Skip to main content

ACL Basics

An ACL in Knocknoc is an important mapping between a Backend and ACL name, which is an argument passed into the Backend method.

image.png

For example, if you have a Backend that is a script that updates an AWS security group, you can put the security group ID as the ACL name, and the script can use that to update the correct group for the users who have access.

Another example is an HAproxy ACL id. These are numeric in memory lists of IPs, say "405", and here you can map "405" to "Confluence", on the backend "Confluence Haproxy".

For IPSets, the ACL Name needs to match the pre-defined IPSet described here.

image.png

ACLs are then mapped to Groups, so people in the right group get the set of ACLs assigned to them.