Home Explore Help
Sign In
Tailscale
/
tailscale
mirror of https://github.com/tailscale/tailscale.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

api.md: lowercase ACL field names

Making this match https://tailscale.com/kb/1018/acls

Signed-off-by: Anton Tolchanov <[email protected]>
Anton Tolchanov 3 years ago
parent
71c0e8d428
commit
d6dbefaa91
1 changed files with 34 additions and 34 deletions
Split View Show Diff Stats
  1. 34 34
      api.md

+ 34 - 34
api.md
View File 

@@ -402,20 +402,20 @@ Etag: "e0b2816b418b3f266309d94426ac7668ab3c1fa87798785bf82f1085cc2f6d9c"
 
 
 // Example/default ACLs for unrestricted connections.
 
 {
 
-    "Tests": [],
 
+    "tests": [],
 
     // Declare static groups of users beyond those in the identity service.
 
-    "Groups": {
 
+    "groups": {
 
         "group:example": [
 
             "[email protected]",
 
             "[email protected]"
 
         ],
 
     },
 
     // Declare convenient hostname aliases to use in place of IP addresses.
 
-    "Hosts": {
 
+    "hosts": {
 
         "example-host-1": "100.100.100.100",
 
     },
 
     // Access control lists.
 
-    "ACLs": [
 
+    "acls": [
 
         // Match absolutely everything. Comment out this section if you want
 
         // to define specific ACL restrictions.
 
         {
 
@@ -494,14 +494,14 @@ A special value `ts-default` will ensure that ACL will be set only if current AC
 
 The POST body should be a JSON or [HuJSON](https://github.com/tailscale/hujson#hujson---human-json) formatted JSON object.
 
 An ACL policy may contain the following top-level properties:
 
 
-* `Groups` - Static groups of users which can be used for ACL rules.
 
-* `Hosts` - Hostname aliases to use in place of IP addresses or subnets.
 
-* `ACLs` - Access control lists.
 
-* `TagOwners` - Defines who is allowed to use which tags.
 
-* `Tests` - Run on ACL updates to check correct functionality of defined ACLs.
 
-* `AutoApprovers` - Defines which users can advertise routes or exit nodes without further approval.
 
-* `SSH` - Configures access policy for Tailscale SSH.
 
-* `NodeAttrs` - Defines which devices can use certain features.
 
+* `groups` - Static groups of users which can be used for ACL rules.
 
+* `hosts` - Hostname aliases to use in place of IP addresses or subnets.
 
+* `acls` - Access control lists.
 
+* `tagOwners` - Defines who is allowed to use which tags.
 
+* `tests` - Run on ACL updates to check correct functionality of defined ACLs.
 
+* `autoApprovers` - Defines which users can advertise routes or exit nodes without further approval.
 
+* `ssh` - Configures access policy for Tailscale SSH.
 
+* `nodeAttrs` - Defines which devices can use certain features.
 
 
 See https://tailscale.com/kb/1018/acls for more information on those properties.
 
 
@@ -514,22 +514,22 @@ curl 'https://api.tailscale.com/api/v2/tailnet/example.com/acl' \
 
   --data-binary '// Example/default ACLs for unrestricted connections.
 
 {
 
   // Declare tests to check functionality of ACL rules. User must be a valid user with registered machines.
 
-  "Tests": [
 
-    // {"User": "[email protected]", "Allow": ["example-host-1:22"], "Deny": ["example-host-2:100"]},
 
+  "tests": [
 
+    // {"src": "[email protected]", "accept": ["example-host-1:22"], "deny": ["example-host-2:100"]},
 
   ],
 
   // Declare static groups of users beyond those in the identity service.
 
-  "Groups": {
 
+  "groups": {
 
     "group:example": [ "[email protected]", "[email protected]" ],
 
   },
 
   // Declare convenient hostname aliases to use in place of IP addresses.
 
-  "Hosts": {
 
+  "hosts": {
 
     "example-host-1": "100.100.100.100",
 
   },
 
   // Access control lists.
 
-  "ACLs": [
 
+  "acls": [
 
     // Match absolutely everything. Comment out this section if you want
 
     // to define specific ACL restrictions.
 
-    { "Action": "accept", "Users": ["*"], "Ports": ["*:*"] },
 
+    { "action": "accept", "users": ["*"], "ports": ["*:*"] },
 
   ]
 
 }'
 
 ```
 
@@ -539,22 +539,22 @@ Response:
 
 // Example/default ACLs for unrestricted connections.
 
 {
 
   // Declare tests to check functionality of ACL rules. User must be a valid user with registered machines.
 
-  "Tests": [
 
-    // {"User": "[email protected]", "Allow": ["example-host-1:22"], "Deny": ["example-host-2:100"]},
 
+  "tests": [
 
+    // {"src": "[email protected]", "accept": ["example-host-1:22"], "deny": ["example-host-2:100"]},
 
   ],
 
   // Declare static groups of users beyond those in the identity service.
 
-  "Groups": {
 
+  "groups": {
 
     "group:example": [ "[email protected]", "[email protected]" ],
 
   },
 
   // Declare convenient hostname aliases to use in place of IP addresses.
 
-  "Hosts": {
 
+  "hosts": {
 
     "example-host-1": "100.100.100.100",
 
   },
 
   // Access control lists.
 
-  "ACLs": [
 
+  "acls": [
 
     // Match absolutely everything. Comment out this section if you want
 
     // to define specific ACL restrictions.
 
-    { "Action": "accept", "Users": ["*"], "Ports": ["*:*"] },
 
+    { "action": "accept", "users": ["*"], "ports": ["*:*"] },
 
   ]
 
 }
 
 ```
 
@@ -597,22 +597,22 @@ curl 'https://api.tailscale.com/api/v2/tailnet/example.com/acl/preview?previewFo
 
   --data-binary '// Example/default ACLs for unrestricted connections.
 
 {
 
   // Declare tests to check functionality of ACL rules. User must be a valid user with registered machines.
 
-  "Tests": [
 
-    // {"User": "[email protected]", "Allow": ["example-host-1:22"], "Deny": ["example-host-2:100"]},
 
+  "tests": [
 
+    // {"src": "[email protected]", "accept": ["example-host-1:22"], "deny": ["example-host-2:100"]},
 
   ],
 
   // Declare static groups of users beyond those in the identity service.
 
-  "Groups": {
 
+  "groups": {
 
     "group:example": [ "[email protected]", "[email protected]" ],
 
   },
 
   // Declare convenient hostname aliases to use in place of IP addresses.
 
-  "Hosts": {
 
+  "hosts": {
 
     "example-host-1": "100.100.100.100",
 
   },
 
   // Access control lists.
 
-  "ACLs": [
 
+  "acls": [
 
     // Match absolutely everything. Comment out this section if you want
 
     // to define specific ACL restrictions.
 
-    { "Action": "accept", "Users": ["*"], "Ports": ["*:*"] },
 
+    { "action": "accept", "users": ["*"], "ports": ["*:*"] },
 
   ]
 
 }'
 
 ```
 
@@ -648,7 +648,7 @@ curl 'https://api.tailscale.com/api/v2/tailnet/example.com/acl/validate' \
 
   -u "tskey-yourapikey123:" \
 
   --data-binary '
 
   [
 
-    {"User": "[email protected]", "Allow": ["example-host-1:22"], "Deny": ["example-host-2:100"]}
 
+    {"src": "[email protected]", "accept": ["example-host-1:22"], "deny": ["example-host-2:100"]}
 
   ]'
 
 ```
 
 
@@ -659,10 +659,10 @@ curl 'https://api.tailscale.com/api/v2/tailnet/example.com/acl/validate' \
 
   -u "tskey-yourapikey123:" \
 
   --data-binary '
 
   {
 
-    "ACLs": [
 
-     { "Action": "accept", "src": ["100.105.106.107"], "dst": ["1.2.3.4:*"] },
 
+    "acls": [
 
+     { "action": "accept", "src": ["100.105.106.107"], "dst": ["1.2.3.4:*"] },
 
     ],
 
-    "Tests", [
 
+    "tests", [
 
       {"src": "100.105.106.107", "allow": ["1.2.3.4:80"]}
 
     ],
 
   }'