open-consul/website/source/docs/commands/acl/role/create.html.md.erb
Matt Keeler b9996e6bbe
Add Namespace support to the API module and the CLI commands (#6874)
Also update the Docs and fixup the HTTP API to return proper errors when someone attempts to use Namespaces with an OSS agent.

Add Namespace HTTP API docs

Make all API endpoints disallow unknown fields
2019-12-06 11:14:56 -05:00

68 lines
1.7 KiB
Plaintext

---
layout: "docs"
page_title: "Commands: ACL Role Create"
sidebar_current: "docs-commands-acl-role-create"
---
# Consul ACL Role Create
Command: `consul acl role create`
The `acl role create` command creates new roles.
## Usage
Usage: `consul acl role create [options] [args]`
#### API Options
<%= partial "docs/commands/http_api_options_client" %>
<%= partial "docs/commands/http_api_options_server" %>
#### Command Options
* `-description=<string>` - A description of the role.
* `-meta` - Indicates that role metadata such as the content hash and raft
indices should be shown for each entry.
* `-name=<string>` - The new role's name. This flag is required.
* `-policy-id=<value>` - ID of a policy to use for this role. May be specified
multiple times
* `-policy-name=<value>` - Name of a policy to use for this role. May be
specified multiple times
* `-service-identity=<value>` - Name of a service identity to use for this
role. May be specified multiple times. Format is the `SERVICENAME` or
`SERVICENAME:DATACENTER1,DATACENTER2,...`
#### Enterprise Options
<%= partial "docs/commands/http_api_namespace_options" %>
## Examples
Create a new role with one policy:
```sh
$ consul acl role create -name "crawler" -description "web crawler role" -policy-name "crawler-kv"
ID: 57147d87-6bf7-f794-1a6e-7d038c4e4ae9
Name: crawler
Description: web crawler role
Policies:
2f8f99c7-edd9-2f09-7e4b-a1f519eb4fc2 - crawler-kv
```
Create a new role with one service identity:
```sh
$ consul acl role create -name archiver -description 'archiver role' -service-identity "archiver:dc2"
ID: a365fdc9-ac71-e754-0645-7ab6bd747301
Name: archiver
Description: archiver role
Service Identities:
archiver (Datacenters: dc2)
```