luxolus/open-nomad
2
0
Fork 0
Code Issues 1 Pull requests Packages Releases Wiki Activity
open-nomad/website/pages/docs/configuration/acl.mdx
Charlie Voiselle 9d85195361
[docs] Update redirects and links for learn.hashicorp.com (#8598) 
* Fix links to ACL guides
* Managing Nomad guide links; links in jsx pages
* job updates guide URLS
* node-drain guide URLS
* outage recovery guide links
* fix guide links - sentinel
* fix guide links - namespaces
* fix guide links - quotas
* fix guide links - autopilot
* more guide links.
* more guide links - continued.
* Updating redirects for learn
* Getting Started
* Load Balancing Guides
* update redirects for ui guide
* Consolidate spark redirects to point to GH repo
* operating job update part 1
* finish operating job links; operations guides links.
* finish guide redirects
* coalesce EOL redirects for spark guides.
* one last link
* Checked links and found a few more stray links
* Found more .htmls
* Fixup links for new HC websites
* Post-merge fixups
* linkcheck caught missing ids
2020-09-29 12:48:32 -04:00

48 lines
1.8 KiB
Plaintext
Raw Blame History

---
layout: docs
page_title: acl Stanza - Agent Configuration
sidebar_title: acl
description: >-
The "acl" stanza configures the Nomad agent to enable ACLs and tune various
parameters.
---
# `acl` Stanza
<Placement groups={['acl']} />
The `acl` stanza configures the Nomad agent to enable ACLs and tunes various
ACL parameters. Learn more about configuring Nomad's ACL system in the [Secure
Nomad with Access Control guide][secure-guide].
```hcl
acl {
enabled = true
token_ttl = "30s"
policy_ttl = "60s"
}
```
## `acl` Parameters
- `enabled` `(bool: false)` - Specifies if ACL enforcement is enabled. All other
client configuration options depend on this value.
- `token_ttl` `(string: "30s")` - Specifies the maximum time-to-live (TTL) for
cached ACL tokens. This does not affect servers, since they do not cache tokens.
Setting this value lower reduces how stale a token can be, but increases
the request load against servers. If a client cannot reach a server, for example
because of an outage, the TTL will be ignored and the cached value used.
- `policy_ttl` `(string: "30s")` - Specifies the maximum time-to-live (TTL) for
cached ACL policies. This does not affect servers, since they do not cache policies.
Setting this value lower reduces how stale a policy can be, but increases
the request load against servers. If a client cannot reach a server, for example
because of an outage, the TTL will be ignored and the cached value used.
- `replication_token` `(string: "")` - Specifies the Secret ID of the ACL token
to use for replicating policies and tokens. This is used by servers in non-authoritative
region to mirror the policies and tokens into the local region.
[secure-guide]: https://learn.hashicorp.com/collections/nomad/access-control
Reference in a new issue View git blame Copy permalink