Skip to content

CLI: allow nomad acl token update to move a token from client to management #20468

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
CLI: allow nomad acl token update to move a token from client to management#20468
Labels
stage/acceptedConfirmed, and intend to work on. No timeline committment though.theme/clitype/bug
@philrenaud

Description

@philrenaud
philrenaud
opened on Apr 22, 2024

Currently the reason this isn't possible is less "it's not allowed" as much as it is "Management tokens cannot have any policies, as a prerequisite, and client tokens must have at least one policy, as a prerequisite, and you cannot bring the number of policies on a client token down to 0"

So, we (could/should) handle something like nomad acl token update -type=management <accessor> by:

  1. Just removing any policies (and roles) on that token and saying "okay it's a management token now", or
  2. Mandating but allowing the removal of policies/roles at conversion-to-management time with nomad acl token update -type=management -policy="" or something similar

Metadata

Assignees

No one assigned

    Labels

    stage/acceptedConfirmed, and intend to work on. No timeline committment though.theme/clitype/bug

    Type

    No type

    Projects

    Nomad - Community Issues Triage

    • Status

      Needs Roadmapping

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions