68 lines
2.0 KiB
Plaintext
68 lines
2.0 KiB
Plaintext
---
|
|
layout: commands
|
|
page_title: 'Commands: ACL Binding Rule Update'
|
|
---
|
|
|
|
# Consul ACL Binding Rule Update
|
|
|
|
Command: `consul acl binding-rule update`
|
|
|
|
The `acl binding-rule update` command is used to update a binding rule. The
|
|
default operations is to merge the current binding rule with those values
|
|
provided to the command invocation. Therefore to update just one field, only
|
|
the `-id` option and the option to modify must be provided.
|
|
|
|
## Usage
|
|
|
|
Usage: `consul acl binding-rule update [options] [args]`
|
|
|
|
#### API Options
|
|
|
|
@include 'http_api_options_client.mdx'
|
|
|
|
@include 'http_api_options_server.mdx'
|
|
|
|
#### Command Options
|
|
|
|
- `-bind-name=<string>` - Name to bind on match. Can use `${var}`
|
|
interpolation. This flag is required.
|
|
|
|
- `-bind-type=<string>` - Type of binding to perform (`"service"` or `"role"`).
|
|
|
|
- `-description=<string>` - A description of the binding rule.
|
|
|
|
- `-id=<string>` - The ID of the binding rule to update. It may be specified as a
|
|
unique ID prefix but will error if the prefix matches multiple binding rule IDs
|
|
|
|
- `-meta` - Indicates that binding rule metadata such as the raft
|
|
indices should be shown for each entry.
|
|
|
|
- `-no-merge` - Do not merge the current binding rule information with what is
|
|
provided to the command. Instead overwrite all fields with the exception of the
|
|
binding rule ID which is immutable.
|
|
|
|
- `-selector=<string>` - Selector is an expression that matches against
|
|
verified identity attributes returned from the auth method during login.
|
|
|
|
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
|
|
|
|
#### Enterprise Options
|
|
|
|
@include 'http_api_namespace_options.mdx'
|
|
|
|
## Examples
|
|
|
|
Update a binding rule:
|
|
|
|
```shell-session
|
|
$ consul acl binding-rule update -id '0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890' \
|
|
-selector 'serviceaccount.namespace==default'
|
|
Binding rule updated successfully
|
|
ID: 0ec1bd2f-1d3b-bafb-d9bf-90ef04ab1890
|
|
AuthMethod: minikube
|
|
Description: wildcard service
|
|
BindType: service
|
|
BindName: k8s-${serviceaccount.name}
|
|
Selector: serviceaccount.namespace==default
|
|
```
|