luxolus
/
open-nomad
2
0
Fork 0
Code Issues 1 Pull Requests Packages Releases Wiki Activity
open-nomad/website/source/docs/configuration/acl.html.md

1.7 KiB
Raw Blame History

layout page_title sidebar_current description
docs acl Stanza - Agent Configuration docs-configuration-acl The "acl" stanza configures the Nomad agent to enable ACLs and tune various parameters.

acl Stanza

Placement **acl**

The acl stanza configures the Nomad agent to enable ACLs and tunes various ACL parameters.

acl {
  enabled = true
  token_ttl = "30s"
  policy_ttl = "60s"
}

acl Parameters

  • enabled (bool: false) - Specifies if ACL enforcement is enabled. All other client configuration options depend on this value.

  • token_ttl (string: "30s") - Specifies the maximum time-to-live (TTL) for cached ACL tokens. This does not affect servers, since they do not cache tokens. Setting this value lower reduces how stale a token can be, but increases the request load against servers. If a client cannot reach a server, for example because of an outage, the TTL will be ignored and the cached value used.

  • policy_ttl (string: "30s") - Specifies the maximum time-to-live (TTL) for cached ACL policies. This does not affect servers, since they do not cache policies. Setting this value lower reduces how stale a policy can be, but increases the request load against servers. If a client cannot reach a server, for example because of an outage, the TTL will be ignored and the cached value used.

  • replication_token (string: "") - Specifies the Secret ID of the ACL token to use for replicating policies and tokens. This is used by servers in non-authoritative region to mirror the policies and tokens into the local region.