open-consul/website/pages/docs/commands/acl/auth-method/create.mdx

72 lines
2.0 KiB
Plaintext
Raw Normal View History

---
2020-04-07 18:55:19 +00:00
layout: docs
page_title: 'Commands: ACL Auth Method Create'
sidebar_title: create
---
# Consul ACL Auth Method Create
Command: `consul acl auth-method create`
The `acl auth-method create` command creates new auth methods.
## Usage
Usage: `consul acl auth-method create [options] [args]`
#### API Options
2020-04-07 18:55:19 +00:00
@include 'http_api_options_client.mdx'
2020-04-07 23:56:08 +00:00
2020-04-07 18:55:19 +00:00
@include 'http_api_options_server.mdx'
#### Command Options
2020-04-07 18:55:19 +00:00
- `-description=<string>` - A description of the auth method.
2020-04-07 18:55:19 +00:00
- `-meta` - Indicates that auth method metadata such as the raft indices should
be shown for each entry.
2020-04-07 18:55:19 +00:00
- `-name=<string>` - The new auth method's name. This flag is required.
2020-04-07 18:55:19 +00:00
- `-type=<string>` - The new auth method's type. This flag is required.
2020-04-07 18:55:19 +00:00
- `-kubernetes-ca-cert=<string>` - PEM encoded CA cert for use by the TLS
client used to talk with the Kubernetes API. May be prefixed with '@' to
indicate that the value is a file path to load the cert from. This flag is
required for `-type=kubernetes`.
2020-04-07 18:55:19 +00:00
- `-kubernetes-host=<string>` - Address of the Kubernetes API server. This flag
is required for `-type=kubernetes`.
2020-04-07 18:55:19 +00:00
- `-kubernetes-service-account-jwt=<string>` - A Kubernetes service account JWT
used to access the TokenReview API to validate other JWTs during login. This
flag is required for `-type=kubernetes`.
2020-04-07 18:55:19 +00:00
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
#### Enterprise Options
2020-04-07 18:55:19 +00:00
@include 'http_api_namespace_options.mdx'
## Examples
Create a new Kubernetes auth method:
2020-04-07 23:56:08 +00:00
```shell
$ consul acl auth-method create -name minikube -type kubernetes \
-description 'minikube auth method' \
-kubernetes-host 'https://192.0.2.42:8443' \
-kubernetes-ca-cert '@minikube-ca.crt' \
-kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...'
Name: minikube
Type: kubernetes
Description: minikube auth method
Config:
{
"CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
"Host": "https://192.0.2.42:8443",
"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..."
}
```