docs: Redirect /docs/security/acl/acl-system (hashicorp#12975)

/docs/security/acl/acl-system was renamed in e9a42df from PR hashicorp#12460 to /docs/security/acl. A corresponding redirect was not added for this page, resulting in a 404 being returned when accessing the old URL path. This commit redirects the former URL path to the new location, and also updates all links on the site to point to the new location.
neuvector · May 9, 2022 · a78015c · a78015c
1 parent 8661be4
commit a78015c
Show file tree

Hide file tree

Showing 14 changed files with 40 additions and 30 deletions.
diff --git a/website/content/api-docs/acl/roles.mdx b/website/content/api-docs/acl/roles.mdx
@@ -50,7 +50,7 @@ The corresponding CLI command is [`consul acl role create`](/commands/acl/role/c
   breaking tokens.
 
 - `ServiceIdentities` `(array<ServiceIdentity>)` - The list of [service
-  identities](/docs/security/acl/acl-system#acl-service-identities) that should be
+  identities](/docs/security/acl#service-identities) that should be
   applied to the role. Added in Consul 1.5.0.
 
   - `ServiceName` `(string: <required>)` - The name of the service. The name
@@ -64,7 +64,7 @@ The corresponding CLI command is [`consul acl role create`](/commands/acl/role/c
     but may in the future.
 
 - `NodeIdentities` `(array<NodeIdentity>)` - The list of [node
-  identities](/docs/security/acl/acl-system#acl-node-identities) that should be
+  identities](/docs/security/acl#node-identities) that should be
   applied to the role. Added in Consul 1.8.1.
 
   - `NodeName` `(string: <required>)` - The name of the node. The name
@@ -339,11 +339,11 @@ The corresponding CLI command is [`consul acl role update`](/commands/acl/role/u
   breaking tokens.
 
 - `ServiceIdentities` `(array<ServiceIdentity>)` - The list of [service
-  identities](/docs/security/acl/acl-system#acl-service-identities) that should be
+  identities](/docs/security/acl#service-identities) that should be
   applied to the role. Added in Consul 1.5.0.
 
 - `NodeIdentities` `(array<NodeIdentity>)` - The list of [node
-  identities](/docs/security/acl/acl-system#acl-node-identities) that should be
+  identities](/docs/security/acl#node-identities) that should be
   applied to the role. Added in Consul 1.8.1.
 
 - `Namespace` `(string: "")` <EnterpriseAlert inline /> - Specifies the namespace of

diff --git a/website/content/api-docs/acl/tokens.mdx b/website/content/api-docs/acl/tokens.mdx
@@ -62,7 +62,7 @@ The corresponding CLI command is [`consul acl token create`](/commands/acl/token
   enables role renaming without breaking tokens. Added in Consul 1.5.0.
 
 - `ServiceIdentities` `(array<ServiceIdentity>)` - The list of [service
-  identities](/docs/security/acl/acl-system#acl-service-identities) that should be
+  identities](/docs/security/acl#service-identities) that should be
   applied to the token. Added in Consul 1.5.0.
 
   - `ServiceName` `(string: <required>)` - The name of the service. The name
@@ -76,7 +76,7 @@ The corresponding CLI command is [`consul acl token create`](/commands/acl/token
     but may in the future.
 
 - `NodeIdentities` `(array<NodeIdentity>)` - The list of [node
-  identities](/docs/security/acl/acl-system#acl-node-identities) that should be
+  identities](/docs/security/acl#node-identities) that should be
   applied to the token. Added in Consul 1.8.1.
 
   - `NodeName` `(string: <required>)` - The name of the node. The name
@@ -418,7 +418,7 @@ The corresponding CLI command is [`consul acl token update`](/commands/acl/token
   enables role renaming without breaking tokens.
 
 - `ServiceIdentities` `(array<ServiceIdentity>)` - The list of [service
-  identities](/docs/security/acl/acl-system#acl-service-identities) that should be
+  identities](/docs/security/acl#service-identities) that should be
   applied to the token. Added in Consul 1.5.0.
 
   - `ServiceName` `(string: <required>)` - The name of the service. The name
@@ -432,7 +432,7 @@ The corresponding CLI command is [`consul acl token update`](/commands/acl/token
     but may in the future.
 
 - `NodeIdentities` `(array<NodeIdentity>)` - The list of [node
-  identities](/docs/security/acl/acl-system#acl-node-identities) that should be
+  identities](/docs/security/acl#node-identities) that should be
   applied to the token. Added in Consul 1.8.1.
 
   - `NodeName` `(string: <required>)` - The name of the node. The name

diff --git a/website/content/api-docs/index.mdx b/website/content/api-docs/index.mdx
@@ -44,7 +44,7 @@ Previously this was provided via a `?token=` query parameter. This functionality
 exists on many endpoints for backwards compatibility, but its use is **highly
 discouraged**, since it can show up in access logs as part of the URL.
 
-To learn more about the ACL system read the [documentation](/docs/security/acl/acl-system).
+To learn more about the ACL system read the [documentation](/docs/security/acl).
 
 ## Version Prefix
 

diff --git a/website/content/commands/exec.mdx b/website/content/commands/exec.mdx
@@ -40,7 +40,7 @@ execute this command.
 | `key:write`     | `"_rexec"` prefix |
 | `event:write`   | `"_rexec"` prefix |
 
-In addition to the above, the policy associated with the [agent token](/docs/security/acl/acl-system#acl-agent-token) should have `write` on `"_rexec"` key prefix. This is for the agents to read the `exec` command and write its output back to the KV store.
+In addition to the above, the policy associated with the [agent token](/docs/security/acl/acl-tokens#acl-agent-token) should have `write` on `"_rexec"` key prefix. This is for the agents to read the `exec` command and write its output back to the KV store.
 
 ## Usage
 

diff --git a/website/content/commands/index.mdx b/website/content/commands/index.mdx
@@ -94,7 +94,7 @@ Command Options
 ## Authentication
 
 When the [ACL system is enabled](/docs/agent/options#acl_enabled) the Consul CLI will
-require an [ACL token](/docs/security/acl/acl-system#tokens) to perform API requests.
+require an [ACL token](/docs/security/acl#tokens) to perform API requests.
 
 The ACL token can be provided directly on the command line using the `-token` command line flag,
 from a file using the `-token-file` command line flag, or from the

diff --git a/website/content/docs/discovery/dns.mdx b/website/content/docs/discovery/dns.mdx
@@ -488,14 +488,14 @@ or local datacenter respectively.
 ## DNS with ACLs
 
 In order to use the DNS interface when
-[Access Control Lists (ACLs)](/docs/security/acl/acl-system)
+[Access Control Lists (ACLs)](/docs/security/acl)
 are enabled, you must first create ACL tokens with the necessary policies.
 
 Consul agents resolve DNS requests using one of the preconfigured tokens below,
 listed in order of precedence:
 
 1. The agent's [`default` token](/docs/agent/config/config-files#acl_tokens_default).
-2. The built-in [`anonymous` token](/docs/security/acl/acl-system#builtin-tokens).
+2. The built-in [`anonymous` token](/docs/security/acl/acl-tokens#built-in-tokens).
    Because the anonymous token is used when any request is made to Consul without
    explicitly specifying a token, production deployments should not apply policies
    needed for DNS to this token.

diff --git a/website/content/docs/ecs/manual/secure-configuration.mdx b/website/content/docs/ecs/manual/secure-configuration.mdx
@@ -57,7 +57,7 @@ names on ECS are not known until runtime.
 
 ### Create service tokens
 
-Service tokens should be associated with a [service identity](https://www.consul.io/docs/security/acl/acl-system#acl-service-identities).
+Service tokens should be associated with a [service identity](/docs/security/acl#service-identities).
 The service identity includes `service:write` permissions for the service and sidecar proxy.
 
 The following example shows how to use the Consul CLI to create a service token for a service named `example-client-app`:

diff --git a/website/content/docs/enterprise/audit-logging.mdx b/website/content/docs/enterprise/audit-logging.mdx
@@ -138,7 +138,7 @@ is set to `OperationStart` which indicates the agent has begun processing the
 request.
 
 The value of the `payload.auth.accessor_id` field is the accessor ID of the
-[ACL token](/docs/security/acl/acl-system#acl-tokens) which issued the request.
+[ACL token](/docs/security/acl#tokens) which issued the request.
 
 <CodeBlockConfig highlight="10">
 

diff --git a/website/content/docs/release-notes/consul/v1_11_x.mdx b/website/content/docs/release-notes/consul/v1_11_x.mdx
@@ -23,7 +23,7 @@ description: >-
 
 - The legacy ACL system that was deprecated in Consul 1.4.0 has been removed. Before upgrading you should verify that all tokens and policies have been migrated to the newer ACL system. See the [Migrate Legacy ACL Tokens Learn Guide](https://learn.hashicorp.com/tutorials/consul/access-control-token-migration) for more information.
 
-- The `agent_master` ACL token has been renamed to `agent_recovery` ACL token. In addition, the `consul acl set-agent-token master` command has been replaced with `consul acl set-agent-token recovery`. See [ACL Agent Recovery Token](/docs/security/acl/acl-system#acl-agent-recovery-token) and [Consul ACL Set Agent Token](/commands/acl/set-agent-token) for more information.
+- The `agent_master` ACL token has been renamed to `agent_recovery` ACL token. In addition, the `consul acl set-agent-token master` command has been replaced with `consul acl set-agent-token recovery`. See [ACL Agent Recovery Token](/docs/security/acl/acl-tokens#acl-agent-recovery-token) and [Consul ACL Set Agent Token](/commands/acl/set-agent-token) for more information.
 
 - Drops support for Envoy versions 1.15.x and 1.16.x
 

diff --git a/website/content/docs/security/acl/acl-federated-datacenters.mdx b/website/content/docs/security/acl/acl-federated-datacenters.mdx
@@ -180,12 +180,12 @@ $ consul join -token="ACL_MANAGEMENT_TOKEN" -wan [server 1, server 2, ...]
 
 ## Configure Clients in Secondary Datacenters
 
-When ACLs are enabled, client agents need a special token known as the [`agent token`](/docs/security/acl/acl-system#acl-agent-token) to perform internal operations. Agent tokens need to have the right policies for node related actions, including
+When ACLs are enabled, client agents need a special token known as the [`agent token`](/docs/security/acl/acl-tokens#acl-agent-token) to perform internal operations. Agent tokens need to have the right policies for node related actions, including
 registering itself in the catalog, updating node level health checks, and performing [anti-entropy](/docs/architecture/anti-entropy) syncing.
 
 ### Generate Agent ACL Token
 
-[ACL Node Identities](/docs/security/acl/acl-system#acl-node-identities) were introduced
+[ACL Node Identities](/docs/security/acl#node-identities) were introduced
 in Consul 1.8.1 and enable easily creating agent tokens with appropriately scoped policies.
 
 To generate the ACL token using node identity, run the following command:

diff --git a/website/content/docs/security/acl/acl-legacy.mdx b/website/content/docs/security/acl/acl-legacy.mdx
@@ -10,12 +10,12 @@ description: >-
 
 # ACL System in Legacy Mode
 
--> **1.3.0 and earlier:** This document only applies in Consul versions 1.3.0 and before. If you are using version 1.4.0 or later please use the updated documentation [here](/docs/security/acl/acl-system).
+-> **1.3.0 and earlier:** This document only applies in Consul versions 1.3.0 and before. If you are using version 1.4.0 or later please use the updated documentation [here](/docs/security/acl).
 
 ~> **Alert: Deprecation Notice**
 The ACL system described here was Consul's original ACL implementation.
 The legacy ACL system was deprecated in Consul 1.4.0 and removed in Consul 1.11.0.
-The documentation for the new ACL system can be found [here](/docs/security/acl/acl-system). For information on how to migrate to the new ACL System, please read the [Migrate Legacy ACL Tokens](https://learn.hashicorp.com/tutorials/consul/access-control-token-migration) tutorial.
+The documentation for the new ACL system can be found [here](/docs/security/acl). For information on how to migrate to the new ACL System, please read the [Migrate Legacy ACL Tokens](https://learn.hashicorp.com/tutorials/consul/access-control-token-migration) tutorial.
 
 The legacy documentation has two sections.
 
@@ -26,7 +26,7 @@ The legacy documentation has two sections.
 
 # New ACL System Differences
 
-The [ACL System documentation](/docs/security/acl/acl-system) and [legacy ACL
+The [ACL System documentation](/docs/security/acl) and [legacy ACL
 documentation](/docs/security/acl/acl-legacy) describes the new and old systems in
 detail. Below is a summary of the changes that need to be considered when
 migrating legacy tokens to the new system.

diff --git a/website/content/docs/security/acl/acl-tokens.mdx b/website/content/docs/security/acl/acl-tokens.mdx
@@ -13,13 +13,13 @@ This topic describes access control list (ACL) tokens, which are the core method
 
 Tokens are artifacts in the ACL system used to authenticate users, services, and Consul agents. When ACLs are enabled, entities requesting access to a resource must include a token that has been linked with a policy, service identity, or node identity that grants permission to the resource. The ACL system checks the token and grants or denies access to resource based on the associated permissions.
 
-Refer to the [ACL system workflow overview](/docs/security/acl/acl-system#workflow-overview) for information about tokens' role in the ACL system.
+Refer to the [ACL system workflow overview](/docs/security/acl#workflow-overview) for information about tokens' role in the ACL system.
 
 ## Creating Tokens
 
 The person responsible for administrating ACLs can use the API or CLI to create and link tokens to entities that enable permissions to resources.
 Refer to the [ACL API](/api-docs/acl) and [ACL CLI](/commands/acl) documentation for instructions on how to create and link tokens. Tokens can also be created dynamically from trusted external system using an
-[auth method](/docs/security/acl/auth-methods). 
+[auth method](/docs/security/acl/auth-methods).
 
 Refer to the [Secure Consul with Access Control Lists (ACLs)](https://learn.hashicorp.com/tutorials/consul/access-control-setup-production?in=consul/security) tutorial for help getting started with creating tokens. The tutorial includes an interactive sandbox so that you can perform the procedures without configuring your local environment.
 
@@ -148,8 +148,8 @@ Refer to the [API](/api-docs/acl/token) or [command line](/commands/acl/token) d
 | `Namespace`         | <EnterpriseAlert inline/> Specifies the name of the Consul namespace in which the token is valid. See [Namespaces](/docs/enterprise/namespaces) for additional information.                                                                                | String    | `default`      |
 | `Description`       | Human-readable description for documenting the purpose of the token.                                                                                                                                                                                       | String    | none           |
 | `Local`             | Indicates whether the token should be replicated globally or local to the datacenter. <br/> Set to `false` to replicate globally across all reachable datacenters. <br/>Setting to `true` configures the token to functional in the local datacenter only. | Boolean   | `false`        |
-| `ServiceIdentities` | Specifies a list of nodes to apply to the token. See [Service Identities](/docs/security/roles#service-identities) in the "Roles" topic for additional information.                                                                                        | Array     | none           |
-| `NodeIdentities`    | Specifies a list of nodes to apply to the token. See [Node Identities](/docs/security/roles##node-identities) in the "Roles" topic for additional information.                                                                                             | Array     | none           |
+| `ServiceIdentities` | Specifies a list of nodes to apply to the token. See [Service Identities](/docs/security/acl/acl-roles#service-identities) in the "Roles" topic for additional information.                                                                                        | Array     | none           |
+| `NodeIdentities`    | Specifies a list of nodes to apply to the token. See [Node Identities](/docs/security/acl/acl-roles#node-identities) in the "Roles" topic for additional information.                                                                                             | Array     | none           |
 | `Legacy`            | Indicates if the token was created using the the legacy ACL system.                                                                                                                                                                                        | Boolean   | `false`        |
 | `Policies`          | List of policies linked to the token, including the policy ID and name.                                                                                                                                                                                    | String    | none           |
 

diff --git a/website/content/docs/security/security-models/core.mdx b/website/content/docs/security/security-models/core.mdx
@@ -170,7 +170,7 @@ environment and adapt these configurations accordingly.
   capabilities tied to an individual human, or machine operator identity. To ultimately secure the ACL system,
   administrators should configure the [`default_policy`](/docs/agent/config/config-files#acl_default_policy) to "deny".
 
-  The [system](/docs/security/acl/acl-system) is comprised of five major components:
+  The [system](/docs/security/acl) is comprised of five major components:
 
   - **🗝 Token** - API key associated with policies, roles, or service identities.
 

diff --git a/website/redirects.js b/website/redirects.js
@@ -47,12 +47,22 @@ module.exports = [
   },
   {
     source: '/docs/agent/acl-system',
-    destination: '/docs/security/acl/acl-system',
+    destination: '/docs/security/acl',
     permanent: true,
   },
   {
     source: '/docs/acl/acl-system',
-    destination: '/docs/security/acl/acl-system',
+    destination: '/docs/security/acl',
+    permanent: true,
+  },
+  {
+    source: '/docs/security/acl/acl-system',
+    destination: '/docs/security/acl',
+    permanent: true,
+  },
+  {
+    source: '/docs/security/roles',
+    destination: '/docs/security/acl/acl-roles',
     permanent: true,
   },
   { source: '/docs/agent/http', destination: '/api-docs', permanent: true },
@@ -1287,9 +1297,9 @@ module.exports = [
   {
     source: '/docs/nia/release-notes/0-5-0',
     destination: '/docs/release-notes/consul-terraform-sync/v0_5_x',
-   permanent: true,
+    permanent: true,
   },
-  { 
+  {
     source: '/docs/api-gateway/api-gateway-usage',
     destination: '/docs/api-gateway/consul-api-gateway-install',
     permanent: true,