open-nomad/website/content/docs/commands/acl/binding-rule/create.mdx

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

62 lines
1.8 KiB
Plaintext
Raw Normal View History

---
layout: docs
page_title: 'Commands: acl binding-rule create'
description: The binding-rule create command is used to create new ACL Binding Rules.
---
# Command: acl binding-rule create
The `acl binding-rule create` command is used to create new ACL Binding Rules.
## Usage
```plaintext
nomad acl binding-rule create [options]
```
The `acl binding-rule create` command requires the correct setting of the create options
via flags detailed below.
## General Options
@include 'general_options_no_namespace.mdx'
## Create Options
- `-description`: A free form text description of the binding-rule that must not exceed
256 characters.
- `-auth-method`: Specifies the name of the ACL authentication method that this
binding rule is associated with.
- `-selector`: Selector is an expression that matches against verified identity
attributes returned from the auth method during login.
- `-bind-type`: Specifies adjusts how this binding rule is applied at login time
to internal Nomad objects. Valid options are `role` and `policy`.
- `-bind-name`: Specifies is the target of the binding used on selector match.
This can be lightly templated using HIL `${foo}` syntax.
- `-json`: Output the ACL binding-rule in a JSON format.
- `-t`: Format and display the ACL binding-rule using a Go template.
## Examples
Create a new ACL Binding Rule:
```shell-session
$ nomad acl binding-rule create -description "example binding rule" -auth-method "auth0" -bind-type "role" -bind-name "eng-ro" -selector "engineering in list.roles"
ID = 698fdad6-dcb3-79dd-dc72-b43374057dea
Description = example binding rule
Auth Method = auth0
Selector = "engineering in list.roles"
Bind Type = role
Bind Name = eng-ro
Create Time = 2022-12-20 11:15:22.582568 +0000 UTC
Modify Time = 2022-12-20 11:15:22.582568 +0000 UTC
Create Index = 14
Modify Index = 14
```