Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend ACLs to service registration #465

Closed
ryanbreen opened this issue Nov 12, 2014 · 1 comment · Fixed by #506
Closed

Extend ACLs to service registration #465

ryanbreen opened this issue Nov 12, 2014 · 1 comment · Fixed by #506

Comments

@ryanbreen
Copy link
Contributor

Currently, any consul agent can declare that it exposes any service. This allows for a service to be compromised by any agent in the cluster, either through mistake or malice. We should extend the ACL support currently used for KVs such that the cluster can deny service registration if the correct token is not presented.
@armon armon mentioned this issue Dec 1, 2014
Merged
@armon armon closed this as completed in #506 Dec 1, 2014
@ryanbreen
Copy link
Contributor Author

Cool, thanks!

duckhan pushed a commit to duckhan/consul that referenced this issue Oct 24, 2021
@lkysow
Merge pull request hashicorp#465 from hashicorp/resources-deprecation
627c7ae 
Deprecate setting resources as string.
duckhan pushed a commit to duckhan/consul that referenced this issue Oct 24, 2021
@kschoche @ishustava
Tproxy writefile changes (hashicorp#465)
aa06a67 
modify how we do writefile for acl token and proxy id file
Co-authored-by: Nitya Dhanushkodi <nitya@hashicorp.com>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Service ACL support hashicorp/consul
1 participant
@ryanbreen