The consul_acl_token
resource writes an ACL token into Consul.
# Basic usage
resource "consul_acl_policy" "agent" {
name = "agent"
rules = <<-RULE
node_prefix "" {
policy = "read"
}
RULE
}
resource "consul_acl_token" "test" {
description = "my test token"
policies = [consul_acl_policy.agent.name]
local = true
}
# Explicitly set the `accessor_id`
resource "random_uuid" "test" {}
resource "consul_acl_token" "test_predefined_id" {
accessor_id = random_uuid.test_uuid.result
description = "my test uuid token"
policies = [consul_acl_policy.agent.name]
local = true
}
accessor_id
(String) The uuid of the token. If omitted, Consul will generate a random uuid.description
(String) The description of the token.expiration_time
(String) If set this represents the point after which a token should be considered revoked and is eligible for destruction.local
(Boolean) The flag to set the token local to the current datacenter.namespace
(String) The namespace to create the token within.node_identities
(Block List) The list of node identities that should be applied to the token. (see below for nested schema)partition
(String) The partition the ACL token is associated with.policies
(Set of String) The list of policies attached to the token.roles
(Set of String) The list of roles attached to the token.service_identities
(Block List) The list of service identities that should be applied to the token. (see below for nested schema)templated_policies
(Block List) The list of templated policies that should be applied to the token. (see below for nested schema)id
(String) The ID of this resource.node_identities
Required:
datacenter
(String) The datacenter of the node.node_name
(String) The name of the node.service_identities
Required:
service_name
(String) The name of the service.Optional:
datacenters
(List of String) Specifies the datacenters the effective policy is valid within.templated_policies
Required:
template_name
(String) The name of the templated policies.Optional:
datacenters
(List of String) Specifies the datacenters the effective policy is valid within.template_variables
(Block List, Max: 1) The templated policy variables. (see below for nested schema)templated_policies.template_variables
Optional:
name
(String) The name of node, workload identity or service.Import is supported using the following syntax:
terraform import consul_acl_token.anonymous 00000000-0000-0000-0000-000000000002
terraform import consul_acl_token.master-token 624d94ca-bc5c-f960-4e83-0a609cf588be