Consul
Consul ACL Roles
Command: consul acl role
The acl role
command is used to manage Consul's ACL roles.
It exposes commands for creating, updating, reading, deleting, and listing roles.
This command is available in Consul 1.5.0 and newer.
ACL roles may also be managed via the HTTP API.
Note: All of the example subcommands in this document will require a valid
Consul token with the appropriate permissions. Either set the
CONSUL_HTTP_TOKEN
environment variable to the token's secret ID or pass the
secret ID as the value of the -token
parameter.
Usage
Usage: consul acl role <subcommand>
For the exact documentation for your Consul version, run consul acl role -h
to view the complete list of subcommands.
Usage: consul acl role <subcommand> [options] [args]
...
Subcommands:
create Create an ACL role
delete Delete an ACL role
list Lists ACL roles
read Read an ACL role
update Update an ACL role
For more information, examples, and usage about a subcommand, click on the name of the subcommand in the sidebar.
Identifying Roles
Several of the subcommands need to operate on a specific role. Those
subcommands support specifying the role by its ID using the -id
parameter
or by name using the -name
parameter.
When specifying the role by its ID a unique role ID prefix may be specified instead of the entire UUID. As long as it is unique it will be resolved to the full UUID and used.
Basic Examples
Create a new ACL role:
$ consul acl role create -name "new-role" \
-description "This is an example role" \
-policy-id 06acc965
List all roles:
$ consul acl role list
Update a role:
$ consul acl role update -name "other-role" -datacenter "dc1"
Read a role:
$ consul acl role read -id 0479e93e-091c-4475-9b06-79a004765c24
Delete a role
$ consul acl role delete -name "my-role"