Learn how to integrate Consul access control list (ACL) with Nomad workload identity. Learn how to migrate to using Nomad workload identity with Consul. Configure Consul so it can receive, validate, and trust workload identities from Nomad. Create binding and namespace rules. Review considerations for using the JSON Web Key Set (JWKS) URL.| Integrate Consul ACL | Nomad | HashiCorp Developer
Configure workload identity in the `identity` block of the Nomad job specification. Review how to configure workload identities for Consul and Vault.| identity block in the job specification | Nomad | HashiCorp Developer
Configure Consul options in the `consul` block of the Nomad job specification to register them in the Consul catalog. Specify that the group or task requires a Consul token. Configure the Consul cluster, namespace, and partition. Review template, group services, namespace, and admin partition examples.| consul block in the job specification | Nomad | HashiCorp Developer
Jobs can access Nomad's HTTP API via the Task API.| Task HTTP API | Nomad | HashiCorp Developer
Configure Nomad server and client integration with Consul in the `consul` block of a Nomad agent configuration for service discovery and key-value integration. Configure cluster name, the Consul namespace, whether Nomad should advertize its services, certificates, tokens, security, health checks, auto join, and workload service and task identity.| consul Block in Agent Configuration | Nomad | HashiCorp Developer
Nomad's workload identity feature isolates and uniquely identities each workload so you can associate Access Control List (ACL) policies to jobs. Learn about workload identity claims, claims attributes specific to Nomad Enterprise, default workload ACL policy, and workload identity for Consul and Vault.| Workload Identity | Nomad | HashiCorp Developer
Configure Nomad server and client integration with HashiCorp Vault in the `vault` block of a Nomad agent configuration. Configure cluster name and the role for creating tokens. For Nomad clients, configure Vault's address, namespace, and certificate or TLS authentication. Specify the JWT authentication path. For Nomad servers, configure the server's default workload identity, which includes workload identity recipients, workload TTL, and key-value pairs for additional identity claims.| vault Block in Agent Configuration | Nomad | HashiCorp Developer
The "vault" block allows the task to specify that it requires a token from a HashiCorp Vault server. Nomad will automatically retrieve a Vault token for the task and handle token renewal for the task.| vault Block - Job Specification | Nomad | HashiCorp Developer