23 lines
507 B
HCL
23 lines
507 B
HCL
resource "nomad_job" "nomad-fixers" {
|
|
jobspec = file("${path.module}/nomad-fixers.nomad")
|
|
}
|
|
|
|
resource "nomad_acl_policy" "nomad_fixers_workload" {
|
|
name = "nomad-fixers-workload"
|
|
description = "Give nomad fixers access to the Nomad api for fixing things"
|
|
rules_hcl = <<EOH
|
|
namespace "default" {
|
|
capabilities = [
|
|
"list-jobs",
|
|
"read-job",
|
|
"submit-job", # This allows deleting a service registeration
|
|
"alloc-lifecycle",
|
|
]
|
|
}
|
|
EOH
|
|
|
|
job_acl {
|
|
job_id = "fixers/*"
|
|
}
|
|
}
|