mirror of https://github.com/status-im/consul.git
144 lines
3.3 KiB
Plaintext
144 lines
3.3 KiB
Plaintext
---
|
|
layout: commands
|
|
page_title: 'Commands: ACL Policy Read'
|
|
description: |
|
|
The `consul acl policy read` command outputs rules that make up an ACL policy of the specified ID.
|
|
---
|
|
|
|
# Consul ACL Policy Read
|
|
|
|
Command: `consul acl policy read`
|
|
|
|
Corresponding HTTP API Endpoints: [\[GET\] /v1/acl/policy/:id](/consul/api-docs/acl/policies#read-a-policy), [\[GET\] /v1/acl/policy/name/:name](/consul/api-docs/acl/policies#read-a-policy-by-name)
|
|
|
|
The `acl policy read` command reads and displays a policies details.
|
|
|
|
The table below shows this command's [required ACLs](/consul/api-docs/api-structure#authentication). Configuration of
|
|
[blocking queries](/consul/api-docs/features/blocking) and [agent caching](/consul/api-docs/features/caching)
|
|
are not supported from commands, but may be from the corresponding HTTP endpoint.
|
|
|
|
| ACL Required |
|
|
| ------------ |
|
|
| `acl:read` |
|
|
|
|
## Usage
|
|
|
|
Usage: `consul acl policy read [options] [args]`
|
|
|
|
#### Command Options
|
|
|
|
- `-id=<string>` - The ID of the policy to read. It may be specified as a unique ID
|
|
prefix but will error if the prefix matches multiple policy IDs.
|
|
|
|
- `-meta` - Indicates that policy metadata such as the content hash and raft
|
|
indices should be shown for each entry.
|
|
|
|
- `-name=<string>` - The name of the policy to read.
|
|
|
|
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
|
|
|
|
#### Enterprise Options
|
|
|
|
@include 'cli-http-api-partition-options.mdx'
|
|
|
|
@include 'http_api_namespace_options.mdx'
|
|
|
|
#### API Options
|
|
|
|
@include 'http_api_options_client.mdx'
|
|
|
|
@include 'http_api_options_server.mdx'
|
|
|
|
## Examples
|
|
|
|
Get policy details:
|
|
|
|
```shell-session
|
|
$ consul acl policy read -id 00000000-0000-0000-0000-000000000001
|
|
ID: 00000000-0000-0000-0000-000000000001
|
|
Name: global-management
|
|
Description: Builtin Policy that grants unlimited access
|
|
Datacenters:
|
|
Rules:
|
|
|
|
acl = "write"
|
|
agent_prefix "" {
|
|
policy = "write"
|
|
}
|
|
event_prefix "" {
|
|
policy = "write"
|
|
}
|
|
key_prefix "" {
|
|
policy = "write"
|
|
}
|
|
keyring = "write"
|
|
node_prefix "" {
|
|
policy = "write"
|
|
}
|
|
operator = "write"
|
|
query_prefix "" {
|
|
policy = "write"
|
|
}
|
|
service_prefix "" {
|
|
policy = "write"
|
|
intentions = "write"
|
|
}
|
|
session_prefix "" {
|
|
policy = "write"
|
|
}
|
|
```
|
|
|
|
Get policy details by name:
|
|
|
|
```shell-session
|
|
$ consul acl policy read -name "acl-replication"
|
|
ID: 35b8ecb0-707c-ee18-2002-81b238b54b38
|
|
Name: acl-replication
|
|
Description: Token capable of replicating ACL policies
|
|
Datacenters:
|
|
Rules:
|
|
acl = "read"
|
|
```
|
|
|
|
Get policy details (Builtin Policies):
|
|
|
|
Builtin policies can be accessed by specifying their original name as the value to the `-id` parameter.
|
|
|
|
```shell-session
|
|
$ consul acl policy read -id global-management
|
|
ID: 00000000-0000-0000-0000-000000000001
|
|
Name: global-management
|
|
Description: Builtin Policy that grants unlimited access
|
|
Datacenters:
|
|
Hash: b30210b7aba9facd1c57891e3df27669174a08b690cb2905e0797535f75eba69
|
|
Create Index: 4
|
|
Modify Index: 4
|
|
Rules:
|
|
|
|
acl = "write"
|
|
agent_prefix "" {
|
|
policy = "write"
|
|
}
|
|
event_prefix "" {
|
|
policy = "write"
|
|
}
|
|
key_prefix "" {
|
|
policy = "write"
|
|
}
|
|
keyring = "write"
|
|
node_prefix "" {
|
|
policy = "write"
|
|
}
|
|
operator = "write"
|
|
query_prefix "" {
|
|
policy = "write"
|
|
}
|
|
service_prefix "" {
|
|
policy = "write"
|
|
intentions = "write"
|
|
}
|
|
session_prefix "" {
|
|
policy = "write"
|
|
}
|
|
```
|