• HashiCorp Developer

  • HashiCorp Cloud Platform
  • Terraform
  • Packer
  • Consul
  • Vault
  • Boundary
  • Nomad
  • Waypoint
  • Vagrant
Nomad
  • Install
  • Intro
  • Tutorials
  • Documentation
  • API
  • Tools
  • Plugins
  • Sign up
Nomad Home

Documentation

Skip to main contentOverview

    • Overview
      • Overview
      • bootstrap
        • apply
        • delete
        • info
        • list
    • agent
    • agent-info
    • fmt
    • monitor
    • status
    • ui
    • version

  • Schedulers

  • Nomad Ecosystem
  • Nomad Partnerships
  • Who Uses Nomad
  • FAQ

  • Resources

  • Tutorial Library
  • Community Forum
    (opens in new tab)
  • Support
    (opens in new tab)
  • GitHub
    (opens in new tab)
  1. Developer
  2. Nomad
  3. Documentation
  4. Commands (CLI)
  5. acl
  6. policy
  7. apply
  • Nomad
  • v1.3.x
  • v1.2.x
  • v1.1.x
  • v1.0.x
  • v0.12.x
  • v0.11.x

»Command: acl policy apply

The acl policy apply command is used to create or update ACL policies.

Usage

nomad acl policy apply [options] <name> <path>

The acl policy apply command requires two arguments, the policy name and path to file. The policy can be read from stdin by setting the path to "-".

This command requires a management ACL token.

General Options

  • -address=<addr>: The address of the Nomad server. Overrides the NOMAD_ADDR environment variable if set. Defaults to http://127.0.0.1:4646.

  • -region=<region>: The region of the Nomad server to forward commands to. Overrides the NOMAD_REGION environment variable if set. Defaults to the Agent's local region.

  • -no-color: Disables colored command output. Alternatively, NOMAD_CLI_NO_COLOR may be set. This option takes precedence over -force-color.

  • -force-color: Forces colored command output. This can be used in cases where the usual terminal detection fails. Alternatively, NOMAD_CLI_FORCE_COLOR may be set. This option has no effect if -no-color is also used.

  • -ca-cert=<path>: Path to a PEM encoded CA cert file to use to verify the Nomad server SSL certificate. Overrides the NOMAD_CACERT environment variable if set.

  • -ca-path=<path>: Path to a directory of PEM encoded CA cert files to verify the Nomad server SSL certificate. If both -ca-cert and -ca-path are specified, -ca-cert is used. Overrides the NOMAD_CAPATH environment variable if set.

  • -client-cert=<path>: Path to a PEM encoded client certificate for TLS authentication to the Nomad server. Must also specify -client-key. Overrides the NOMAD_CLIENT_CERT environment variable if set.

  • -client-key=<path>: Path to an unencrypted PEM encoded private key matching the client certificate from -client-cert. Overrides the NOMAD_CLIENT_KEY environment variable if set.

  • -tls-server-name=<value>: The server name to use as the SNI host when connecting via TLS. Overrides the NOMAD_TLS_SERVER_NAME environment variable if set.

  • -tls-skip-verify: Do not verify TLS certificate. This is highly not recommended. Verification will also be skipped if NOMAD_SKIP_VERIFY is set.

  • -token: The SecretID of an ACL token to use to authenticate API requests with. Overrides the NOMAD_TOKEN environment variable if set.

Apply Options

  • -description: Sets the human readable description for the ACL policy.

  • -job: Attaches the policy to the specified job. Requires that -namespace is also set.

  • -namespace: Attaches the policy to the specified namespace. Requires that -job is also set.

  • -group: Attaches the policy to the specified task group. Requires that -namespace and -job are also set.

  • -task: Attaches the policy to the specified task. Requires that -namespace, -job and -group are also set.

Examples

Create a new ACL Policy:

$ nomad acl policy apply my-policy my-policy.json
Successfully wrote 'my-policy' ACL policy!

Associate an ACL Policy with a specific task:

$ nomad acl policy apply \
    -namespace default -job example -group cache -task redis \
    my-policy my-policy.json
Successfully wrote 'my-policy' ACL policy!
Edit this page on GitHub

On this page

  1. Command: acl policy apply
  2. Usage
  3. General Options
  4. Apply Options
  5. Examples
Give Feedback(opens in new tab)
  • Certifications
  • System Status
  • Terms of Use
  • Security
  • Privacy
  • Trademark Policy
  • Trade Controls
  • Give Feedback(opens in new tab)