New in version 2.0.
host of the consul agent defaults to localhost
a management token is required to manipulate the acl lists
the name that should be associated with the acl key, this is opaque to Consul
the port on which the consul agent is running
an list of the rules that should be associated with a given token.
(added in 2.1)
the protocol scheme on which the consul agent is running
whether the ACL pair should be present or absent
the token key indentifying an ACL rule set. If generated by consul this will be a UUID.
the type of token that should be created, either management or client
(added in 2.1)
whether to verify the tls certificate of the consul agent
- name: create an acl token with rules consul_acl: mgmt_token: 'some_management_acl' host: 'consul1.mycluster.io' name: 'Foo access' rules: - key: 'foo' policy: read - key: 'private/foo' policy: deny - name: create an acl with specific token with both key and service rules consul_acl: mgmt_token: 'some_management_acl' name: 'Foo access' token: 'some_client_token' rules: - key: 'foo' policy: read - service: '' policy: write - service: 'secret-' policy: deny - name: remove a token consul_acl: mgmt_token: 'some_management_acl' host: 'consul1.mycluster.io' token: '172bd5c8-9fe9-11e4-b1b0-3c15c2c9fd5e' state: absent
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is community maintained without core committer oversight.
For more information on what this means please read Module Support