Hello All,

I am currently trying to deploy a new Consul cluster running version 1.4, and I've encountered an issue following the configuration guide.

Steps below:

$ consul acl bootstrap
AccessorID: 1ee820ce-e149-829f-caba-77ec37be3c98
SecretID: be13b885-ddd4-830a-857c-d5fec72bbe8b (random from the guide)
Description: Bootstrap Token (Global Management)
Local: false
Create Time: 2018-10-19 11:48:25.614214 -0400 EDT
Policies:
00000000-0000-0000-0000-000000000001 - global-management

After the servers are restarted above, you will see new errors in the logs of the Consul servers related to permission denied errors:

2017/07/08 23:38:24 [WARN] agent: Node info update blocked by ACLs
2017/07/08 23:38:44 [WARN] agent: Coordinate update blocked by ACLs

These errors are because the agent doesn't yet have a properly configured acl.tokens.agent that it can use for its own internal operations like updating its node information in the catalog and performing anti-entropy syncing. We can create a token using the ACL API, and the ACL master token we set in the previous step:

The first step is to create a policy for your agent tokens (THIS IS WHERE I'M RECEIVING THE ERROR)

$ consul acl policy create -name "agent-token" -description "Agent Token Policy" -rules @agent-policy.hcl

I created the above file, specified the current file path, but receive the below error:

"Failed to create new policy: Unexpected response code: 403 (rpc error making call: Permission denied)"

Basically trying to call any acl create function, I receive the aforementioned error. Again, I didn't experience this until I bootstrapped a master token. What am I missing ? Is there something I need to do with my newly created master?

Any insight would be greatly appreciated! Thanks!