Skip to content
/ ansible-consul-acl Public

Ansible role to manage HashiCorp Consul Tokens with ACL and Policies, with the newest API (Consul >= 1.4.0)

License

GPL-3.0 license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

eagleusb/ansible-consul-acl

BranchesTags

Repository files navigation

ansible-consul-acl

Manage Consul ACL and Tokens declaratively with Ansible.

ansible-version last-commit license

Requirements

  • python-consul2 = ">=0.1.4"
  • requests = "*"
  • pyhcl = ">=0.4.4"

Quickstart

ansible-galaxy install eagleusb.consul_acl

Variables

Name Required Default Value Description
consul_master_token yes nil privileged master token to access consul api
consul_server yes - consul server addr, port, scheme
consul_client_token no [] tokens(s) to add or update with associated rules
consul_remove_token no [] token(s) to remove from consul

Playbook Example

- name: "consul-acl"
  hosts: all
  roles:
    - role: "ansible-consul-acl"
      vars:
        consul_server:
          addr: "127.0.0.1"
          port: 8500
          scheme: "http"
        consul_master_token: "123-456-789"
        consul_client_token:
          - client: "foobar-todelete-later"
            token: "123-456-789"
          - client: "foobar-with-random-token"
          - client: "foobar-with-datacenters"
            datacenters:
              - "dc1"
          - client: "foobar-shuttle"
            token: "123-456-789"
            rules:
              event:
                "fiesta":
                    policy: write
              key:
                "foo/bar":
                  policy: read
                "foo/private":
                  policy: deny
              keyring: write
              node:
                "my-node":
                  policy: write
              operator: read
              query:
                "":
                  policy: write
              service:
                "consul":
                  policy: write
              session:
                "standup":
                  policy: write
        consul_remove_token:
          - client: "foobar-todelete-later"

License

GNU GENERAL PUBLIC LICENSE Version 3

About

Ansible role to manage HashiCorp Consul Tokens with ACL and Policies, with the newest API (Consul >= 1.4.0)

Topics

ansible consul ansible-role hashicorp hashicorp-consul

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages