I'm attempting to setup a Consul 1.0 cluster in ECS using Terraform. I am able to get Consul up and running as a cluster, but I am running into ACL errors, as documented here. The problem I am having is running the associated curl scripts to create a token with the proper rules, saving that outputted token, and running it on every member of the autoscale group both for the first time and every time the group scales up.
Does anyone have any suggestions on how to get this knocked out?
So what I ended up doing was creating a lambda script to handle 2 types of events: bootstrap and adding new nodes, which is triggered by either a local_exec in TF (bootstrap) or an autoscaling group sns notification (add new node). The bootstrap function stored the acl_agent_token in an SSM Parameter Store and applied it initially to the members of the cluster. The function that adds new nodes queries the parameter store and adds the node via the rest api.