To choose my own acl_token_master `consul boostrap acl`


Is there anyway to run consul acl boostrap by setting the acl master token instead of letting consul generate a new one ?

I tried both the following commands, but none of them works. A new secret ID is generated and my token does not work.

consul acl bootstrap -token=xxxxx


consul acl bootstrap

My goal is to create the acl master token out of consul, so I can add it to a kubernetes secret and set it as environment variable in my consul pod.

Even if this would be possible it should be an option using -dev. :slightly_smiling_face:

What’s wrong with that ?
It’s already possible to set the acl master token in the config file :

          tokens {
               master = "xxxxxxxx"

Misunderstanding. :smile:

1 Like

@yakhyadabo the only way to predefine the token is to set it in config via

tokens {
  master = ...

As you posted above.

I write the following script to make it work :

sed -i 's/\"master\":.*/\"master\": \"'$CONSUL_HTTP_MASTER_TOKEN'\",/g' config.json
sed -i 's/\"agent\":.*/\"agent\": \"'$CONSUL_HTTP_TOKEN'\"/g' config.json

export CONSUL_HTTP_ADDR=https://localhost:8501

consul agent -advertise...