35 lines
1.2 KiB
Plaintext
35 lines
1.2 KiB
Plaintext
|
AccessorID: fbd2447f-7479-4329-ad13-b021d74f86ba
|
||
|
|
SecretID: 869c6e91-4de9-4dab-b56e-87548435f9c6
|
||
|
|
Description: test token
|
||
|
|
Local: false
|
||
|
|
Create Time: 2020-05-22 18:52:31 +0000 UTC
|
||
|
|
Hash: 6162636465666768
|
||
|
|
Create Index: 42
|
||
|
|
Modify Index: 100
|
||
|
|
Policies:
|
||
|
|
Policy Name: foo
|
||
|
|
ID: beb04680-815b-4d7c-9e33-3d707c24672c
|
||
|
|
Description: user policy on token
|
||
|
|
Rules:
|
||
|
|
service_prefix "" {
|
||
|
|
policy = "read"
|
||
|
|
}
|
||
|
|
|
||
|
|
Policy Name: bar
|
||
|
|
ID: 18788457-584c-4812-80d3-23d403148a90
|
||
|
|
Description: other user policy on token
|
||
|
|
Rules:
|
||
|
|
operator = "read"
|
||
|
|
|
||
|
|
=== End of Authorizer Layer 0: Token ===
|
||
|
|
=== Start of Authorizer Layer 2: Agent Configuration Defaults (Inherited) ===
|
||
|
|
Description: Defined at request-time by the agent that resolves the ACL token; other agents may have different configuration defaults
|
||
|
|
Resolved By Agent: "leader"
|
||
|
|
|
||
|
|
Default Policy: allow
|
||
|
|
Description: Backstop rule used if no preceding layer has a matching rule (refer to default_policy option in agent configuration)
|
||
|
|
|
||
|
|
Down Policy: deny
|
||
|
|
Description: Defines what to do if this Token's information cannot be read from the primary_datacenter (refer to down_policy option in agent configuration)
|
||
|
|
|