consul/website/pages/docs/security/index.mdx

28 lines
1.1 KiB
Plaintext
Raw Normal View History

2014-02-08 00:41:03 +00:00
---
2020-04-07 18:55:19 +00:00
layout: docs
page_title: Security
sidebar_title: Security
2020-04-07 18:55:19 +00:00
description: >-
Consul relies on both a lightweight gossip mechanism and an RPC system to
provide various features. Both of the systems have different security
mechanisms that stem from their designs. However, the security mechanisms of
Consul have a common goal: to provide confidentiality, integrity, and
authentication.
2014-02-08 00:41:03 +00:00
---
2020-11-04 22:05:44 +00:00
## Security Models
2014-02-08 00:41:03 +00:00
Requirements and recommendations for operating a secure Consul deployment may vary drastically depending on your
2020-11-04 22:05:44 +00:00
intended workloads, operating system, and environment. You can find detailed information about the various personas,
recommendations, requirements, and threats [here](/docs/security/security-models).
2014-02-08 00:41:03 +00:00
2020-11-04 22:05:44 +00:00
## ACLs
2014-02-20 20:26:50 +00:00
2020-11-04 22:05:44 +00:00
Consul provides an optional [Access Control List (ACL) system](/docs/security/acl) which can be used to control access
to data and APIs.
2014-02-20 20:26:50 +00:00
2020-11-04 22:05:44 +00:00
## Encryption
2014-02-08 00:41:03 +00:00
2020-11-04 22:05:44 +00:00
The Consul agent supports encrypting all of its network traffic. The exact method of encryption is described on the
[encryption security page](/docs/security/encryption). There are two separate encryption systems, one for gossip
traffic and one for HTTP + RPC.