Managing Consul's Access Control Lists
Consul uses Access Control Lists (ACLs) to secure agents and services and all access points including the UI, API, and CLI. At its core, ACLs operate by grouping rules into policies, then associating one or more policies with a token.
ACLs are recommended for production datacenters, but managing the ACL system can be challenging. We've created a couple of new resources on HashiCorp Learn to help you configure ACLs and create effective policies.
» Get Started
If you are getting started and need to bootstrap the ACL system for the first time, review the Securing Consul with ACLs guide.
» Manage ACL Policies
Before creating your first set of policies, you will need to discover the minimum required privileges, the Learn guide provides several recommendations. After understanding the required privileges, you will also need to understand how to effectively manage ACL policies and tokens. Read the following guide for ACL Policy management best practices.
» Troubleshoot the ACL system
Consul provides a robust set of APIs that you can use to check the health of your datacenter. In the Learn guide, you will learn about several Consul CLI commands that you can use to troubleshoot issues with tokens and policies. Additionally, you will learn about the ACL system reset procedure that can be used encase of an emergency.
Troubleshooting the ACL system
» Learn More
If you are already familiar with using ACLs, check out the agent communication encryption or gossip encryption guides to learn more about securing your datacenter for production deployments.
Sign up for the latest HashiCorp news
More blog posts like this one
![Consul 1.19 improves Kubernetes workflows, snapshot support, and Nomad integration](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1714170780-blog-library-product-consul-dark-gradient.jpg&w=3840&q=75)
Consul 1.19 improves Kubernetes workflows, snapshot support, and Nomad integration
HashiCorp Consul 1.19 simplifies external service registration in Consul on Kubernetes, boosts Nomad support, and adds even more enhancements.
![Mitigate cloud risk with Security Lifecycle Management](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1713794485-aws-slm-img.png&w=1920&q=75)
Mitigate cloud risk with Security Lifecycle Management
Protect, inspect, and connect your sensitive data with Security Lifecycle Management solutions from HashiCorp.
![Introducing The Infrastructure Cloud](/_next/image?url=https%3A%2F%2Fwww.datocms-assets.com%2F2885%2F1715105078-blog-library-product-ic-infrastructure-cloud-hero-logo-image-edited.png&w=3840&q=75)
Introducing The Infrastructure Cloud
Do cloud right with The Infrastructure Cloud from HashiCorp. Unlock developer potential while controlling cloud costs and risk.