unkin/puppet-prod
2
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity
57870658b5
puppet-prod/site/profiles/manifests/consul/policies.pp
Ben Vincent f536d19034 feat: generate consul policy/tokens 
- generate policy/token to add nodes
- generate policy/token for all nodes
- add base::root profile to manage aspects of the root user
2024-04-27 20:21:57 +10:00

24 lines
620 B
Puppet
Raw Blame History

# profiles::consul::policies
class profiles::consul::policies (
String $root_api_token = lookup('profiles::consul::server::acl_tokens_initial_management'),
) {
consul_policy { 'node_editor':
description => 'Policy to read/write all nodes puppet-generated-policy',
rules => [
{
'resource' => 'node',
'segment' => '',
'disposition' => 'write'
},
{
'resource' => 'node',
'segment' => '',
'disposition' => 'read'
}
],
acl_api_token => $root_api_token,
hostname => $facts['networking']['ip'],
}
}
Reference in New Issue View Git Blame Copy Permalink