mirror of https://github.com/hashicorp/consul
55 lines
1.9 KiB
Markdown
55 lines
1.9 KiB
Markdown
---
|
|
layout: commands
|
|
page_title: 'Commands: ACL Bootstrap'
|
|
description: >-
|
|
The `consul acl bootstrap` command generates a new token with unlimited privileges to use for management purposes and outputs the token's details.
|
|
---
|
|
|
|
# Consul ACL Bootstrap
|
|
|
|
Command: `consul acl bootstrap`
|
|
|
|
Corresponding HTTP API Endpoint: [\[PUT\] /v1/acl/bootstrap](/consul/api-docs/acl#bootstrap-acls)
|
|
|
|
The `acl bootstrap` command generates a new token with unlimited privileges to use
|
|
for management purposes and outputs the token's details. Optionally, you can provide a Secret ID to use instead of generating a completely new token. You can create this bootstrapping token only once and afterwards bootstrapping
|
|
will be disabled. If all tokens are lost and you need to bootstrap again you can follow the bootstrap
|
|
[reset procedure](/consul/tutorials/security/access-control-troubleshoot).
|
|
|
|
The table below shows this command's [required ACLs](/consul/api-docs/api-structure#authentication). Configuration of
|
|
[blocking queries](/consul/api-docs/features/blocking) and [agent caching](/consul/api-docs/features/caching)
|
|
are not supported from commands, but may be from the corresponding HTTP endpoint.
|
|
|
|
| ACL Required |
|
|
| ------------ |
|
|
| `none` |
|
|
|
|
## Usage
|
|
|
|
Usage: `consul acl bootstrap [options] [FILE]`
|
|
|
|
If a file is supplied (or `-` for standard input), the new token's Secret ID is read from the file.
|
|
Otherwise, Consul creates a new one.
|
|
|
|
#### Command Options
|
|
|
|
- `-format={pretty|json}` - Command output format. The default value is `pretty`.
|
|
|
|
The output looks like this:
|
|
|
|
```text
|
|
AccessorID: 4d123dff-f460-73c3-02c4-8dd64d136e01
|
|
SecretID: 86cddfb9-2760-d947-358d-a2811156bf31
|
|
Description: Bootstrap Token (Global Management)
|
|
Local: false
|
|
Create Time: 2018-10-22 11:27:04.479026 -0400 EDT
|
|
Policies:
|
|
00000000-0000-0000-0000-000000000001 - global-management
|
|
```
|
|
|
|
#### API Options
|
|
|
|
@include 'http_api_options_client.mdx'
|
|
|
|
@include 'http_api_options_server.mdx'
|