We're currently running Consul Server (version 1.16) on our hosting server. Occasionally, we need to update key-value pairs using the UI, which requires us to log in to the hosting server and make the necessary changes. However, if someone from our organization clicks on the URL from their machine, they can access the Consul UI without any authentication.
To address this security concern, I'm looking for a solution that allows us to restrict access to the Consul UI either by implementing authentication credentials or by limiting access only to the hosting server. I've attempted to use ACL, but it ended up blocking all application requests.
I'd appreciate any suggestions or guidance on how to implement this effectively.
Thank you.