From e9a42df7c72ad39c2832e29c2e28ecead0e947ca Mon Sep 17 00:00:00 2001 From: trujillo-adam Date: Tue, 1 Mar 2022 10:03:22 -0800 Subject: [PATCH] renamed acl-overview to index, fixed formatting, reworded node/service ID intros --- website/content/docs/security/acl/acl-roles.mdx | 8 +++++--- website/content/docs/security/acl/acl-tokens.mdx | 2 +- .../docs/security/acl/{acl-system.mdx => index.mdx} | 4 ++-- website/data/docs-nav-data.json | 2 +- 4 files changed, 9 insertions(+), 7 deletions(-) rename website/content/docs/security/acl/{acl-system.mdx => index.mdx} (94%) diff --git a/website/content/docs/security/acl/acl-roles.mdx b/website/content/docs/security/acl/acl-roles.mdx index 4a92045f8a..b975c938e6 100644 --- a/website/content/docs/security/acl/acl-roles.mdx +++ b/website/content/docs/security/acl/acl-roles.mdx @@ -70,7 +70,9 @@ Roles may contain the following table describe the attributes: -You can specify a service identity when configuring roles or linking tokens to policies. Service identities are used during the authorization process to automatically generate a policy for the service(s) specifed. The policy will be linked to the role or token so that the service(s) can _be discovered_ and _discover other healthy service instances_ in a service mesh. See [Service Mesh](/docs/connect) for additional information about Consul service mesh. Service identities enable you to quickly construct policies for services, rather than creating identical polices for each service. +You can specify a service identity when configuring roles or linking tokens to policies. Service identities enable you to quickly construct policies for services, rather than creating identical polices for each service. + +Service identities are used during the authorization process to automatically generate a policy for the service(s) specifed. The policy will be linked to the role or token so that the service(s) can _be discovered_ and _discover other healthy service instances_ in a service mesh. Refer to the [service mesh](/docs/connect) topic for additional information about Consul service mesh. ### Service Identity Specification @@ -242,9 +244,9 @@ node_prefix "" { -You can specify a node identity when configuring roles or linking tokens to policies. Node identities are used during the authorization process to automatically generate a policy for the node(s) specifed. In most cases, "node" refers to a Consul agent. +You can specify a node identity when configuring roles or linking tokens to policies. _Node_ commonly refers to a Consul agent, but a node can also be a physical server, cloud instance, virtual machine, or container. -You can specify the token linked to the policy in the [`acl_tokens_agent`](/docs/agent/options#acl_tokens_agent) field when configuring the agent. Node identities enable you to quickly construct policies for nodes, rather than creating identical polices for each node. +Node identities enable you to quickly construct policies for nodes, rather than manually creating identical polices for each node. They are used during the authorization process to automatically generate a policy for the node(s) specifed. You can specify the token linked to the policy in the [`acl_tokens_agent`](/docs/agent/options#acl_tokens_agent) field when configuring the agent. ### Node Identity Specification diff --git a/website/content/docs/security/acl/acl-tokens.mdx b/website/content/docs/security/acl/acl-tokens.mdx index 108b4f4389..cedb2cf29f 100644 --- a/website/content/docs/security/acl/acl-tokens.mdx +++ b/website/content/docs/security/acl/acl-tokens.mdx @@ -106,7 +106,7 @@ In the following example, the agent is configured to use a default token: -Refer to the [agent configurations documentation]() for additional information. +Refer to the [agent configurations documentation](/docs/agent/options) for additional information. ### Command Line Requests diff --git a/website/content/docs/security/acl/acl-system.mdx b/website/content/docs/security/acl/index.mdx similarity index 94% rename from website/content/docs/security/acl/acl-system.mdx rename to website/content/docs/security/acl/index.mdx index 9d2b6189ad..cc0be021f7 100644 --- a/website/content/docs/security/acl/acl-system.mdx +++ b/website/content/docs/security/acl/index.mdx @@ -27,9 +27,9 @@ Implementations may vary depending on the needs of the organization, but the fol 1. The person responsible for administrating ACLs in your organization specifies one or more authentication rules to define a [policy](#policies). 1. The ACL administrator uses the Consul API to generate and link a [token](#tokens) to one or more policies. The following diagram illustrates the relationship between rules, policies, and tokens: -![ACL system component relationships](/img/acl-token-policy-rule-relationship.png) + ![ACL system component relationships](/img/acl-token-policy-rule-relationship.png) -The ACL administrator can create and link additional artifacts to tokens, such as [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements. + The ACL administrator can create and link additional artifacts to tokens, such as [service identities](#service-identities), [node identities](#node-identities), and [roles](#roles) that enable policies to accommodate more complex requirements. 1. Tokens are distributed to end users and incorporated into their services. 1. Agents and services present the token when making requests. diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index 3033c083bc..031a96f22c 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -868,7 +868,7 @@ "routes": [ { "title": "ACL System Overview", - "path": "security/acl/acl-system" + "path": "security/acl" }, { "title": "Tokens",