Consul ACL rules for monitoring


I can’t understand why consul gives an empty array when requesting a list of services present on a node (/v1/agent/services). But the token monitor gives the correct metrics (/v1/agent/self or /v1/agent/metrics).

In order not to prescribe policies on each node, I wrote them in a cluster:
{“Description”: “Read-only access to cluster-consul agents for monitoring”, “Name”: “cluster-consul_agent_read”, “Rules”: “agent_prefix "cluster-consul" { policy = "read"}”}