2019-05-01 21:11:23 +00:00
|
|
|
---
|
2020-09-01 15:14:13 +00:00
|
|
|
layout: commands
|
2020-04-07 18:55:19 +00:00
|
|
|
page_title: 'Commands: ACL Auth Methods'
|
2019-05-01 21:11:23 +00:00
|
|
|
---
|
|
|
|
|
|
|
|
# Consul ACL Auth Methods
|
|
|
|
|
|
|
|
Command: `consul acl auth-method`
|
|
|
|
|
|
|
|
The `acl auth-method` command is used to manage Consul's ACL auth methods.
|
|
|
|
It exposes commands for creating, updating, reading, deleting, and listing auth methods.
|
|
|
|
This command is available in Consul 1.5.0 and newer.
|
|
|
|
|
2022-03-30 21:16:26 +00:00
|
|
|
ACL auth methods may also be managed via the [HTTP API](/api-docs/acl/auth-methods).
|
2019-05-01 21:11:23 +00:00
|
|
|
|
|
|
|
-> **Note:** All of the example subcommands in this document will require a valid
|
2020-04-07 18:55:19 +00:00
|
|
|
Consul token with the appropriate permissions. Either set the
|
2019-05-01 21:11:23 +00:00
|
|
|
`CONSUL_HTTP_TOKEN` environment variable to the token's secret ID or pass the
|
|
|
|
secret ID as the value of the `-token` parameter.
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
|
|
|
Usage: `consul acl auth-method <subcommand>`
|
|
|
|
|
2020-04-07 18:55:19 +00:00
|
|
|
For the exact documentation for your Consul version, run `consul acl auth-method -h` to view the complete list of subcommands.
|
2019-05-01 21:11:23 +00:00
|
|
|
|
|
|
|
```text
|
|
|
|
Usage: consul acl auth-method <subcommand> [options] [args]
|
|
|
|
|
|
|
|
...
|
|
|
|
|
|
|
|
Subcommands:
|
|
|
|
create Create an ACL auth method
|
|
|
|
delete Delete an ACL auth method
|
|
|
|
list Lists ACL auth methods
|
|
|
|
read Read an ACL auth method
|
|
|
|
update Update an ACL auth method
|
|
|
|
```
|
|
|
|
|
|
|
|
For more information, examples, and usage about a subcommand, click on the name
|
|
|
|
of the subcommand in the sidebar.
|
|
|
|
|
|
|
|
## Basic Examples
|
|
|
|
|
|
|
|
Create a new auth method:
|
|
|
|
|
2020-05-19 18:32:38 +00:00
|
|
|
```shell-session
|
2019-05-01 21:11:23 +00:00
|
|
|
$ consul acl auth-method create -type "kubernetes" \
|
|
|
|
-name "my-k8s" \
|
|
|
|
-description "This is an example kube auth method" \
|
|
|
|
-kubernetes-host "https://apiserver.example.com:8443" \
|
2020-10-06 22:44:24 +00:00
|
|
|
-kubernetes-ca-cert @/path/to/kube.ca.crt \
|
2019-05-01 21:11:23 +00:00
|
|
|
-kubernetes-service-account-jwt "JWT_CONTENTS"
|
|
|
|
```
|
|
|
|
|
|
|
|
List all auth methods:
|
|
|
|
|
2020-05-19 18:32:38 +00:00
|
|
|
```shell-session
|
2019-05-01 21:11:23 +00:00
|
|
|
$ consul acl auth-method list
|
|
|
|
```
|
|
|
|
|
|
|
|
Update all editable fields of the auth method:
|
|
|
|
|
2020-05-19 18:32:38 +00:00
|
|
|
```shell-session
|
2019-05-01 21:11:23 +00:00
|
|
|
$ consul acl auth-method update -name "my-k8s" \
|
|
|
|
-description "new description" \
|
|
|
|
-kubernetes-host "https://new-apiserver.example.com:8443" \
|
2020-10-06 22:44:24 +00:00
|
|
|
-kubernetes-ca-cert @/path/to/new-kube.ca.crt \
|
2019-05-01 21:11:23 +00:00
|
|
|
-kubernetes-service-account-jwt "NEW_JWT_CONTENTS"
|
|
|
|
```
|
|
|
|
|
|
|
|
Read an auth method:
|
|
|
|
|
2020-05-19 18:32:38 +00:00
|
|
|
```shell-session
|
2019-05-01 21:11:23 +00:00
|
|
|
$ consul acl auth-method read -name my-k8s
|
|
|
|
```
|
|
|
|
|
|
|
|
Delete an auth method:
|
|
|
|
|
2020-05-19 18:32:38 +00:00
|
|
|
```shell-session
|
2019-05-01 21:11:23 +00:00
|
|
|
$ consul acl auth-method delete -name my-k8s
|
|
|
|
```
|