Open ziazon opened 3 years ago
@magiconair or anyone else able to help with this?
I'm running some consul connect (native) services with default_policy "deny" and using this policy.
key_prefix "_rexec/" {
policy = "deny"
}
key_prefix "vault/" {
policy = "deny"
}
key_prefix "fabio" {
policy = "write"
}
service_prefix "" {
policy = "write"
}
node_prefix "" {
policy = "read"
}
agent_prefix "" {
policy = "read"
}
@tristanmorgan Thank you! This helped me out last night.
When I set Consul's default_policy to "allow" fabio works as expected. when this is set to "deny" (as it should be in production) fabio stops working.
I've even tried using this policy to generate a token for fabio:
and it still doesn't work as expected.
What is the needed policy for fabio to work with an ACL secured Consul cluster? I also couldn't seem to find anything about it in the docs.
Consul: 1.9.5 Fabio: 1.5.15