Have a question, for consul to re-elect a leader ACL is needed or not?
Let’s say each Consul Server has dedicated policy (name of node with write permission). For each node both policy and token are created by other service that has token with ACL write permission. The master token is revoked to support best practices.
For sake of argument, my 90% of my instances with leader go down and ones that left are below bootstrap expected volume. Autoscaling group starts spinning up new instances to meet quorum and elect a leader. What will happen? How leader will update catalog without token? How service with ACL write permission create a policy without leader?