status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

fixed merge conflicts

This commit is contained in:
trujillo-adam 2021-12-14 12:28:15 -08:00
parent 4840ba85ed
commit a2327c7a81
1 changed files with 0 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
website/content/docs/enterprise/admin-partitions.mdx
View File

@ -22,11 +22,7 @@ Admin partitions exist a level above namespaces in the identity hierarchy. They
### Default Admin Partition ### Default Admin Partition
<<<<<<< HEAD
Each Consul cluster will have a default admin partition named `default`. The `default` admin partition is special because it can contain namespaces and other resources that are replicated between datacenters. The `default` partition must also contain the Consul servers. Each Consul cluster will have a default admin partition named `default`. The `default` admin partition is special because it can contain namespaces and other resources that are replicated between datacenters. The `default` partition must also contain the Consul servers.
=======
Each Consul cluster will have a default admin partition (named `default`). The `default` admin partition is special because it can contain namespaces and other resources that are replicated between datacenters. The `default` partition must also contain the Consul servers.
>>>>>>> 69d07dcc928406490f81753242f56f5595d8c0b7
Any resource created without specifying an admin partition will inherit the partition of the ACL token. Any resource created without specifying an admin partition will inherit the partition of the ACL token.
@ -70,11 +66,7 @@ Your Consul configuration must meet the following requirements to use admin part
* The agent token used by the client agent must allow `node:write` in the admin partition. * The agent token used by the client agent must allow `node:write` in the admin partition.
* The `write` permission for `proxy-defaults` requires `mesh:write`. See [Admin Partition Rules](/docs/security/acl/acl-rules#admin-partition-rules) for additional information. * The `write` permission for `proxy-defaults` requires `mesh:write`. See [Admin Partition Rules](/docs/security/acl/acl-rules#admin-partition-rules) for additional information.
* The `write` permissions for ingress and terminating gateways require `mesh:write` privileges. * The `write` permissions for ingress and terminating gateways require `mesh:write` privileges.
<<<<<<< HEAD
* Wildcards (`*`) are not supported for the partitions field when creating intentions for admin partitions. The partition name must be explicitly specified.
=======
* Wildcards (`*`) are not supported for the partition field when creating intentions for admin partitions. The partition name must be explicitly specified. * Wildcards (`*`) are not supported for the partition field when creating intentions for admin partitions. The partition name must be explicitly specified.
>>>>>>> 69d07dcc928406490f81753242f56f5595d8c0b7
* With the exception of the `default` admin partition, ACL rules configured for admin partitions are isolated, so policies defined in partitions outside of the `default` partition can only reference their local partition. * With the exception of the `default` admin partition, ACL rules configured for admin partitions are isolated, so policies defined in partitions outside of the `default` partition can only reference their local partition.
### Agent Configurations ### Agent Configurations