mirror of https://github.com/status-im/consul.git
docs - remove Sentinel from enterprise features list (#18176)
* Update index.mdx * Update kv.mdx * Update docs-nav-data.json * delete sentinel.mdx * Update redirects.js --------- Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
This commit is contained in:
parent
cd3fc9e1d0
commit
2e326e2e5f
|
@ -61,6 +61,24 @@ and when recursively searching within the data store. We also recommend that
|
||||||
you avoid the use of `*`, `?`, `'`, and `%` because they can cause issues when
|
you avoid the use of `*`, `?`, `'`, and `%` because they can cause issues when
|
||||||
using the API and in shell scripts.
|
using the API and in shell scripts.
|
||||||
|
|
||||||
|
## Using Sentinel to apply policies for Consul KV
|
||||||
|
|
||||||
|
<EnterpriseAlert>
|
||||||
|
|
||||||
|
This feature requires
|
||||||
|
HashiCorp Cloud Platform (HCP) or self-managed Consul Enterprise.
|
||||||
|
|
||||||
|
</EnterpriseAlert>
|
||||||
|
|
||||||
|
You can also use Sentinel as a Policy-as-code framework for defining advanced key-value storage access control policies. Sentinel policies extend the ACL system in Consul beyond static "read", "write",
|
||||||
|
and "deny" policies to support full conditional logic and integration with
|
||||||
|
external systems. Reference the [Sentinel documentation](https://docs.hashicorp.com/sentinel/concepts) for high-level Sentinel concepts.
|
||||||
|
|
||||||
|
To get started with Sentinel in Consul,
|
||||||
|
refer to the [Sentinel documentation](https://docs.hashicorp.com/sentinel/consul) or
|
||||||
|
[Consul documentation](/consul/docs/agent/sentinel).
|
||||||
|
|
||||||
|
|
||||||
## Extending Consul KV
|
## Extending Consul KV
|
||||||
|
|
||||||
### Consul Template
|
### Consul Template
|
||||||
|
|
|
@ -20,12 +20,13 @@ The following features are [available in several forms of Consul Enterprise](#co
|
||||||
|
|
||||||
- [Admin Partitions](/consul/docs/enterprise/admin-partitions): Define administrative boundaries between tenants within a single Consul datacenter
|
- [Admin Partitions](/consul/docs/enterprise/admin-partitions): Define administrative boundaries between tenants within a single Consul datacenter
|
||||||
- [Namespaces](/consul/docs/enterprise/namespaces): Define resource boundaries within a single admin partition for further organizational flexibility
|
- [Namespaces](/consul/docs/enterprise/namespaces): Define resource boundaries within a single admin partition for further organizational flexibility
|
||||||
- [Sameness Groups](/consul/docs/connect/config-entries/samenes-group): Define partitions and cluster peers as members of a group with identical services
|
- [Sameness Groups](/consul/docs/connect/config-entries/sameness-group): Define partitions and cluster peers as members of a group with identical services
|
||||||
|
|
||||||
### Resiliency
|
### Resiliency
|
||||||
|
|
||||||
- [Automated Backups](/consul/docs/enterprise/backups): Configure the automatic backup of Consul state
|
- [Automated Backups](/consul/docs/enterprise/backups): Configure the automatic backup of Consul state
|
||||||
- [Redundancy Zones](/consul/docs/enterprise/redundancy): Deploy backup voting Consul servers to efficiently improve Consul fault tolerance
|
- [Redundancy Zones](/consul/docs/enterprise/redundancy): Deploy backup voting Consul servers to efficiently improve Consul fault tolerance
|
||||||
|
- [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips): Limit gRPC and RPC traffic to servers for source IP addresses.
|
||||||
|
|
||||||
### Scalability
|
### Scalability
|
||||||
|
|
||||||
|
@ -45,7 +46,6 @@ The following features are [available in several forms of Consul Enterprise](#co
|
||||||
|
|
||||||
- [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc): Manage user access to Consul through an OIDC identity provider instead of Consul ACL tokens directly
|
- [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc): Manage user access to Consul through an OIDC identity provider instead of Consul ACL tokens directly
|
||||||
- [Audit Logging](/consul/docs/enterprise/audit-logging): Understand Consul access and usage patterns by reviewing access to the Consul HTTP API
|
- [Audit Logging](/consul/docs/enterprise/audit-logging): Understand Consul access and usage patterns by reviewing access to the Consul HTTP API
|
||||||
- [Sentinel for KV](/consul/docs/enterprise/sentinel): Policy-as-code framework for defining advanced key-value storage access control policies
|
|
||||||
|
|
||||||
### Regulatory compliance
|
### Regulatory compliance
|
||||||
|
|
||||||
|
@ -102,7 +102,6 @@ Available Enterprise features per Consul form and license include:
|
||||||
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | No | Yes | Yes |
|
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | No | Yes | Yes |
|
||||||
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | Not applicable | Yes | With Global Visibility, Routing, and Scale module |
|
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | Not applicable | Yes | With Global Visibility, Routing, and Scale module |
|
||||||
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | No | Yes | N/A |
|
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | No | Yes | N/A |
|
||||||
| [Sentinel for KV](/consul/docs/enterprise/sentinel) | All tiers | Yes | With Governance and Policy module |
|
|
||||||
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | All tiers | Yes | With Governance and Policy module |
|
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | All tiers | Yes | With Governance and Policy module |
|
||||||
|
|
||||||
|
|
||||||
|
@ -131,7 +130,6 @@ Consul Enterprise feature availability can change depending on your server and c
|
||||||
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ✅ | ✅ | ✅ |
|
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ✅ | ✅ | ✅ |
|
||||||
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | ✅ | ✅ | ✅ |
|
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | ✅ | ✅ | ✅ |
|
||||||
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
||||||
| [Sentinel ](/consul/docs/enterprise/sentinel) | ✅ | ✅ | ✅ |
|
|
||||||
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
||||||
|
|
||||||
</Tab>
|
</Tab>
|
||||||
|
@ -152,7 +150,6 @@ Consul Enterprise feature availability can change depending on your server and c
|
||||||
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ✅ | ✅ | ✅ |
|
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ✅ | ✅ | ✅ |
|
||||||
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | ❌ | ❌ | ❌ |
|
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | ❌ | ❌ | ❌ |
|
||||||
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
||||||
| [Sentinel ](/consul/docs/enterprise/sentinel) | ✅ | ✅ | ✅ |
|
|
||||||
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
||||||
|
|
||||||
</Tab>
|
</Tab>
|
||||||
|
@ -173,8 +170,7 @@ Consul Enterprise feature availability can change depending on your server and c
|
||||||
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ❌ | ❌ | ❌ |
|
| [OIDC Auth Method](/consul/docs/security/acl/auth-methods/oidc) | ❌ | ❌ | ❌ |
|
||||||
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | n/a | n/a | n/a |
|
| [Redundancy Zones](/consul/docs/enterprise/redundancy) | n/a | n/a | n/a |
|
||||||
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
| [Sameness Groups](/consul/docs/connect/config-entries/samenes-group) | ✅ | ✅ | ✅ |
|
||||||
| [Sentinel ](/consul/docs/enterprise/sentinel) | ✅ | ✅ | ✅ |
|
|
||||||
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
| [Server request rate limits per source IP](/consul/docs/agent/limits/usage/limit-request-rates-from-ips) | ✅ | ✅ | ✅ |
|
||||||
|
|
||||||
</Tab>
|
</Tab>
|
||||||
</Tabs>
|
</Tabs>
|
||||||
|
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
layout: docs
|
|
||||||
page_title: Sentinel in Consul (Enterprise)
|
|
||||||
description: >-
|
|
||||||
Sentinel is an access-control-policy-as-code framework and language. Learn how Consul can use Sentinel policies to extend the ACL system's capabilities and further secure your clusters by controlling key-value (KV) store write access.
|
|
||||||
---
|
|
||||||
|
|
||||||
# Sentinel in Consul
|
|
||||||
|
|
||||||
<EnterpriseAlert>
|
|
||||||
|
|
||||||
This feature requires
|
|
||||||
HashiCorp Cloud Platform (HCP) or self-managed Consul Enterprise.
|
|
||||||
Refer to the [enterprise feature matrix](/consul/docs/enterprise#consul-enterprise-feature-availability) for additional information.
|
|
||||||
|
|
||||||
</EnterpriseAlert>
|
|
||||||
|
|
||||||
Sentinel policies extend the ACL system in Consul beyond static "read", "write",
|
|
||||||
and "deny" policies to support full conditional logic and integration with
|
|
||||||
external systems. Reference the [Sentinel documentation](https://docs.hashicorp.com/sentinel/concepts) for high-level Sentinel concepts.
|
|
||||||
|
|
||||||
To get started with Sentinel in Consul,
|
|
||||||
[read the general documentation](https://docs.hashicorp.com/sentinel/consul) or
|
|
||||||
[Consul documentation](/consul/docs/agent/sentinel).
|
|
|
@ -1678,10 +1678,6 @@
|
||||||
"title": "NIA with TFE",
|
"title": "NIA with TFE",
|
||||||
"href": "/docs/nia/enterprise"
|
"href": "/docs/nia/enterprise"
|
||||||
},
|
},
|
||||||
{
|
|
||||||
"title": "Sentinel",
|
|
||||||
"path": "enterprise/sentinel"
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
"title": "License",
|
"title": "License",
|
||||||
"routes": [
|
"routes": [
|
||||||
|
|
|
@ -60,4 +60,11 @@ module.exports = [
|
||||||
'/consul/docs/connect/cluster-peering/usage/establish-cluster-peering',
|
'/consul/docs/connect/cluster-peering/usage/establish-cluster-peering',
|
||||||
permanent: true,
|
permanent: true,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
source:
|
||||||
|
'/consul/docs/enterprise/sentinel',
|
||||||
|
destination:
|
||||||
|
'/consul/docs/dynamic-app-config/kv#using-sentinel-to-apply-policies-for-consul-kv',
|
||||||
|
permanent: true,
|
||||||
|
},
|
||||||
]
|
]
|
||||||
|
|
Loading…
Reference in New Issue