Command: acl policy apply
acl policy apply command is used to create or update ACL policies.
nomad acl policy apply [options] <name> <path>
acl policy apply command requires two arguments, the policy name and path
to file. The policy can be read from stdin by setting the path to "-".
This command requires a management ACL token.
-address=<addr>: The address of the Nomad server. Overrides the
NOMAD_ADDRenvironment variable if set. Defaults to
-region=<region>: The region of the Nomad server to forward commands to. Overrides the
NOMAD_REGIONenvironment variable if set. Defaults to the Agent's local region.
-no-color: Disables colored command output. Alternatively,
NOMAD_CLI_NO_COLORmay be set. This option takes precedence over
-force-color: Forces colored command output. This can be used in cases where the usual terminal detection fails. Alternatively,
NOMAD_CLI_FORCE_COLORmay be set. This option has no effect if
-no-coloris also used.
-ca-cert=<path>: Path to a PEM encoded CA cert file to use to verify the Nomad server SSL certificate. Overrides the
NOMAD_CACERTenvironment variable if set.
-ca-path=<path>: Path to a directory of PEM encoded CA cert files to verify the Nomad server SSL certificate. If both
-ca-certis used. Overrides the
NOMAD_CAPATHenvironment variable if set.
-client-cert=<path>: Path to a PEM encoded client certificate for TLS authentication to the Nomad server. Must also specify
-client-key. Overrides the
NOMAD_CLIENT_CERTenvironment variable if set.
-client-key=<path>: Path to an unencrypted PEM encoded private key matching the client certificate from
-client-cert. Overrides the
NOMAD_CLIENT_KEYenvironment variable if set.
-tls-server-name=<value>: The server name to use as the SNI host when connecting via TLS. Overrides the
NOMAD_TLS_SERVER_NAMEenvironment variable if set.
-tls-skip-verify: Do not verify TLS certificate. This is highly not recommended. Verification will also be skipped if
-token: The SecretID of an ACL token to use to authenticate API requests with. Overrides the
NOMAD_TOKENenvironment variable if set.
-description: Sets the human readable description for the ACL policy.
-job: Attaches the policy to the specified job. Requires that
-namespaceis also set.
-namespace: Attaches the policy to the specified namespace. Requires that
-jobis also set.
-group: Attaches the policy to the specified task group. Requires that
-jobare also set.
-task: Attaches the policy to the specified task. Requires that
-groupare also set.
Create a new ACL Policy:
$ nomad acl policy apply my-policy my-policy.json Successfully wrote 'my-policy' ACL policy!
Associate an ACL Policy with a specific task:
$ nomad acl policy apply \ -namespace default -job example -group cache -task redis \ my-policy my-policy.json Successfully wrote 'my-policy' ACL policy!