-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for initial_management
token like in Consul
#7777
Comments
Agreed, having the option to create tokens with predefined values like in Consul would be a big help and keep things more consistent. |
Same here main use case is configuration management so we could have clusters bootstrap ACLs themselves in a much more straightforward way. |
+1 we would like to see this feature as well. |
+1, would love to get feature parity with Consul for token management. |
Good suggestion! We will mark it as an enhancement we'd consider in the roadmap. Thanks! |
Copying my comment from the PR so it doesn't get lost when the PR is closed: What do you think about altering the /acl/bootstrap endpoint (or maybe even introduce a new one) to allow the enduser to submit a token pair to it (AccessorID & SecretID) which will be used as the initial management token? This way you can safely store the token pair in a system suitable for your automation (for example an ansible vault) but you would not leak it onto the machines. |
acl.tokens.master
like in Consulinitial_management
token like in Consul
Looks like this would be fixed by #12520 |
I'm going to lock this issue because it has been closed for 120 days ⏳. This helps our maintainers find and focus on the active issues. |
It would be great if it were possible to preset a token with access-id & secret-id like in consul: https://www.consul.io/docs/agent/options.html#acl_tokens This way nomad could be initialized easier via configuration management tools.
The text was updated successfully, but these errors were encountered: