mirror of https://github.com/status-im/consul.git
69 lines
2.0 KiB
Plaintext
69 lines
2.0 KiB
Plaintext
---
|
|
layout: "docs"
|
|
page_title: "Commands: ACL Auth Method Create"
|
|
sidebar_current: "docs-commands-acl-auth-method-create"
|
|
---
|
|
|
|
# Consul ACL Auth Method Create
|
|
|
|
Command: `consul acl auth-method create`
|
|
|
|
The `acl auth-method create` command creates new auth methods.
|
|
|
|
## Usage
|
|
|
|
Usage: `consul acl auth-method create [options] [args]`
|
|
|
|
#### API Options
|
|
|
|
<%= partial "docs/commands/http_api_options_client" %>
|
|
<%= partial "docs/commands/http_api_options_server" %>
|
|
|
|
#### Command Options
|
|
|
|
* `-description=<string>` - A description of the auth method.
|
|
|
|
* `-meta` - Indicates that auth method metadata such as the raft indices should
|
|
be shown for each entry.
|
|
|
|
* `-name=<string>` - The new auth method's name. This flag is required.
|
|
|
|
* `-type=<string>` - The new auth method's type. This flag is required.
|
|
|
|
* `-kubernetes-ca-cert=<string>` - PEM encoded CA cert for use by the TLS
|
|
client used to talk with the Kubernetes API. May be prefixed with '@' to
|
|
indicate that the value is a file path to load the cert from. This flag is
|
|
required for `-type=kubernetes`.
|
|
|
|
* `-kubernetes-host=<string>` - Address of the Kubernetes API server. This flag
|
|
is required for `-type=kubernetes`.
|
|
|
|
* `-kubernetes-service-account-jwt=<string>` - A Kubernetes service account JWT
|
|
used to access the TokenReview API to validate other JWTs during login. This
|
|
flag is required for `-type=kubernetes`.
|
|
|
|
#### Enterprise Options
|
|
|
|
<%= partial "docs/commands/http_api_namespace_options" %>
|
|
|
|
## Examples
|
|
|
|
Create a new Kubernetes auth method:
|
|
|
|
```sh
|
|
$ consul acl auth-method create -name minikube -type kubernetes \
|
|
-description 'minikube auth method' \
|
|
-kubernetes-host 'https://192.0.2.42:8443' \
|
|
-kubernetes-ca-cert '@minikube-ca.crt' \
|
|
-kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...'
|
|
Name: minikube
|
|
Type: kubernetes
|
|
Description: minikube auth method
|
|
Config:
|
|
{
|
|
"CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
|
|
"Host": "https://192.0.2.42:8443",
|
|
"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..."
|
|
}
|
|
```
|