diff --git a/website/content/docs/security/acl/index.mdx b/website/content/docs/security/acl/index.mdx index f3a2065685..b4f589447e 100644 --- a/website/content/docs/security/acl/index.mdx +++ b/website/content/docs/security/acl/index.mdx @@ -5,7 +5,7 @@ description: >- Consul's ACL system secures communication and controls access to the API, CLI, and UI. Learn about ACL components and how they interact to authenticate requests and authorize access for your network. --- -# Access Control List (ACL) Overview +# Access Control List (ACL) overview This topic describes core concepts associated with the optional access control list (ACL) system shipped with Consul. ACLs authenticate requests and authorize access to resources. They also control access to the Consul UI, API, and CLI, as well as secure service-to-service and agent-to-agent communication. @@ -20,7 +20,7 @@ Refer to the following tutorials for step-by-step instructions on how to get sta Refer to the [ACL API reference](/consul/api-docs/acl) and [ACL CLI reference](/consul/commands/acl) for additional usage information. -## Workflow Overview +## Workflow overview Implementations may vary depending on the needs of the organization, but the following procedure describes the basic workflow for for creating and implementing ACLs: @@ -29,7 +29,7 @@ Implementations may vary depending on the needs of the organization, but the fol ![ACL system component relationships](/img/acl-token-policy-rule-relationship.png) - The ACL administrator can create and link additional artifacts to tokens, such as [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements. + The ACL administrator can create and link additional artifacts to tokens, such as [templated policies](#templated-policies), [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements. 1. Tokens are distributed to end users and incorporated into their services. 1. Agents and services present the token when making requests. @@ -67,7 +67,7 @@ As a result, roles can provide a more convenient authentication infrastructure t Refer to the [Roles](/consul/docs/security/acl/acl-roles) topic for additional information. -## Templated Policies +## Templated policies Templated policies are configuration blocks that you can add to token and role configurations. Consul uses them to generate a policy. Consul links the generated policy to the role or token, which provides the required access to a particular resource. @@ -79,7 +79,7 @@ Refer to the following topics for more details about policies: - [API documentation for roles](/consul/api-docs/acl/roles#sample-payload) - [API documentation for tokens](/consul/api-docs/acl/tokens#sample-payload) -## Service Identities +## Service identities Service identities are configuration blocks that you can add to role configurations or specify when linking tokens to policies. You can use them during the authorization process to automatically generate a policy for specific services. The policy is linked to the role or token, allowing the services to be discovered and to discover other healthy service instances in a service mesh. @@ -90,7 +90,7 @@ Refer to the following topics for additional information about service identitie - [Service Identities](/consul/docs/security/acl/acl-roles#service-identities) - [API documentation for roles](/consul/api-docs/acl/roles#sample-payload) -## Node Identities +## Node identities Node identities are configuration blocks that you can add to role configurations or specify when linking tokens to policies. You can use them during the authorization process to automatically generate a policy for specific nodes. When you configure the agent, you can specify the token linked to the policy with [`acl_tokens_agent`](/consul/docs/agent/config/config-files#acl_tokens_agent).