open-consul/website/pages/docs/commands/acl/role/index.mdx

87 lines
2 KiB
Plaintext
Raw Normal View History

---
2020-04-07 18:55:19 +00:00
layout: docs
page_title: 'Commands: ACL Role'
sidebar_title: role
---
# Consul ACL Roles
Command: `consul acl role`
The `acl role` command is used to manage Consul's ACL roles.
It exposes commands for creating, updating, reading, deleting, and listing roles.
This command is available in Consul 1.5.0 and newer.
2020-04-09 23:46:54 +00:00
ACL roles may also be managed via the [HTTP API](/api/acl/roles).
-> **Note:** All of the example subcommands in this document will require a valid
2020-04-07 18:55:19 +00:00
Consul token with the appropriate permissions. Either set the
`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the
secret ID as the value of the `-token` parameter.
## Usage
Usage: `consul acl role <subcommand>`
2020-04-07 18:55:19 +00:00
For the exact documentation for your Consul version, run `consul acl role -h` to view the complete list of subcommands.
```text
Usage: consul acl role <subcommand> [options] [args]
...
Subcommands:
create Create an ACL role
delete Delete an ACL role
list Lists ACL roles
read Read an ACL role
update Update an ACL role
```
For more information, examples, and usage about a subcommand, click on the name
of the subcommand in the sidebar.
## Identifying Roles
Several of the subcommands need to operate on a specific role. Those
subcommands support specifying the role by its ID using the `-id` parameter
or by name using the `-name` parameter.
When specifying the role by its ID a unique role ID prefix may be specified
instead of the entire UUID. As long as it is unique it will be resolved to the
full UUID and used.
## Basic Examples
Create a new ACL role:
2020-04-07 23:56:08 +00:00
```shell
$ consul acl role create -name "new-role" \
-description "This is an example role" \
-policy-id 06acc965
```
List all roles:
2020-04-07 23:56:08 +00:00
```shell
$ consul acl role list
```
Update a role:
2020-04-07 23:56:08 +00:00
```shell
$ consul acl role update -name "other-role" -datacenter "dc1"
```
Read a role:
2020-04-07 23:56:08 +00:00
```shell
$ consul acl role read -id 0479e93e-091c-4475-9b06-79a004765c24
```
Delete a role
2020-04-07 23:56:08 +00:00
```shell
$ consul acl role delete -name "my-role"
```