consul/website/content/commands/acl/policy/read.mdx

144 lines
3.3 KiB
Plaintext

---
layout: commands
page_title: 'Commands: ACL Policy Read'
description: |
The `consul acl policy read` command outputs rules that make up an ACL policy of the specified ID.
---
# Consul ACL Policy Read
Command: `consul acl policy read`
Corresponding HTTP API Endpoints: [\[GET\] /v1/acl/policy/:id](/consul/api-docs/acl/policies#read-a-policy), [\[GET\] /v1/acl/policy/name/:name](/consul/api-docs/acl/policies#read-a-policy-by-name)
The `acl policy read` command reads and displays a policies details.
The table below shows this command's [required ACLs](/consul/api-docs/api-structure#authentication). Configuration of
[blocking queries](/consul/api-docs/features/blocking) and [agent caching](/consul/api-docs/features/caching)
are not supported from commands, but may be from the corresponding HTTP endpoint.
| ACL Required |
| ------------ |
| `acl:read` |
## Usage
Usage: `consul acl policy read [options] [args]`
#### Command Options
- `-id=<string>` - The ID of the policy to read. It may be specified as a unique ID
prefix but will error if the prefix matches multiple policy IDs.
- `-meta` - Indicates that policy metadata such as the content hash and raft
indices should be shown for each entry.
- `-name=<string>` - The name of the policy to read.
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
#### Enterprise Options
@include 'cli-http-api-partition-options.mdx'
@include 'http_api_namespace_options.mdx'
#### API Options
@include 'http_api_options_client.mdx'
@include 'http_api_options_server.mdx'
## Examples
Get policy details:
```shell-session
$ consul acl policy read -id 00000000-0000-0000-0000-000000000001
ID: 00000000-0000-0000-0000-000000000001
Name: global-management
Description: Builtin Policy that grants unlimited access
Datacenters:
Rules:
acl = "write"
agent_prefix "" {
policy = "write"
}
event_prefix "" {
policy = "write"
}
key_prefix "" {
policy = "write"
}
keyring = "write"
node_prefix "" {
policy = "write"
}
operator = "write"
query_prefix "" {
policy = "write"
}
service_prefix "" {
policy = "write"
intentions = "write"
}
session_prefix "" {
policy = "write"
}
```
Get policy details by name:
```shell-session
$ consul acl policy read -name "acl-replication"
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
Name: acl-replication
Description: Token capable of replicating ACL policies
Datacenters:
Rules:
acl = "read"
```
Get policy details (Builtin Policies):
Builtin policies can be accessed by specifying their original name as the value to the `-id` parameter.
```shell-session
$ consul acl policy read -id global-management
ID: 00000000-0000-0000-0000-000000000001
Name: global-management
Description: Builtin Policy that grants unlimited access
Datacenters:
Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69
Create Index: 4
Modify Index: 4
Rules:
acl = "write"
agent_prefix "" {
policy = "write"
}
event_prefix "" {
policy = "write"
}
key_prefix "" {
policy = "write"
}
keyring = "write"
node_prefix "" {
policy = "write"
}
operator = "write"
query_prefix "" {
policy = "write"
}
service_prefix "" {
policy = "write"
intentions = "write"
}
session_prefix "" {
policy = "write"
}
```