ACLs: add fine-grained ACLs for Sentinel CRUD operations#27556
Merged
Conversation
tgross
force-pushed
the
NMD512-acls-for-sentinel-ce
branch
from
55c3e44 to
ed21dac
Compare
tgross
force-pushed
the
NMD512-acls-for-sentinel-ce
branch
from
ed21dac to
64382cb
Compare
tgross
force-pushed
the
NMD512-acls-for-sentinel-ce
branch
from
64382cb to
9fc02fd
Compare
Updating Sentinel policies currently requires a management token. We'd like to break up the management token capabilities so that users can provide less-privileged tokens to services for specific purposes. For example, one might want to run testing on Sentinel policies and not allow that test pipeline to have full management access. Add support for fine-grained ACLs on Sentinel CRUD operations. Note that unlike most ACLs, Sentinel is disabled when ACLs are disabled. This is the CE portion of the work. The Sentinel RPC handlers are in the Enterprise PR. Ref: hashicorp/nomad-enterprise#3700 Ref: https://hashicorp.atlassian.net/browse/NMD-512 Fixes: #24225
tgross
force-pushed
the
NMD512-acls-for-sentinel-ce
branch
from
9fc02fd to
d2f244d
Compare
Merged
7 tasks
tgross
added a commit
that referenced
this pull request
Feb 20, 2026
Updating Sentinel policies currently requires a management token. We'd like to break up the management token capabilities so that users can provide less-privileged tokens to services for specific purposes. For example, one might want to run testing on Sentinel policies and not allow that test pipeline to have full management access. Add support for fine-grained ACLs on Sentinel CRUD operations. Note that unlike most ACLs, Sentinel is disabled when ACLs are disabled. This is the CE portion of the work. The Sentinel RPC handlers are in the Enterprise PR. Ref: hashicorp/nomad-enterprise#3700 Ref: https://hashicorp.atlassian.net/browse/NMD-512 Fixes: #24225
15 tasks
tgross
added a commit
that referenced
this pull request
Feb 20, 2026
…27556) (#27557) Updating Sentinel policies currently requires a management token. We'd like to break up the management token capabilities so that users can provide less-privileged tokens to services for specific purposes. For example, one might want to run testing on Sentinel policies and not allow that test pipeline to have full management access. Add support for fine-grained ACLs on Sentinel CRUD operations. Note that unlike most ACLs, Sentinel is disabled when ACLs are disabled. This is the CE portion of the work. The Sentinel RPC handlers are in the Enterprise PR. Ref: hashicorp/nomad-enterprise#3700 Ref: https://hashicorp.atlassian.net/browse/NMD-512 Fixes: #24225 Co-authored-by: Tim Gross <tgross@hashicorp.com>
tgross
added a commit
to hashicorp/web-unified-docs
that referenced
this pull request
Feb 26, 2026
The Nomad snapshot agent needs to save snapshots and check the Enterprise license for Enterprise features. We'd also like to reduce the strength of the token required for keyring rotation. In hashicorp/nomad#27525 and hashicorp/nomad#27526 we've added fine-grained ACL capabilities. In hashicorp/nomad#27556 we've added new Sentinel policies along the same lines.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updating Sentinel policies currently requires a management token. We'd like to break up the management token capabilities so that users can provide less-privileged tokens to services for specific purposes. For example, one might want to run testing on Sentinel policies and not allow that test pipeline to have full management access.
Add support for fine-grained ACLs on Sentinel CRUD operations. Note that unlike most ACLs, Sentinel is disabled when ACLs are disabled.
This is the CE portion of the work. The Sentinel RPC handlers are in the Enterprise PR.
Ref: https://github.com/hashicorp/nomad-enterprise/pull/3700
Ref: https://hashicorp.atlassian.net/browse/NMD-512
Fixes: #24225
Generative AI disclosure: these ACL package code changes were substantially generated via IBM Bob (with heavy hand-holding), while the RPC handler code and its test updates in the ENT PR were done solely by me. Fully reviewed and tested by me before marking ready for review.
Contributor Checklist
changelog entry using the
make clcommand.ensure regressions will be caught.
Reviewer Checklist
backporting document.
in the majority of situations. The main exceptions are long-lived feature branches or merges where
history should be preserved.
within the public repository.
Changes to Security Controls
Are there any changes to security controls (access controls, encryption, logging) in this pull request? If so, explain.