Skip to content

Commit

Permalink
Merge pull request #3 from hashicorp/acl-token-rename
Browse files Browse the repository at this point in the history 
Acl token rename
  • Loading branch information
@karl-cardenas-coding
karl-cardenas-coding authored Feb 22, 2022
2 parents 5f287ea + 38c8823 commit 9a2a2b7
Show file tree
Hide file tree
Showing 14 changed files with 31 additions and 24 deletions.
4 changes: 2 additions & 2 deletions datacenter-deploy-auto-config/secint/consul/server1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand All @@ -26,7 +26,7 @@
"authorization": {
"enabled": true,
"static": {
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFlUd7FoWSPtRl5maa58XDDjiFplNBxtai41Hq8rnyfQxirYQoLKHKakuZAGpn3PwYewEbYrB+b1f7/P6DzWBRg==\n-----END PUBLIC KEY-----\n"],
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFGvHJZCj5SsFlOI48A+Dc4Hezywd\nN8YYjMAQrPTcG6f3jdIEBsh/sVgFTyDYmnwuX6S2ZE3nJ5TtUeJxwwg4EQ==\n-----END PUBLIC KEY-----\n"],
"bound_issuer": "secint",
"bound_audiences": ["consul-cluster-dc1"],
"claim_mappings": {
Expand Down
4 changes: 2 additions & 2 deletions datacenter-deploy-auto-config/secint/consul/server2.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand All @@ -26,7 +26,7 @@
"authorization": {
"enabled": true,
"static": {
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFlUd7FoWSPtRl5maa58XDDjiFplNBxtai41Hq8rnyfQxirYQoLKHKakuZAGpn3PwYewEbYrB+b1f7/P6DzWBRg==\n-----END PUBLIC KEY-----\n"],
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFGvHJZCj5SsFlOI48A+Dc4Hezywd\nN8YYjMAQrPTcG6f3jdIEBsh/sVgFTyDYmnwuX6S2ZE3nJ5TtUeJxwwg4EQ==\n-----END PUBLIC KEY-----\n"],
"bound_issuer": "secint",
"bound_audiences": ["consul-cluster-dc1"],
"claim_mappings": {
Expand Down
4 changes: 2 additions & 2 deletions datacenter-deploy-auto-config/secint/consul/server3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand All @@ -26,7 +26,7 @@
"authorization": {
"enabled": true,
"static": {
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFlUd7FoWSPtRl5maa58XDDjiFplNBxtai41Hq8rnyfQxirYQoLKHKakuZAGpn3PwYewEbYrB+b1f7/P6DzWBRg==\n-----END PUBLIC KEY-----\n"],
"jwt_validation_pub_keys": ["-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEFGvHJZCj5SsFlOI48A+Dc4Hezywd\nN8YYjMAQrPTcG6f3jdIEBsh/sVgFTyDYmnwuX6S2ZE3nJ5TtUeJxwwg4EQ==\n-----END PUBLIC KEY-----\n"],
"bound_issuer": "secint",
"bound_audiences": ["consul-cluster-dc1"],
"claim_mappings": {
Expand Down
6 changes: 3 additions & 3 deletions datacenter-deploy-auto-config/secint/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: '3.7'
services:

consul-server1:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server1
hostname: consul-server1
restart: always
Expand All @@ -19,7 +19,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server2:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server2
hostname: consul-server2
restart: always
Expand All @@ -31,7 +31,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server3:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server3
hostname: consul-server3
restart: always
Expand Down
1 change: 0 additions & 1 deletion datacenter-deploy-auto-config/secint/tokens/jwt
View file
Original file line number Diff line number Diff line change
@@ -1 +0,0 @@
eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsiY29uc3VsLWNsdXN0ZXItZGMxIl0sImV4cCI6MTYyOTg3NDIwNywiaXNzIjoic2VjaW50IiwianRpIjoiZmM5OTE2OWYtNmRjOC1lNzQ0LWUyNzUtMGMyODZjMTAyMWI5IiwibmJmIjoxNjI5ODMwOTQ3LCJzdWIiOiJjb25zdWwtY2xpZW50In0.GqlUANGapiZep6-WnCPOXkd3HLuvaYzHHD7fybf1G2abz_HMBPvcHCbwi7wpQsiTmvtiD-Zw1G3JMynUZLNVXQ
2 changes: 1 addition & 1 deletion datacenter-deploy-auto-config/vault/consul/server1.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand Down
2 changes: 1 addition & 1 deletion datacenter-deploy-auto-config/vault/consul/server2.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand Down
2 changes: 1 addition & 1 deletion datacenter-deploy-auto-config/vault/consul/server3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand Down
2 changes: 1 addition & 1 deletion datacenter-deploy-auto-config/vault/consul/test-configs/server1-vault.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand Down
2 changes: 1 addition & 1 deletion datacenter-deploy-auto-config/vault/consul/test-configs/server3-secint.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
"default_policy": "deny",
"enable_token_persistence": true,
"tokens": {
"master": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"initial_management": "e95b599e-166e-7d80-08ad-aee76e7ddf19",
"agent": "e95b599e-166e-7d80-08ad-aee76e7ddf19"
}
},
Expand Down
8 changes: 4 additions & 4 deletions datacenter-deploy-auto-config/vault/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: '3.7'
services:

consul-server1:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server1
hostname: consul-server1
depends_on:
Expand All @@ -21,7 +21,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server2:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server2
hostname: consul-server2
depends_on:
Expand All @@ -35,7 +35,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server3:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-server3
hostname: consul-server3
depends_on:
Expand All @@ -49,7 +49,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-client:
image: hashicorp/consul:1.10.1
image: hashicorp/consul:1.11.2
container_name: consul-client
hostname: consul-client
restart: always
Expand Down
1 change: 0 additions & 1 deletion datacenter-deploy-auto-config/vault/tokens/jwt
View file
Original file line number Diff line number Diff line change
@@ -1 +0,0 @@
eyJhbGciOiJSUzI1NiIsImtpZCI6IjI4YjA2NDlmLTdlNjktMWFhMC03ZmYyLWI4ZDU5NGJhZmE5MCJ9.eyJhdWQiOiJjb25zdWwtY2x1c3Rlci1kYzEiLCJjb25zdWwiOnsiaG9zdG5hbWUiOiJjb25zdWwtY2xpZW50In0sImV4cCI6MTYyOTc5MDc5MywiaWF0IjoxNjI5NzQ3NTkzLCJpc3MiOiJodHRwOi8vdmF1bHQtc2VydmVyOjgyMDAvdjEvaWRlbnRpdHkvb2lkYyIsIm5hbWVzcGFjZSI6InJvb3QiLCJzdWIiOiI4NWE5ZWMxYi1iMTcyLWU1YWEtZmU3Ni0xMzFkOWFjZmVjZTgifQ.LDyLxW0DNEvG208WGRMctjet3oYGZDaJyeJbtzDPwZpzuOL8JErq3rURZDHuMPPtjQGuDZxBWXMtk4MFKU7wl9AXGx3szVe7wks9TJUNxUHIudk6MTLSAnNCVzlPQ2urHXkJd9h-J2eV_0CiR97cSOKtpsid0KKg9bLwCLkTqn9QOtif1dyxIZDNwcyx9aWP0T661sGFO1HfyCIbcdGcPsDVEG01PP4twIGOT0sPVtd3s1U99LTa51zU_BsAU90Or1JIPRw0XStL6m5WHsVOLd1LylZaKR_lMbUPxZz26sbfQ_DBBtEKkPeVbNzEBH7J45JdECggy_1LDtgeBvWl6Q
9 changes: 9 additions & 0 deletions datacenter-deploy-secure/consul-acl.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
{
"acl": {
"enabled": true,
"default_policy": "deny",
"down_policy": "extend-cache",
"enable_token_persistence": true
}
}

8 changes: 4 additions & 4 deletions datacenter-deploy-secure/docker-compose.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ version: '3.7'
services:

consul-server1:
image: hashicorp/consul:1.10.0
image: hashicorp/consul:1.11.2
container_name: consul-server1
restart: always
volumes:
Expand All @@ -18,7 +18,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server2:
image: hashicorp/consul:1.10.0
image: hashicorp/consul:1.11.2
container_name: consul-server2
restart: always
volumes:
Expand All @@ -29,7 +29,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-server3:
image: hashicorp/consul:1.10.0
image: hashicorp/consul:1.11.2
container_name: consul-server3
restart: always
volumes:
Expand All @@ -40,7 +40,7 @@ services:
command: "agent -bootstrap-expect=3"

consul-client:
image: hashicorp/consul:1.10.0
image: hashicorp/consul:1.11.2
container_name: consul-client
restart: always
volumes:
Expand Down

0 comments on commit 9a2a2b7

Please sign in to comment.