status-im/consul
2
0
Fork 0
mirror of https://github.com/status-im/consul.git synced 2025-01-09 13:26:07 +00:00
Code Issues Projects Releases Wiki Activity
consul/website/pages/commands/acl/auth-method/create.mdx
Jasmine W a9df6ac50b
docs: update structure (#8506) 
- moved and renamed files/folders based on new structure
- updated docs navigation based on new structure
- moved CLI to top nav (created commands.jsx and commands-navigation.js)
- updated and added redirects
- updating to be consistent with standalone categories
- changing "overview" link in top nav to lead to where intro was moved (docs/intro)
- adding redirects for intro content
- deleting old intro folders
- format all data/navigation files
- deleting old commands folder
- reverting changes to glossary page
- adjust intro navigation for removal of 'vs' paths
- add helm page redirect
- fix more redirects
- add a missing redirect
- fix broken anchor links and formatting mistakes
- deleted duplicate section, added redirect, changed link
- removed duplicate glossary page
2020-09-01 11:14:13 -04:00

94 lines
3.1 KiB
Plaintext
Raw Blame History

---
layout: commands
page_title: 'Commands: ACL Auth Method Create'
sidebar_title: create
---
# Consul ACL Auth Method Create
Command: `consul acl auth-method create`
The `acl auth-method create` command creates new auth methods.
## Usage
Usage: `consul acl auth-method create [options] [args]`
#### API Options
@include 'http_api_options_client.mdx'
@include 'http_api_options_server.mdx'
#### Command Options
- `-description=<string>` - A description of the auth method.
- `-meta` - Indicates that auth method metadata such as the raft indices should
be shown for each entry.
- `-name=<string>` - The new auth method's name. This flag is required.
- `-type=<string>` - The new auth method's type. This flag is required.
- `-display-name=<string>` - An optional name to use instead of the name when
displaying this auth method in a UI. Added in Consul 1.8.0.
- `-max-token-ttl=<duration>` - Duration of time all tokens created by this
auth method should be valid for. Added in Consul 1.8.0.
- `-token-locality=<string>` - Defines the kind of token that this auth method
should produce. This can be either 'local' or 'global'. If empty the value of
'local' is assumed. Added in Consul 1.8.0.
- `-config=<string>` - The configuration for the auth method. Must be JSON. May
be prefixed with '@' to indicate that the value is a file path to load the
config from. '-' may also be given to indicate that the config is available on
stdin. Added in Consul 1.8.0.
- `-kubernetes-ca-cert=<string>` - PEM encoded CA cert for use by the TLS
client used to talk with the Kubernetes API. May be prefixed with '@' to
indicate that the value is a file path to load the cert from. This flag is
required for `-type=kubernetes`.
- `-kubernetes-host=<string>` - Address of the Kubernetes API server. This flag
is required for `-type=kubernetes`.
- `-kubernetes-service-account-jwt=<string>` - A Kubernetes service account JWT
used to access the TokenReview API to validate other JWTs during login. This
flag is required for `-type=kubernetes`.
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
#### Enterprise Options
@include 'http_api_namespace_options.mdx'
- `-namespace-rule-bind-namespace=<value>` - Namespace to bind on match. Can
use `${var}` interpolation. Added in Consul 1.8.0.
- `-namespace-rule-selector=<value>` - An expression that matches against
verified identity attributes returned from the auth method during login to
determine if the namespace rule applies. Added in Consul 1.8.0.
## Examples
Create a new Kubernetes auth method:
```shell-session
$ consul acl auth-method create -name minikube -type kubernetes \
-description 'minikube auth method' \
-kubernetes-host 'https://192.0.2.42:8443' \
-kubernetes-ca-cert '@minikube-ca.crt' \
-kubernetes-service-account-jwt 'eyJhbGciOiJSUzI1NiIsImtpZCI...'
Name: minikube
Type: kubernetes
Description: minikube auth method
Config:
{
"CACert": "-----BEGIN CERTIFICATE-----\n...-----END CERTIFICATE-----\n",
"Host": "https://192.0.2.42:8443",
"ServiceAccountJWT": "eyJhbGciOiJSUzI1NiIsImtpZCI..."
}
```
Reference in New Issue View Git Blame Copy Permalink