Production Installation

    1. TLS Encryption for RPC communication between Consul clients and servers.
    2. for authentication and authorization for Consul clients and services on the mesh.

    NOTE: This page assumes that you have already configured your Consul server with the above features.

    Before deploying your service, you will need to deploy the ACL controller so that it can provision the necessary tokens for tasks on the service mesh. To learn more about the ACL Controller, please see .

    Use the acl-controller terraform module to deploy the controller:

    The parameter is used to prefix any secrets that the ACL controller will update in AWS Secrets Manager.

    Deploy Services

    Once the ACL controller is up and running, you will be able to deploy services on the mesh using the mesh-task module. Start with the basic configuration for the and specify additional settings to make the configuration production-ready.

    First, you will need to create an AWS Secrets Manager secret for the gossip encryption key that the Consul clients should use.

    Now you can deploy your services! Follow the rest of the steps in the Installation instructions to deploy and connect your services.