b9996e6bbe
Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent. Add Namespace HTTP API docs Make all API endpoints disallow unknown fields
68 lines
1.7 KiB
Plaintext
68 lines
1.7 KiB
Plaintext
---
|
|
layout: "docs"
|
|
page_title: "Commands: ACL Role Create"
|
|
sidebar_current: "docs-commands-acl-role-create"
|
|
---
|
|
|
|
# Consul ACL Role Create
|
|
|
|
Command: `consul acl role create`
|
|
|
|
The `acl role create` command creates new roles.
|
|
|
|
## Usage
|
|
|
|
Usage: `consul acl role create [options] [args]`
|
|
|
|
#### API Options
|
|
|
|
<%= partial "docs/commands/http_api_options_client" %>
|
|
<%= partial "docs/commands/http_api_options_server" %>
|
|
|
|
#### Command Options
|
|
|
|
* `-description=<string>` - A description of the role.
|
|
|
|
* `-meta` - Indicates that role metadata such as the content hash and raft
|
|
indices should be shown for each entry.
|
|
|
|
* `-name=<string>` - The new role's name. This flag is required.
|
|
|
|
* `-policy-id=<value>` - ID of a policy to use for this role. May be specified
|
|
multiple times
|
|
|
|
* `-policy-name=<value>` - Name of a policy to use for this role. May be
|
|
specified multiple times
|
|
|
|
* `-service-identity=<value>` - Name of a service identity to use for this
|
|
role. May be specified multiple times. Format is the `SERVICENAME` or
|
|
`SERVICENAME:DATACENTER1,DATACENTER2,...`
|
|
|
|
#### Enterprise Options
|
|
|
|
<%= partial "docs/commands/http_api_namespace_options" %>
|
|
|
|
## Examples
|
|
|
|
Create a new role with one policy:
|
|
|
|
```sh
|
|
$ consul acl role create -name "crawler" -description "web crawler role" -policy-name "crawler-kv"
|
|
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
|
|
Name: crawler
|
|
Description: web crawler role
|
|
Policies:
|
|
2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv
|
|
```
|
|
|
|
Create a new role with one service identity:
|
|
|
|
```sh
|
|
$ consul acl role create -name archiver -description 'archiver role' -service-identity "archiver:dc2"
|
|
ID: a365fdc9-ac71-e754-0645-7ab6bd747301
|
|
Name: archiver
|
|
Description: archiver role
|
|
Service Identities:
|
|
archiver (Datacenters: dc2)
|
|
```
|