Consul version 1.4.0 introduces an improved Access Control List (ACL) system designed to secure various aspects of Consul, including the UI, HTTP API, CLI, service communications within a datacenter, and node communications. The ACLs can be configured to fit security requirements and threat models by grouping rules into policies and associating them with tokens. To migrate to this new system, users must update their ACL tokens after upgrading to Consul 1.4.0 or newer. A recommended approach for setting up ACLs is to follow the Bootstrapping ACLs Guide on HashiCorp's Learn site, which outlines a six-step process for enabling ACLs on servers and clients. To create a secure datacenter, each node and service should have its own privileges, and operators must take further actions beyond the initial steps outlined in the guide. For more information on the ACL system, users can refer to the overview ACL documentation and the ACL Rules documentation.