status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

ACL doc clarification 

Fixes #443
This commit is contained in:
Laurent Raufaste 2014-10-30 21:44:23 -04:00
parent 38448015e1
commit 33c0de708d
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
website/source/docs/agent/options.html.markdown
View File

@ -178,7 +178,12 @@ definitions support being updated during a reload.
* `acl_datacenter` - Only used by servers. This designates the datacenter which
is authoritative for ACL information. It must be provided to enable ACLs.
All servers and datacenters must agree on the ACL datacenter.
All servers and datacenters must agree on the ACL datacenter. Setting it on
the servers is all you need for enforcement, but for the APIs to work on the
clients, it must be set (to forward properly). Also, if we want to enhance
the ACL support for other features like service discovery, enforcement
might move to the edges, so it's best to just set the acl_datacenter on all
the nodes.
* `acl_default_policy` - Either "allow" or "deny", defaults to "allow". The
default policy controls the behavior of a token when there is no matching