You are launching a new service to be registered with Consul. However, when you attempt to register the service using the following command you are getting a permission denied error.
consul services register /etc/consul.d/client/app1_service.json – token=988b8fb4-357a-376d-057e-9d9fd5a170a2
Based on the information provided below, why can’t you successfully register the service?
——————————————————————————
The configuration below is being used to register the service:
The policy that the token is associated with is below:
A . web-server-1 is an invalid service name
B. the policy has a syntax error and is not enforcing the policy properly
C. the policy does not permit registration of a service named app1-web
D. the ACL system has not been bootstrapped
Answer: C
Explanation:
For this question, I wanted to tie in multiple sections but focus on the ACL section. If you look at the service configuration, the service name is actually app1-web, while the ID of the node registering the service is web-server-1. When the service is registered by running the consul register command above, the service that would be created in Consul is app1-web, however, the policy only allows the token write permissions for a service named web-server-1.
To fix this, you could either modify the policy to permit write access for a service named app1-web, or modify the name of the service in the configuration file to be web-server-1. Basically, if the rule doesn’t have "_prefix", it must match the name exactly.
https://www.consul.io/docs/acl/acl-system.html
Latest Consul Associate Dumps Valid Version with 171 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund