tokens/create/create-an-ingress-gateway-token.mdx @@ -1,7 +1,7 @@ --- layout: docs page_title: Create a token for ingress gateway registration -Description: >- +description: >- Learn how to create ACL tokens that your ingress gateway can present to Consul servers so that they can register with the Consul catalog. ---