status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[NET-6640] Add docs for binding type policy (#19677)

This commit is contained in:
Ronald 2023-11-20 09:44:30 -05:00 committed by GitHub
parent 302f994410
commit 415491ff2b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
website/content/commands/acl/binding-rule/create.mdx
View File

@ -30,7 +30,7 @@ Usage: `consul acl binding-rule create [options] [args]`
- `-bind-name=<string>` - Name to bind on match. Can use `${var}`
interpolation. This flag is required.
- `-bind-type=<string>` - Type of binding to perform (`"service"` or `"role"`).
- `-bind-type=<string>` - Type of binding to perform (`"service"`, `"node"`, `"templated-policy"`, `"policy"` or `"role"`).
- `-description=<string>` - A description of the binding rule.
@ -89,4 +89,36 @@ Description: just vault role
BindType: role
BindName: vault
Selector: serviceaccount.namespace==default and serviceaccount.name==vault
```
Create a new binding rule that binds to a policy:
```shell-session
$ consul acl binding-rule create -method 'nomad' \
-description 'gets policy for nomad job' \
-bind-type 'policy' \
-bind-name 'nomad-${nomad.jobname}' \
-selector 'nomad.jobname==billing-app'
ID: e21ae868-7b13-a230-0235-f8e83510642c
AuthMethod: nomad
Description: gets policy for nomad job
BindType: policy
BindName: nomad-billing-app
Selector: nomad.jobname==billing-app
```
Create a new binding rule that binds to a templated policy:
```shell-session
$ consul acl binding-rule create -method 'remote-jwks' \
-description 'gets templated policy for dns tokens' \
-bind-type 'templated-policy' \
-bind-name 'builtin/dns' \
-selector 'serviceaccount.namespace==default'
ID: eaca9aa4-8913-c8ef-ba39-bfae64f66d99
AuthMethod: remote-jwks
Description: gets templated policy for dns tokens
BindType: templated-policy
BindName: builtin/dns
Selector: serviceaccount.namespace==default
```

2
website/content/commands/acl/binding-rule/update.mdx
View File

@ -33,7 +33,7 @@ Usage: `consul acl binding-rule update [options] [args]`
- `-bind-name=<string>` - Name to bind on match. Can use `${var}`
interpolation. This flag is required.
- `-bind-type=<string>` - Type of binding to perform (`"service"` or `"role"`).
- `-bind-type=<string>` - Type of binding to perform (`"service"`, `"node"`, `"templated-policy"`, `"policy"` or `"role"`).
- `-description=<string>` - A description of the binding rule.