kemko/nomad
1
0
Fork 0
mirror of https://github.com/kemko/nomad.git synced 2026-01-04 17:35:43 +03:00
Code Issues Packages Projects Releases Wiki Activity

docs: add a note to binding rules docs about multiple rules application (#20624)

Browse Source
This commit is contained in:
Piotr Kazmierczak
2024-05-17 17:40:12 +02:00
committed by GitHub
parent 7d00a494d9
commit b5bca27c07
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
website/content/docs/concepts/acl.mdx
View File

@@ -72,6 +72,13 @@ is directly related to a single auth method, and therefore only evaluated by
login attempts using that method. All binding rules mapped to an auth method
are evaluated during each login attempt.
<Note>
Binding rules are evaluated in no specific order, and should there be an
overlap in their selectors or scope, a "sum" of all the binding rules will be
applied, thus the least granular binding rules will always override the more
granular ones, as long as they apply to the same auth method and identity.
</Note>
A successful selector match between an SSO provider claim and a binding rule
will result in the generated ACL token having the identified ACL role or policy
assigned to it. If the `BindType` parameter is `management`, the ACL token