Announcing
HashiCorp Consul Service on Azure General Availability

Learn how Consul fits into the

Provision, Secure, Connect, and Run

Any infrastructure for any application

HashiCorp Logo Learn the HashiCorp Enterprise Stack

Provision

  • Vagrant Logo
    Vagrant
    • Build
    • Test
  • Packer Logo
    Packer
    • Package
  • Terraform Logo
    Terraform
    • Provision

Secure

  • Vault Logo
    Vault
    • Secure

Connect

  • Consul Logo
    Consul
    • Connect

Run

  • Nomad Logo
    Nomad
    • Run

Seven elements of the modern Application Lifecycle

  • Overview
    • Service Discovery and Health Checking
    • Network Infrastructure Automation
    • Multi-Platform Service Mesh
  • Enterprise
  • Tutorials
  • Docs
  • API
  • Community
GitHub—
Download
Documentation Menu
    ×
  • Installing Consul
    • Overview
    • Required Ports
    • Bootstrapping a Datacenter
    • Server Performance
  • Upgrading
    • Overview
    • Compatibility Promise
    • Specific Version Details
  • Glossary
  • Internals
    • Overview
    • Architecture
    • Consensus Protocol
    • Gossip Protocol
    • Network Coordinates
    • Sessions
    • Anti-Entropy
    • Security Model
    • Jepsen Testing
    • Discovery Chain
  • Commands (CLI)
    • Overview
    • acl
      • Overview
      • auth-method
        • Overview
        • create
        • delete
        • list
        • read
        • update
      • binding-rule
        • Overview
        • create
        • delete
        • list
        • read
        • update
      • bootstrap
      • policy
        • Overview
        • create
        • delete
        • list
        • read
        • update
      • role
        • Overview
        • create
        • delete
        • list
        • read
        • update
      • set-agent-token
      • token
        • Overview
        • clone
        • create
        • delete
        • list
        • read
        • update
      • translate-rules
    • agent
    • catalog
      • Overview
      • datacenters
      • nodes
      • services
    • config
      • Overview
      • delete
      • list
      • read
      • write
    • connect
      • Overview
      • ca
      • proxy
      • envoy
      • expose
    • debug
    • event
    • exec
    • force-leave
    • info
    • intention
      • Overview
      • check
      • create
      • delete
      • get
      • match
    • join
    • keygen
    • keyring
    • kv
      • Overview
      • delete
      • export
      • get
      • import
      • put
    • leave
    • license
    • lock
    • login
    • logout
    • maint
    • members
    • monitor
    • namespace
      • Overview
      • create
      • delete
      • list
      • read
      • update
      • write
    • operator
      • Overview
      • area
      • autopilot
      • raft
    • reload
    • rtt
    • services
      • Overview
      • register
      • deregister
    • snapshot
      • Overview
      • agent
      • inspect
      • restore
      • save
    • tls
      • Overview
      • ca
      • cert
    • validate
    • version
    • watch
  • Agent
    • Overview
    • DNS Interface
    • Configuration
    • Configuration Entries
      • Overview
      • ingress-gateway
      • proxy-defaults
      • service-defaults
      • service-resolver
      • service-router
      • service-splitter
      • terminating-gateway
    • Cloud Auto-join
    • Service Definitions
    • Check Definitions
    • Consul KV
    • Sentinel
    • Encryption
    • Telemetry
    • Watches
  • Access Control (ACLs)
    • Overview
    • ACL System
    • ACL Rules
    • Legacy Mode
    • Token Migration
    • Auth Methods
      • Overview
      • Kubernetes
      • JWT
      • OIDC
  • Connect - Service Mesh
    • Overview
    • Configuration
    • Connectivity Tasks
    • Architecture
    • Observability
    • L7 Traffic Management
    • Intentions - Security Policies
    • Supported Proxies
      • Overview
      • Envoy
      • Built-in Proxy
      • Proxy Integration
    • Gateways
      • Overview
      • Mesh Gateways
      • WAN Federation via Mesh Gateways
      • Ingress Gateways
      • Terminating Gateways
    • Registering Proxies
      • Overview
      • Proxy Service Registration
      • Sidecar Service Registration
    • Securing Connect
    • Certificate Management
      • Overview
      • Built-In CA
      • Vault
      • ACM Private CA
    • Native App Integration
      • Overview
      • Go Integration
    • Develop and Debug
    • Nomad
    • Kubernetes
  • Kubernetes
    • Overview
    • Installation
      • Overview
      • Platform Guides
        • Minikube
        • AKS (Azure)
        • EKS (AWS)
        • GKE (Google Cloud)
        • Self Hosted Kubernetes
      • Deployment Configurations
        • Consul Clients Outside Kubernetes
        • Consul Servers Outside Kubernetes
        • Consul Enterprise
      • Multi-Cluster Federation
        • Overview
        • Federation Between Kubernetes Clusters
        • Federation Between VMs and Kubernetes
    • Operations
      • Upgrading
      • Configuring TLS on an Existing Cluster
      • Uninstalling
    • Connect Service Mesh
      • Overview
      • Ingress Gateways
      • Terminating Gateways
      • Configuring a Connect CA Provider
    • Service Sync
    • Consul DNS
    • Ambassador Integration
    • Helm Chart Reference
  • Common Error Messages
  • FAQ
  • Consul Integration Program
  • Consul Enterprise
    • Overview
    • Audit Logging
    • Automated Backups
    • Automated Upgrades
    • Enhanced Read Scalability
    • Redundancy Zones
    • Advanced Federation
    • Network Segments
    • Namespaces
    • Sentinel

»Sentinel in Consul

Enterprise

This feature requires Consul Enterprise with the Governance and Policy module.

Sentinel policies extend the ACL system in Consul beyond static "read", "write", and "deny" policies to support full conditional logic and integration with external systems. Learn more about Sentinel here..

To get started with Sentinel in Consul, read the general documentation or Consul documentation.

Edit this page
IntroGuidesDocsCommunityPrivacySecurityPress KitConsent Manager