Jasmine W a9df6ac50b
docs: update structure (#8506)
- moved and renamed files/folders based on new structure
- updated docs navigation based on new structure
- moved CLI to top nav (created commands.jsx and commands-navigation.js)
- updated and added redirects
- updating to be consistent with standalone categories
- changing "overview" link in top nav to lead to where intro was moved (docs/intro)
- adding redirects for intro content
- deleting old intro folders
- format all data/navigation files
- deleting old commands folder
- reverting changes to glossary page
- adjust intro navigation for removal of 'vs' paths
- add helm page redirect
- fix more redirects
- add a missing redirect
- fix broken anchor links and formatting mistakes
- deleted duplicate section, added redirect, changed link
- removed duplicate glossary page
2020-09-01 11:14:13 -04:00

97 lines
3.1 KiB
Plaintext

---
layout: commands
page_title: 'Commands: ACL Token Update'
sidebar_title: update
---
# Consul ACL Token Update
Command: `consul acl token update`
The `acl token update` command will update a token. Some parts of the token like whether the
token is local to the datacenter cannot be changed.
## Usage
Usage: `consul acl token update [options]`
#### API Options
@include 'http_api_options_client.mdx'
@include 'http_api_options_server.mdx'
#### Command Options
- `-description=<string>` - A description of the token
- `-id=<string>` - The Accessor ID of the token to read. It may be specified as a
unique ID prefix but will error if the prefix matches multiple token Accessor IDs
- `-merge-policies` - Merge the new policies with the existing policies.
- `-merge-roles` - Merge the new roles with the existing roles.
- `-merge-service-identities` - Merge the new service identities with the existing service identities.
- `-meta` - Indicates that token metadata such as the content hash and Raft indices should be
shown for each entry.
- `-policy-id=<value>` - ID of a policy to use for this token. May be specified multiple times.
- `-policy-name=<value>` - Name of a policy to use for this token. May be specified multiple times.
- `-role-id=<value>` - ID of a role to use for this token. May be specified multiple times.
- `-role-name=<value>` - Name of a role to use for this token. May be specified multiple times.
- `-service-identity=<value>` - Name of a service identity to use for this
token. May be specified multiple times. Format is the `SERVICENAME` or
`SERVICENAME:DATACENTER1,DATACENTER2,...`
- `-upgrade-legacy` - Add new polices to a legacy token replacing all existing
rules. This will cause the legacy token to behave exactly like a new token
but keep the same secret.
~> When upgrading a legacy token you must ensure that the new policy or policies
specified grant equivalent or appropriate access for the existing clients using
this token. You can find examples on how to use the parameter in the [legacy
token
migration](https://learn.hashicorp.com/consul/day-2-agent-authentication/migrate-acl-tokens)
guide.
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
#### Enterprise Options
@include 'http_api_namespace_options.mdx'
## Examples
Update the anonymous token:
```shell-session
$ consul acl token update -id anonymous -policy-id 06acc
Token updated successfully.
AccessorID: 00000000-0000-0000-0000-000000000002
SecretID: anonymous
Description: Anonymous Token
Local: false
Create Time: 0001-01-01 00:00:00 +0000 UTC
Policies:
06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read
```
Update a token description and take the policies from the existing token:
```shell-session
$ consul acl token update -id 986193 -description "WonderToken" -merge-policies
Token updated successfully.
AccessorID: 986193b5-e2b5-eb26-6264-b524ea60cc6d
SecretID: ec15675e-2999-d789-832e-8c4794daa8d7
Description: WonderToken
Local: false
Create Time: 2018-10-22 15:33:39.01789 -0400 EDT
Policies:
06acc965-df4b-5a99-58cb-3250930c6324 - node-services-read
```