docs: added section of needed ACL rules for Nomad UI (#16494)

hashicorp · Mar 24, 2023 · b84c455 · b84c455
1 parent fffdbdf
commit b84c455
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/website/content/docs/other-specifications/acl-policy.mdx b/website/content/docs/other-specifications/acl-policy.mdx
@@ -382,6 +382,22 @@ The `policy` field for the plugin rule can have one of the following values:
 - `deny`: do not allow the resource to be read or modified. Deny takes
   precedence when multiple policies are associated with a token.
 
+## Configuring ACLs for the web UI
+
+The Nomad web UI uses the API endpoints `/v1/agent` and `/v1/node` for nearly
+every page. ACL policies for users who will use the Nomad UI should include the
+following rules.
+
+```hcl
+node {
+  policy = "read"
+}
+
+agent {
+  policy = "read"
+}
+```
+
 
 [Secure Nomad with Access Control]: /nomad/tutorials/access-control
 [hcl]: https://github.com/hashicorp/hcl