Added ACL requirements for CLI commands

This commit is contained in:
Matt Siegel 2022-01-10 16:44:56 -05:00
parent 9ec94fd268
commit dcdaefcf79
67 changed files with 622 additions and 3 deletions

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/auth-method](https://www.consu
The `acl auth-method create` command creates new auth methods. The `acl auth-method create` command creates new auth methods.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl auth-method create [options] [args]` Usage: `consul acl auth-method create [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/auth-method/:name](https://
The `acl auth-method delete` command deletes an auth method. The `acl auth-method delete` command deletes an auth method.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl auth-method delete [options]` Usage: `consul acl auth-method delete [options]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/auth-methods](https://www.cons
The `acl auth-method list` command lists all auth methods. By default it will not show metadata. The `acl auth-method list` command lists all auth methods. By default it will not show metadata.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl auth-method list` Usage: `consul acl auth-method list`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/auth-method/:name](https://www
The `acl auth-method read` command reads and displays an auth method's details. The `acl auth-method read` command reads and displays an auth method's details.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl auth-method read [options] [args]` Usage: `consul acl auth-method read [options] [args]`

View File

@ -14,6 +14,14 @@ default operations is to merge the current auth method with those values
provided to the command invocation. Therefore to update just one field, only provided to the command invocation. Therefore to update just one field, only
the `-name` options and the option to modify must be provided. the `-name` options and the option to modify must be provided.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl auth-method update [options] [args]` Usage: `consul acl auth-method update [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/binding-rule](https://www.cons
The `acl binding-rule create` command creates new binding rules. The `acl binding-rule create` command creates new binding rules.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl binding-rule create [options] [args]` Usage: `consul acl binding-rule create [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/binding-rule/:id](https://w
The `acl binding-rule delete` command deletes a binding rule. The `acl binding-rule delete` command deletes a binding rule.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl binding-rule delete [options]` Usage: `consul acl binding-rule delete [options]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/binding-rules](https://www.con
The `acl binding-rule list` command lists all binding rules. By default it will not show metadata. The `acl binding-rule list` command lists all binding rules. By default it will not show metadata.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl binding-rule list` Usage: `consul acl binding-rule list`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/binding-rule/:id](https://www.
The `acl binding-rule read` command reads and displays a binding rules details. The `acl binding-rule read` command reads and displays a binding rules details.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl binding-rule read [options] [args]` Usage: `consul acl binding-rule read [options] [args]`

View File

@ -14,6 +14,14 @@ default operations is to merge the current binding rule with those values
provided to the command invocation. Therefore to update just one field, only provided to the command invocation. Therefore to update just one field, only
the `-id` option and the option to modify must be provided. the `-id` option and the option to modify must be provided.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl binding-rule update [options] [args]` Usage: `consul acl binding-rule update [options] [args]`

View File

@ -14,7 +14,13 @@ for management purposes and output its details. This can only be done once and a
will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap
[reset procedure](https://learn.hashicorp.com/consul/security-networking/acl-troubleshooting?utm_source=consul.io&utm_medium=docs#reset-the-acl-system). [reset procedure](https://learn.hashicorp.com/consul/security-networking/acl-troubleshooting?utm_source=consul.io&utm_medium=docs#reset-the-acl-system).
The ACL system can also be bootstrapped via the [HTTP API](/api/acl/acl#bootstrap-acls). The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
## Usage ## Usage

View File

@ -19,6 +19,14 @@ from stdin, a file or the raw value. To use stdin pass `-` as the value.
To load the value from a file prefix the value with an `@`. Any other To load the value from a file prefix the value with an `@`. Any other
values will be used directly. values will be used directly.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
-> **Deprecated:** The `-from-token` and `-token-secret` arguments exist only as a convenience -> **Deprecated:** The `-from-token` and `-token-secret` arguments exist only as a convenience
to make legacy ACL migration easier. These will be removed in a future major release when to make legacy ACL migration easier. These will be removed in a future major release when
support for the legacy ACL system is removed. support for the legacy ACL system is removed.

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/policy/:id](https://www.con
The `acl policy delete` command deletes a policy. Policies may be deleted by their ID or by name. The `acl policy delete` command deletes a policy. Policies may be deleted by their ID or by name.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl policy delete [options]` Usage: `consul acl policy delete [options]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/policies](https://www.consul.i
The `acl policy list` command lists all policies. By default it will not show metadata. The `acl policy list` command lists all policies. By default it will not show metadata.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl policy list` Usage: `consul acl policy list`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/policy/:id](https://www.consul
The `acl policy read` command reads and displays a policies details. The `acl policy read` command reads and displays a policies details.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl policy read [options] [args]` Usage: `consul acl policy read [options] [args]`

View File

@ -15,6 +15,14 @@ the `-id` or `-name` options and the option to modify must be provided. Note tha
policies requires both the `-id` and `-name` as the new name cannot yet be used to lookup the policies requires both the `-id` and `-name` as the new name cannot yet be used to lookup the
policy. policy.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl policy update [options] [args]` Usage: `consul acl policy update [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/role](https://www.consul.io/ap
The `acl role create` command creates new roles. The `acl role create` command creates new roles.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl role create [options] [args]` Usage: `consul acl role create [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/role/:id](https://www.consu
The `acl role delete` command deletes a role. Roles may be deleted by their ID or by name. The `acl role delete` command deletes a role. Roles may be deleted by their ID or by name.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl role delete [options]` Usage: `consul acl role delete [options]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/roles](https://www.consul.io/a
The `acl role list` command lists all roles. By default it will not show metadata. The `acl role list` command lists all roles. By default it will not show metadata.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl role list` Usage: `consul acl role list`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoints: [\[GET\] /v1/acl/role/:id](https://www.consul.
The `acl role read` command reads and displays a roles details. The `acl role read` command reads and displays a roles details.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl role read [options] [args]` Usage: `consul acl role read [options] [args]`

View File

@ -15,6 +15,14 @@ update just one field, only the `-id` or `-name` options and the option to
modify must be provided. Note that renaming roles requires both the `-id` and modify must be provided. Note that renaming roles requires both the `-id` and
`-name` as the new name cannot yet be used to lookup the role. `-name` as the new name cannot yet be used to lookup the role.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl role update [options] [args]` Usage: `consul acl role update [options] [args]`

View File

@ -16,6 +16,14 @@ the agent's configuration. Tokens are not persisted unless
is `true`, so tokens will need to be updated again if that option is `false` and is `true`, so tokens will need to be updated again if that option is `false` and
the agent is restarted. the agent is restarted.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl set-agent-token [options] TYPE TOKEN` Usage: `consul acl set-agent-token [options] TYPE TOKEN`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/token/:AccessorID/clone](https
The `acl token clone` command clones an existing token. The `acl token clone` command clones an existing token.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl token clone [options]` Usage: `consul acl token clone [options]`

View File

@ -13,6 +13,14 @@ This command creates new tokens. When creating a new token, policies may be link
either the `-policy-id` or the `-policy-name` options. When specifying policies by IDs you either the `-policy-id` or the `-policy-name` options. When specifying policies by IDs you
may use a unique prefix of the UUID as a shortcut for specifying the entire UUID. may use a unique prefix of the UUID as a shortcut for specifying the entire UUID.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl token create [options] [args]` Usage: `consul acl token create [options] [args]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/acl/token/:AccessorID](https://
The `acl token delete` command deletes a token. The `acl token delete` command deletes a token.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl token delete [options]` Usage: `consul acl token delete [options]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/tokens](https://www.consul.io/
The `acl token list` command lists all tokens. By default it will not show metadata. The `acl token list` command lists all tokens. By default it will not show metadata.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl token list` Usage: `consul acl token list`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/token/:AccessorID](https://www
The `acl token read` command reads and displays a token details. The `acl token read` command reads and displays a token details.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage ## Usage
Usage: `consul acl token read [options] [args]` Usage: `consul acl token read [options] [args]`

View File

@ -12,6 +12,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/token/:AccessorID](https://www
The `acl token update` command will update a token. Some parts of the token like whether the The `acl token update` command will update a token. Some parts of the token like whether the
token is local to the datacenter cannot be changed. token is local to the datacenter cannot be changed.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:write` |
## Usage ## Usage
Usage: `consul acl token update [options]` Usage: `consul acl token update [options]`

View File

@ -14,6 +14,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/acl/rules/translate/:accessor_id](
This command translates the legacy ACL rule syntax into the new syntax. This command translates the legacy ACL rule syntax into the new syntax.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
### Usage ### Usage
Usage: `consul acl translate-rules [options] TRANSLATE` Usage: `consul acl translate-rules [options] TRANSLATE`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/catalog/datacenters](https://www.c
The `catalog datacenters` command prints all known datacenters. The `catalog datacenters` command prints all known datacenters.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
## Examples ## Examples
List all datacenters: List all datacenters:

View File

@ -13,6 +13,14 @@ The `catalog nodes` command prints all known nodes and metadata about them.
It can also query for nodes that match a particular metadata or provide a It can also query for nodes that match a particular metadata or provide a
particular service. particular service.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `node:read` |
## Examples ## Examples
List all nodes: List all nodes:

View File

@ -13,6 +13,14 @@ The `catalog services` command prints all known services. It can also query
for services that match particular metadata or list the services that a for services that match particular metadata or list the services that a
particular node provides. particular node provides.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| -------------- |
| `service:read` |
## Examples ## Examples
List all services: List all services:

View File

@ -13,6 +13,14 @@ The `config delete` command deletes the configuration entry specified by the
kind and name. See the [configuration entries docs](/docs/agent/config-entries) kind and name. See the [configuration entries docs](/docs/agent/config-entries)
for more details about configuration entries. for more details about configuration entries.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ----------------------------------- |
| `service:write` or `operator:write` |
## Usage ## Usage
Usage: `consul config delete [options]` Usage: `consul config delete [options]`

View File

@ -13,6 +13,14 @@ The `config list` command lists all given config entries of the given kind.
See the [configuration entries docs](/docs/agent/config-entries) for more See the [configuration entries docs](/docs/agent/config-entries) for more
details about configuration entries. details about configuration entries.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| -------------- |
| `service:read` |
## Usage ## Usage
Usage: `consul config list [options]` Usage: `consul config list [options]`

View File

@ -14,6 +14,14 @@ kind and name and outputs its JSON representation. See the
[configuration entries docs](/docs/agent/config-entries) for more [configuration entries docs](/docs/agent/config-entries) for more
details about configuration entries. details about configuration entries.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| -------------- |
| `service:read` |
## Usage ## Usage
Usage: `consul config read [options]` Usage: `consul config read [options]`

View File

@ -13,6 +13,14 @@ The `config write` command creates or updates a centralized config entry.
See the [configuration entries docs](/docs/agent/config-entries) for more See the [configuration entries docs](/docs/agent/config-entries) for more
details about configuration entries. details about configuration entries.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ----------------------------------- |
| `service:write` or `operator:write` |
## Usage ## Usage
Usage: `consul config write [options] FILE` Usage: `consul config write [options] FILE`

View File

@ -42,6 +42,14 @@ Subcommands:
This command displays the current CA configuration. This command displays the current CA configuration.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul connect ca get-config [options]` Usage: `consul connect ca get-config [options]`
Corresponding HTTP API Endpoint: [\[GET\] /v1/connect/ca/configuration](https://www.consul.io/api-docs/connect/ca#get-ca-configuration) Corresponding HTTP API Endpoint: [\[GET\] /v1/connect/ca/configuration](https://www.consul.io/api-docs/connect/ca#get-ca-configuration)
@ -69,6 +77,14 @@ Modifies the current CA configuration. If this results in a new root certificate
being used, the [Root Rotation](/docs/connect/ca#root-certificate-rotation) process being used, the [Root Rotation](/docs/connect/ca#root-certificate-rotation) process
will be triggered. will be triggered.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul connect ca set-config [options]` Usage: `consul connect ca set-config [options]`
Corresponding HTTP API Endpoint: [\[PUT\] /v1/connect/ca/configuration](https://www.consul.io/api-docs/connect/ca#update-ca-configuration) Corresponding HTTP API Endpoint: [\[PUT\] /v1/connect/ca/configuration](https://www.consul.io/api-docs/connect/ca#update-ca-configuration)

View File

@ -37,6 +37,14 @@ message. It is hard to give an exact number, as it depends on various
parameters of the event, but the payload should be kept very small parameters of the event, but the payload should be kept very small
(< 100 bytes). Specifying too large of an event will return an error. (< 100 bytes). Specifying too large of an event will return an error.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------- |
| `event:write` |
## Usage ## Usage
Usage: `consul event [options] [payload]` Usage: `consul event [options] [payload]`

View File

@ -32,6 +32,14 @@ from the datacenter's member list nor from the raft configuration. Additionally,
if the agent returns after transitioning to the "left" state, but before it is reaped if the agent returns after transitioning to the "left" state, but before it is reaped
from the member list, then it will rejoin the cluster. from the member list, then it will rejoin the cluster.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
## Usage ## Usage
Usage: `consul force-leave [options] node` Usage: `consul force-leave [options] node`

View File

@ -17,6 +17,14 @@ Corresponding HTTP API Endpoint: [\[POST\] /v1/connect/intentions](https://www.c
The `intention create` command creates or updates an L4 intention. The `intention create` command creates or updates an L4 intention.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------------ |
| `intentions:write` |
## Usage ## Usage
- `consul intention create [options] SRC DST` - `consul intention create [options] SRC DST`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/connect/intentions/exact](https
The `intention delete` command deletes a matching intention. The `intention delete` command deletes a matching intention.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------------ |
| `intentions:write` |
-> **Deprecated** - The one argument form of this command is deprecated in -> **Deprecated** - The one argument form of this command is deprecated in
Consul 1.9.0. Intentions no longer need IDs when represented as Consul 1.9.0. Intentions no longer need IDs when represented as
[`service-intentions`](/docs/connect/config-entries/service-intentions) config [`service-intentions`](/docs/connect/config-entries/service-intentions) config

View File

@ -16,6 +16,14 @@ Consul 1.9.0. Intentions no longer need IDs when represented as
[`service-intentions`](/docs/connect/config-entries/service-intentions) config [`service-intentions`](/docs/connect/config-entries/service-intentions) config
entries. entries.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ----------------- |
| `intentions:read` |
## Usage ## Usage
Usage: Usage:

View File

@ -16,6 +16,14 @@ order: the first intention that matches a request would be evaluated.
The [check](/commands/intention/check) command can be used to The [check](/commands/intention/check) command can be used to
check whether an L4 connection would be authorized between any two services. check whether an L4 connection would be authorized between any two services.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ----------------- |
| `intentions:read` |
## Usage ## Usage
Usage: `consul intention match [options] SRC_OR_DST` Usage: `consul intention match [options] SRC_OR_DST`

View File

@ -22,6 +22,14 @@ state across the cluster.
An agent which is already part of a cluster may join an agent in a different An agent which is already part of a cluster may join an agent in a different
cluster, causing the two clusters to be merged into a single cluster. cluster, causing the two clusters to be merged into a single cluster.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------- |
| `agent:write` |
## Usage ## Usage
Usage: `consul join [options] address ...` Usage: `consul join [options] address ...`

View File

@ -12,6 +12,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/kv/:key](https://www.consul.io/
The `kv delete` command removes the value from Consul's KV store at the The `kv delete` command removes the value from Consul's KV store at the
given path. If no key exists at the path, no action is taken. given path. If no key exists at the path, no action is taken.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `key:write` |
## Usage ## Usage
Usage: `consul kv delete [options] KEY_OR_PREFIX` Usage: `consul kv delete [options] KEY_OR_PREFIX`

View File

@ -14,6 +14,14 @@ store at the given key name. If no key exists with that name, an error is
returned. If a key exists with that name but has no data, nothing is returned. returned. If a key exists with that name but has no data, nothing is returned.
A key name or prefix is required. A key name or prefix is required.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `key:read` |
## Usage ## Usage
Usage: `consul kv get [options] [KEY_OR_PREFIX]` Usage: `consul kv get [options] [KEY_OR_PREFIX]`

View File

@ -11,6 +11,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/kv/:key](https://www.consul.io/api
The `kv put` command writes the data to the given path in the KV store. The `kv put` command writes the data to the given path in the KV store.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `key:write` |
## Usage ## Usage
Usage: `consul kv put [options] KEY [DATA]` Usage: `consul kv put [options] KEY [DATA]`

View File

@ -25,6 +25,14 @@ non-graceful leave can affect cluster availability.
Running `consul leave` on a server explicitly will reduce the quorum size. Even if the cluster used `bootstrap_expect` to set a quorum size initially, issuing `consul leave` on a server will reconfigure the cluster to have fewer servers. Running `consul leave` on a server explicitly will reduce the quorum size. Even if the cluster used `bootstrap_expect` to set a quorum size initially, issuing `consul leave` on a server will reconfigure the cluster to have fewer servers.
This means you could end up with just one server that is still able to commit writes because quorum is only 1, but those writes might be lost if that server fails before more are added. This means you could end up with just one server that is still able to commit writes because quorum is only 1, but those writes might be lost if that server fails before more are added.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------- |
| `agent:write` |
## Usage ## Usage
Usage: `consul leave [options]` Usage: `consul leave [options]`

View File

@ -128,6 +128,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/license](https://www.cons
This command sets the Consul Enterprise license. This command sets the Consul Enterprise license.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul license put [options] LICENSE` Usage: `consul license put [options] LICENSE`
#### API Options #### API Options
@ -160,6 +168,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/license](https://www.cons
This command gets the Consul Enterprise license. This command gets the Consul Enterprise license.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
Usage: `consul license get [options]` Usage: `consul license get [options]`
#### API Options #### API Options
@ -197,6 +213,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/operator/license](https://www.c
Resets license for the datacenter to the one builtin in Consul binary, if it is still valid. Resets license for the datacenter to the one builtin in Consul binary, if it is still valid.
If the builtin license is invalid, the current one stays active. If the builtin license is invalid, the current one stays active.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul license reset [options]` Usage: `consul license reset [options]`
#### API Options #### API Options

View File

@ -17,6 +17,14 @@ requested auth method for a newly minted Consul ACL token. The companion
command `consul logout` should be used to destroy any tokens created this way command `consul logout` should be used to destroy any tokens created this way
to avoid a resource leak. to avoid a resource leak.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
## Usage ## Usage
Usage: `consul login [options]` Usage: `consul login [options]`

View File

@ -15,6 +15,14 @@ Corresponding HTTP API Endpoint: [\[POST\] /v1/acl/logout](https://www.consul.io
The `logout` command will destroy the provided token if it was created from The `logout` command will destroy the provided token if it was created from
`consul login`. `consul login`.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
## Usage ## Usage
Usage: `consul logout [options]` Usage: `consul logout [options]`

View File

@ -21,6 +21,14 @@ Under the hood, maintenance mode is activated by registering a health check in
critical status against a service, and deactivated by deregistering the critical status against a service, and deactivated by deregistering the
health check. health check.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `node:write` |
## Usage ## Usage
Usage: `consul maint [options]` Usage: `consul maint [options]`

View File

@ -21,6 +21,14 @@ Nodes in the "failed" state are still listed because Consul attempts to
reconnect with failed nodes for a certain amount of time in the case reconnect with failed nodes for a certain amount of time in the case
that the failure is actually just a network partition. that the failure is actually just a network partition.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `node:read` |
## Usage ## Usage
Usage: `consul members [options]` Usage: `consul members [options]`

View File

@ -14,6 +14,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/namespace](https://www.consul.io/a
This `namespace create` command creates a namespaces using the CLI parameters provided. This `namespace create` command creates a namespaces using the CLI parameters provided.
This was added in Consul Enterprise 1.7.2. This was added in Consul Enterprise 1.7.2.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
## Usage ## Usage
Usage: `consul namespace create -name <namespace name> [options]` Usage: `consul namespace create -name <namespace name> [options]`

View File

@ -14,6 +14,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/namespace/:name](https://www.co
This `namespace delete` command deletes a namespace. This was added in Consul Enterprise 1.7.0. If This `namespace delete` command deletes a namespace. This was added in Consul Enterprise 1.7.0. If
ACLs are enabled then this command will require a token with `operator:write` privileges. ACLs are enabled then this command will require a token with `operator:write` privileges.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
## Usage ## Usage
Usage: `consul namespace delete <name>` Usage: `consul namespace delete <name>`

View File

@ -16,6 +16,14 @@ ACLs are enabled then this command will require a token with `operator:read` pri
within the target namespaces. The results will be filtered based on the ACL token and therefore it is possible to within the target namespaces. The results will be filtered based on the ACL token and therefore it is possible to
see a partial list. see a partial list.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------------------------------- |
| `operator:read` or `namespace:* read` |
## Usage ## Usage
Usage: `consul namespace list` Usage: `consul namespace list`

View File

@ -15,6 +15,14 @@ This `namespace read` command reads a namespaces configuration. This was added i
ACLs are enabled then this command will require a token with `operator:read` privileges or any `read` privileges ACLs are enabled then this command will require a token with `operator:read` privileges or any `read` privileges
within the target namespace. within the target namespace.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------------------------------- |
| `operator:read` or `namespace:* read` |
## Usage ## Usage
Usage: `consul namespace read <name>` Usage: `consul namespace read <name>`

View File

@ -14,6 +14,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/namespace/:name](https://www.consu
This `namespace update` command updates a namespaces using the CLI parameters provided. This `namespace update` command updates a namespaces using the CLI parameters provided.
This was added in Consul Enterprise 1.7.2. This was added in Consul Enterprise 1.7.2.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
## Usage ## Usage
Usage: `consul namespace update -name <namespace name> [options]` Usage: `consul namespace update -name <namespace name> [options]`

View File

@ -51,6 +51,14 @@ Corresponding HTTP API Endpoint: [\[POST\] /v1/operator/area](https://www.consul
This command creates a new network area. This command creates a new network area.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator area create [options]` Usage: `consul operator area create [options]`
#### API Options #### API Options
@ -85,6 +93,14 @@ Corresponding HTTP API Endpoint: [\[DELETE\] /v1/operator/area/:uuid](https://ww
This command deletes an existing network area. This command deletes an existing network area.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator area delete [options]` Usage: `consul operator area delete [options]`
#### API Options #### API Options
@ -116,6 +132,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/area/:uuid/join](https://
This command joins Consul servers into an existing network area by address, such as This command joins Consul servers into an existing network area by address, such as
an IP or hostname with an optional port. Multiple addresses may be given. an IP or hostname with an optional port. Multiple addresses may be given.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator area join [options] ADDRESSES` Usage: `consul operator area join [options] ADDRESSES`
#### API Options #### API Options
@ -152,6 +176,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/area](https://www.consul.
This command lists all network areas. This command lists all network areas.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `operator:read` |
Usage: `consul operator area list [options]` Usage: `consul operator area list [options]`
#### API Options #### API Options
@ -183,6 +215,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/area/:uuid/members](https
This command displays Consul server nodes present in a network area, or all This command displays Consul server nodes present in a network area, or all
areas if no area is specified. areas if no area is specified.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `operator:read` |
Usage: `consul operator area members [options]` Usage: `consul operator area members [options]`
#### API Options #### API Options
@ -239,6 +279,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/area/:uuid](https://www.c
This command updates the configuration of network area. This command updates the configuration of network area.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator area update [options]` Usage: `consul operator area update [options]`
#### API Options #### API Options

View File

@ -32,6 +32,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/autopilot/configuration](
This command displays the current autopilot configuration. This command displays the current autopilot configuration.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `operator:read` |
Usage: `consul operator autopilot get-config [options]` Usage: `consul operator autopilot get-config [options]`
#### API Options #### API Options
@ -59,6 +67,14 @@ Corresponding HTTP API Endpoint: [\[PUT\] /v1/operator/autopilot/configuration](
Modifies the current Autopilot configuration. Modifies the current Autopilot configuration.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator autopilot set-config [options]` Usage: `consul operator autopilot set-config [options]`
#### API Options #### API Options
@ -109,6 +125,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/operator/autopilot/state](https://
This command displays the current autopilot state. This command displays the current autopilot state.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `operator:read` |
Usage: `consul operator autopilot state [options]` Usage: `consul operator autopilot state [options]`
#### API Options #### API Options

View File

@ -33,6 +33,14 @@ Corresponding HTTP API Endpoint: [\[GET\] /v1/status/peers](https://www.consul.i
This command displays the current Raft peer configuration. This command displays the current Raft peer configuration.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `none` |
Usage: `consul operator raft list-peers -stale=[true|false]` Usage: `consul operator raft list-peers -stale=[true|false]`
- `-stale` - Optional and defaults to "false" which means the leader provides - `-stale` - Optional and defaults to "false" which means the leader provides
@ -77,6 +85,14 @@ clean up by simply running
[`consul force-leave`](/commands/force-leave) [`consul force-leave`](/commands/force-leave)
instead of this command. instead of this command.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ---------------- |
| `operator:write` |
Usage: `consul operator raft remove-peer -address="IP:port"` Usage: `consul operator raft remove-peer -address="IP:port"`
- `-address` - "IP:port" for the server to remove. The port number is usually - `-address` - "IP:port" for the server to remove. The port number is usually

View File

@ -25,6 +25,14 @@ Not all configuration options are reloadable. See the
[Reloadable Configuration](/docs/agent/options#reloadable-configuration) [Reloadable Configuration](/docs/agent/options#reloadable-configuration)
section on the agent options page for details on which options are supported. section on the agent options page for details on which options are supported.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------- |
| `agent:write` |
## Usage ## Usage
Usage: `consul reload` Usage: `consul reload`

View File

@ -17,6 +17,14 @@ Consul's network coordinate model of the cluster.
See the [Network Coordinates](/docs/internals/coordinates) internals guide See the [Network Coordinates](/docs/internals/coordinates) internals guide
for more information on how these coordinates are computed. for more information on how these coordinates are computed.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `node:read` |
## Usage ## Usage
Usage: `consul rtt [options] node1 [node2]` Usage: `consul rtt [options] node1 [node2]`

View File

@ -20,6 +20,14 @@ registered with a configuration file, then deleting that file and
deregister. See [Service Definition](/docs/agent/services) for more deregister. See [Service Definition](/docs/agent/services) for more
information about registering services generally. information about registering services generally.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `service:write` |
## Usage ## Usage
Usage: `consul services deregister [options] [FILE...]` Usage: `consul services deregister [options] [FILE...]`

View File

@ -22,6 +22,14 @@ configuration management systems that other systems that have access to
the configuration directory. Clients may also use the the configuration directory. Clients may also use the
[HTTP API](/api/agent/service) directly. [HTTP API](/api/agent/service) directly.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| --------------- |
| `service:write` |
## Usage ## Usage
Usage: `consul services register [options] [FILE...]` Usage: `consul services register [options] [FILE...]`

View File

@ -19,8 +19,13 @@ designed to handle server failures during a restore. This command is primarily
intended to be used when recovering from a disaster, restoring into a fresh intended to be used when recovering from a disaster, restoring into a fresh
cluster of Consul servers. cluster of Consul servers.
If ACLs are enabled, a management token must be supplied in order to perform The table below shows this command's [required ACLs](/api#authentication). Configuration of
a snapshot restore. [blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `management` |
## Usage ## Usage

View File

@ -27,6 +27,14 @@ the CLI client attempting to perform a snapshot save will have no effect. It _mu
the context of the server process. If you're using Systemd to manage your Consul server the context of the server process. If you're using Systemd to manage your Consul server
processes, then adding `Environment=TMPDIR=/path/to/dir` to your Consul unit file will work. processes, then adding `Environment=TMPDIR=/path/to/dir` to your Consul unit file will work.
The table below shows this command's [required ACLs](/api#authentication). Configuration of
[blocking queries](/api/features/blocking) and [agent caching](/api/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `management` |
## Usage ## Usage
Usage: `consul snapshot save [options] FILE` Usage: `consul snapshot save [options] FILE`