ACL nomad multi-region

ducminhle · February 27, 2020, 4:28am

Hi,

I’m deploying nomad cluster with multi-region and set up ACL. When I create ACL token global:

nomad acl token create -name="infra" -type=management -global=true=true

this token can only use on region create, but with another region I get an error:
http: request failed: method=GET path=/v1/acl/policy/anonymous?region=bangalore-dev error="rpc error: ACL token not found" code=403

I follow the doc: https://nomadproject.io/guides/security/acl/

But I not clear at here:
For servers outside the authoritative region, setreplication_tokenin the [aclstanza](https://nomadproject.io/docs/configuration/acl#replication_token). Replication tokens should bemanagementtype tokens which are either created in the authoritative region or created as Global tokens.
My acl config:
acl { enabled = true token_ttl = "30s" policy_ttl = "30s" replication_token = "6e669719-3bf1-212e-ae28-95a8f58fc9b5" }
6e669719-3bf1-212e-ae28-95a8f58fc9b5 -> create with type management

Topic		Replies	Views
Migrate authoritative_region Nomad	3	254	September 27, 2023
Nomad Service Identity Tokens Nomad consul-nomad	2	352	June 22, 2023
Multi datacenter jobs \| andalso auth tokens Nomad	1	410	January 7, 2021
Trouble Setting ACLs Nomad	0	307	July 20, 2021
What the correct process for bootstrapping ACLs in an existing multi-region cluster Nomad acl	1	343	May 19, 2023

ACL nomad multi-region

Related topics