mirror of
https://github.com/kemko/nomad.git
synced 2026-01-01 16:05:42 +03:00
e6a04e06d1
ACL policies are parsed when creating, updating, or compiling the resulting ACL object when used. This parsing was silently ignoring duplicate singleton keys, or invalid keys which does not grant any additional access, but is a poor UX and can be unexpected. This change parses all new policy writes and updates, so that duplicate or invalid keys return an error to the caller. This is called strict parsing. In order to correctly handle upgrades of clusters which have existing policies that would fall foul of the change, a lenient parsing mode is also available. This allows the policy to continue to be parsed and compiled after an upgrade without the need for an operator to correct the policy document prior to further use. Co-authored-by: Tim Gross <tgross@hashicorp.com>
4 lines
110 B
Plaintext
4 lines
110 B
Plaintext
```release-note:bug
|
|
acl: Fixed a bug where ACL policies would silently accept invalid or duplicate blocks
|
|
```
|