luxolus
/
open-consul
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity

Document agent token policy requirement for rexec 

The Agent token policy when using rexec should have `write` on "_rexec"
key prefix. Updated the exec command documentation to explicitly state
this requirement.
This commit is contained in:
Ranjandas 2021-03-23 15:51:56 +11:00
parent 91ab4948a7
commit 2538c28cc7
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/commands/exec.mdx
View File

@ -41,6 +41,8 @@ execute this command.
| `key:write` | `"_rexec"` prefix | | `key:write` | `"_rexec"` prefix |
| `event:write` | `"_rexec"` prefix | | `event:write` | `"_rexec"` prefix |
In addition to the above, the policy associated with the [agent token](https://www.consul.io/docs/security/acl/acl-system#acl-agent-token) should have `write` on `"_rexec"` key prefix. This is for the agents to read the `exec` command and write its output back to the KV store.
## Usage ## Usage
Usage: `consul exec [options] [-|command...]` Usage: `consul exec [options] [-|command...]`