|
|
|
@ -202,15 +202,12 @@ true
|
|
|
|
</Tab>
|
|
|
|
</Tab>
|
|
|
|
</Tabs>
|
|
|
|
</Tabs>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
### Update terminating gateway ACL role if ACLs are enabled
|
|
|
|
### Update terminating gateway ACL role if ACLs are enabled
|
|
|
|
|
|
|
|
|
|
|
|
If ACLs are enabled, update the terminating gateway acl role to have `service: write` permissions on all of the services
|
|
|
|
If ACLs are enabled, update the terminating gateway acl role to have `service: write` permissions on all of the services
|
|
|
|
being represented by the gateway:
|
|
|
|
being represented by the gateway.
|
|
|
|
|
|
|
|
|
|
|
|
- Create a new policy that includes these permissions
|
|
|
|
Create a new policy that includes the write permission for the service you created.
|
|
|
|
- Update the existing role to include the new policy
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<CodeBlockConfig filename="write-policy.hcl">
|
|
|
|
<CodeBlockConfig filename="write-policy.hcl">
|
|
|
|
|
|
|
|
|
|
|
|
@ -242,7 +239,7 @@ consul acl role list | grep -B 6 -- "- RELEASE_NAME-terminating-gateway-policy"
|
|
|
|
ID: <role id>
|
|
|
|
ID: <role id>
|
|
|
|
```
|
|
|
|
```
|
|
|
|
|
|
|
|
|
|
|
|
Update the terminating gateway acl token with the new policy
|
|
|
|
Update the terminating gateway ACL token with the new policy.
|
|
|
|
|
|
|
|
|
|
|
|
```shell-session
|
|
|
|
```shell-session
|
|
|
|
$ consul acl role update -id <role id> -policy-name example-https-write-policy
|
|
|
|
$ consul acl role update -id <role id> -policy-name example-https-write-policy
|
|
|
|
|
Thomas Eckert
2 years ago