github.com/smintz/nomad@v0.8.3/website/source/api/acl-policies.html.md

github.com/smintz/nomad@v0.8.3/website/source/api/acl-policies.html.md (about)

     1  ---
     2  layout: api
     3  page_title: ACL Policies - HTTP API
     4  sidebar_current: api-acl-policies
     5  description: |-
     6    The /acl/policy endpoints are used to configure and manage ACL policies.
     7  ---
     8  
     9  # ACL Policies HTTP API
    10  
    11  The `/acl/policies` and `/acl/policy/` endpoints are used to manage ACL policies.
    12  For more details about ACLs, please see the [ACL Guide](/guides/acl.html).
    13  
    14  ## List Policies
    15  
    16  This endpoint lists all ACL policies. This lists the policies that have been replicated
    17  to the region, and may lag behind the authoritative region.
    18  
    19  | Method | Path                         | Produces                   |
    20  | ------ | ---------------------------- | -------------------------- |
    21  | `GET`  | `/acl/policies`              | `application/json`         |
    22  
    23  The table below shows this endpoint's support for
    24  [blocking queries](/api/index.html#blocking-queries), [consistency modes](/api/index.html#consistency-modes) and
    25  [required ACLs](/api/index.html#acls).
    26  
    27  | Blocking Queries | Consistency Modes | ACL Required |
    28  | ---------------- | ----------------- | ------------ |
    29  | `YES`            | `all`             | `management` for all policies.<br>Output when given a non-management token will be limited to the policies on the token itself |
    30  
    31  
    32  ### Sample Request
    33  
    34  ```text
    35  $ curl \
    36      https://localhost:4646/v1/acl/policies
    37  ```
    38  
    39  ### Sample Response
    40  
    41  ```json
    42  [
    43    {
    44      "Name": "foo",
    45      "Description": "",
    46      "CreateIndex": 12,
    47      "ModifyIndex": 13,
    48    }
    49  ]
    50  ```
    51  
    52  ## Create or Update Policy
    53  
    54  This endpoint creates or updates an ACL Policy. This request is always forwarded to the
    55  authoritative region.
    56  
    57  | Method | Path                         | Produces                   |
    58  | ------ | ---------------------------- | -------------------------- |
    59  | `POST` | `/acl/policy/:policy_name`   | `(empty body)`             |
    60  
    61  The table below shows this endpoint's support for
    62  [blocking queries](/api/index.html#blocking-queries) and
    63  [required ACLs](/api/index.html#acls).
    64  
    65  | Blocking Queries | ACL Required       |
    66  | ---------------- | ------------------ |
    67  | `NO`             | `management`       |
    68  
    69  ### Parameters
    70  
    71  - `Name` `(string: <required>)` - Specifies the name of the policy.
    72    Creates the policy if the name does not exist, otherwise updates the existing policy.
    73  
    74  - `Description` `(string: <optional>)` - Specifies a human readable description.
    75  
    76  - `Rules` `(string: <required>)` - Specifies the Policy rules in HCL or JSON format.
    77  
    78  ### Sample Payload
    79  
    80  ```json
    81  {
    82      "Name": "my-policy",
    83      "Description": "This is a great policy",
    84      "Rules": ""
    85  }
    86  ```
    87  
    88  ### Sample Request
    89  
    90  ```text
    91  $ curl \
    92      --request POST \
    93      --data @payload.json \
    94      https://localhost:4646/v1/acl/policy/my-policy
    95  ```
    96  
    97  ## Read Policy
    98  
    99  This endpoint reads an ACL policy with the given name. This queries the policy that have been
   100  replicated to the region, and may lag behind the authoritative region.
   101  
   102  
   103  | Method | Path                         | Produces                   |
   104  | ------ | ---------------------------- | -------------------------- |
   105  | `GET` | `/acl/policy/:policy_name`   | `application/json`         |
   106  
   107  The table below shows this endpoint's support for
   108  [blocking queries](/api/index.html#blocking-queries), [consistency modes](/api/index.html#consistency-modes) and
   109  [required ACLs](/api/index.html#acls).
   110  
   111  | Blocking Queries | Consistency Modes | ACL Required |
   112  | ---------------- | ----------------- | ------------ |
   113  | `YES`            | `all`             | `management` or token with access to policy |
   114  
   115  ### Sample Request
   116  
   117  ```text
   118  $ curl \
   119      https://localhost:4646/v1/acl/policy/foo
   120  ```
   121  
   122  ### Sample Response
   123  
   124  ```json
   125  {
   126    "Name": "foo",
   127    "Rules": "",
   128    "Description": "",
   129    "CreateIndex": 12,
   130    "ModifyIndex": 13
   131  }
   132  ```
   133  
   134  ## Delete Policy
   135  
   136  This endpoint deletes the named ACL policy. This request is always forwarded to the
   137  authoritative region.
   138  
   139  | Method   | Path                         | Produces                   |
   140  | -------- | ---------------------------- | -------------------------- |
   141  | `DELETE` | `/acl/policy/:policy_name`   | `(empty body)`             |
   142  
   143  The table below shows this endpoint's support for
   144  [blocking queries](/api/index.html#blocking-queries) and
   145  [required ACLs](/api/index.html#acls).
   146  
   147  | Blocking Queries | ACL Required  |
   148  | ---------------- | ------------- |
   149  | `NO`             | `management`  |
   150  
   151  ### Parameters
   152  
   153  - `policy_name` `(string: <required>)` - Specifies the policy name to delete.
   154  
   155  ### Sample Request
   156  
   157  ```text
   158  $ curl \
   159      --request DELETE \
   160      https://localhost:4646/v1/acl/policy/foo
   161  ```
   162