From e495978eebd295d7bcbfc9f0a521b9d7c2a3e8dc Mon Sep 17 00:00:00 2001
From: Tristan Morgan <tristan.morgan@hashicorp.com>
Date: Thu, 24 Oct 2024 10:31:24 +1100
Subject: [PATCH 1/3] Update nomad policies to match
 https://developer.hashicorp.com/nomad/docs/integrations/consul/acl#nomad-agents

---
 .../structs/acltemplatedpolicy/policies/ce/nomad-client.hcl | 2 +-
 .../structs/acltemplatedpolicy/policies/ce/nomad-server.hcl | 6 ++++--
 .../ce/nomad-client-templated-policy.json.golden            | 2 +-
 .../ce/nomad-client-templated-policy.pretty-meta.golden     | 2 +-
 .../ce/nomad-server-templated-policy.json.golden            | 2 +-
 .../ce/nomad-server-templated-policy.pretty-meta.golden     | 6 ++++--
 6 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
index 4ea9f1e6df51..26941a812854 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
@@ -2,7 +2,7 @@ agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"
diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
index 7030ff771a19..23cb78e1134c 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
@@ -1,10 +1,12 @@
 
-acl = "write"
+acl  = "write"
+mesh = "write"
+
 agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
index 00d361fac806..0fece044def5 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-client",
     "Schema": "",
-    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"read\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
+    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad client."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
index bb8053bcc229..cc3a19df2c67 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
@@ -8,7 +8,7 @@ agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
index 871b26dac349..56b257a1fa75 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-server",
     "Schema": "",
-    "Template": "\nacl = \"write\"\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"read\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
+    "Template": "\nacl  = \"write\"\nmesh = \"write\"\n\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad server."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
index 60c196115180..0ce9e5853239 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
@@ -5,12 +5,14 @@ Example usage:
 	consul acl token create -templated-policy builtin/nomad-server
 Raw Template:
 
-acl = "write"
+acl  = "write"
+mesh = "write"
+
 agent_prefix "" {
   policy = "read"
 }
 node_prefix "" {
-  policy = "read"
+  policy = "write"
 }
 service_prefix "" {
   policy = "write"

From b00c1a8b59419aa5cb043627cb836c9bc073e4ae Mon Sep 17 00:00:00 2001
From: Tristan Morgan <tristan.morgan@hashicorp.com>
Date: Mon, 4 Nov 2024 11:59:54 +1100
Subject: [PATCH 2/3] Update policy to template the Nomad node name in.

---
 .../acltemplatedpolicy/policies/ce/nomad-client.hcl        | 2 +-
 .../acltemplatedpolicy/policies/ce/nomad-server.hcl        | 2 +-
 command/acl/templatedpolicy/formatter.go                   | 4 ++--
 .../ce/nomad-client-templated-policy.json.golden           | 2 +-
 .../ce/nomad-client-templated-policy.pretty-meta.golden    | 7 ++++---
 .../ce/nomad-client-templated-policy.pretty.golden         | 5 +++--
 .../ce/nomad-server-templated-policy.json.golden           | 2 +-
 .../ce/nomad-server-templated-policy.pretty-meta.golden    | 7 ++++---
 .../ce/nomad-server-templated-policy.pretty.golden         | 5 +++--
 9 files changed, 20 insertions(+), 16 deletions(-)

diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
index 26941a812854..4045531f0869 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
@@ -1,7 +1,7 @@
 agent_prefix "" {
   policy = "read"
 }
-node_prefix "" {
+node "{{.Name}}" {
   policy = "write"
 }
 service_prefix "" {
diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
index 23cb78e1134c..2bb5f49852bb 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
@@ -5,7 +5,7 @@ mesh = "write"
 agent_prefix "" {
   policy = "read"
 }
-node_prefix "" {
+node "{{.Name}}" {
   policy = "write"
 }
 service_prefix "" {
diff --git a/command/acl/templatedpolicy/formatter.go b/command/acl/templatedpolicy/formatter.go
index e71b52a37550..32263d9c92cd 100644
--- a/command/acl/templatedpolicy/formatter.go
+++ b/command/acl/templatedpolicy/formatter.go
@@ -71,11 +71,11 @@ func (f *prettyFormatter) FormatTemplatedPolicy(templatedPolicy api.ACLTemplated
 	switch templatedPolicy.TemplateName {
 	case api.ACLTemplatedPolicyServiceName:
 		nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The name of the service", "api")
-	case api.ACLTemplatedPolicyNodeName:
+	case api.ACLTemplatedPolicyNodeName, api.ACLTemplatedPolicyNomadServerName, api.ACLTemplatedPolicyNomadClientName:
 		nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The node name", "node-1")
 	case api.ACLTemplatedPolicyAPIGatewayName:
 		nameRequiredVariableOutput(&buffer, templatedPolicy.TemplateName, "The api gateway service name", "api-gateway")
-	case api.ACLTemplatedPolicyDNSName, api.ACLTemplatedPolicyNomadServerName, api.ACLTemplatedPolicyNomadClientName:
+	case api.ACLTemplatedPolicyDNSName:
 		noRequiredVariablesOutput(&buffer, templatedPolicy.TemplateName)
 	default:
 		buffer.WriteString("   None\n")
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
index 0fece044def5..5b596950967d 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-client",
     "Schema": "",
-    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
+    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad client."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
index cc3a19df2c67..99ce3c443733 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
@@ -1,13 +1,14 @@
 Name:            builtin/nomad-client
 Description:     Gives the token or role permissions required for integration with a nomad client.
-Input variables: None
+Input variables:
+	Name: String - Required - The node name.
 Example usage:
-	consul acl token create -templated-policy builtin/nomad-client
+	consul acl token create -templated-policy builtin/nomad-client -var name:node-1
 Raw Template:
 agent_prefix "" {
   policy = "read"
 }
-node_prefix "" {
+node "{{.Name}}" {
   policy = "write"
 }
 service_prefix "" {
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden
index 6dd152d4985c..8125eaaa423f 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty.golden
@@ -1,5 +1,6 @@
 Name:            builtin/nomad-client
 Description:     Gives the token or role permissions required for integration with a nomad client.
-Input variables: None
+Input variables:
+	Name: String - Required - The node name.
 Example usage:
-	consul acl token create -templated-policy builtin/nomad-client
+	consul acl token create -templated-policy builtin/nomad-client -var name:node-1
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
index 56b257a1fa75..6adac15f2153 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-server",
     "Schema": "",
-    "Template": "\nacl  = \"write\"\nmesh = \"write\"\n\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode_prefix \"\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
+    "Template": "\nacl  = \"write\"\nmesh = \"write\"\n\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
     "Description": "Gives the token or role permissions required for integration with a nomad server."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
index 0ce9e5853239..9c38bd962e83 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
@@ -1,8 +1,9 @@
 Name:            builtin/nomad-server
 Description:     Gives the token or role permissions required for integration with a nomad server.
-Input variables: None
+Input variables:
+	Name: String - Required - The node name.
 Example usage:
-	consul acl token create -templated-policy builtin/nomad-server
+	consul acl token create -templated-policy builtin/nomad-server -var name:node-1
 Raw Template:
 
 acl  = "write"
@@ -11,7 +12,7 @@ mesh = "write"
 agent_prefix "" {
   policy = "read"
 }
-node_prefix "" {
+node "{{.Name}}" {
   policy = "write"
 }
 service_prefix "" {
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden
index e65d016320a6..45f8e11dd875 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty.golden
@@ -1,5 +1,6 @@
 Name:            builtin/nomad-server
 Description:     Gives the token or role permissions required for integration with a nomad server.
-Input variables: None
+Input variables:
+	Name: String - Required - The node name.
 Example usage:
-	consul acl token create -templated-policy builtin/nomad-server
+	consul acl token create -templated-policy builtin/nomad-server -var name:node-1

From 1ba81be2f8010237c71ae9ac6e1c1cd754a5490e Mon Sep 17 00:00:00 2001
From: Tristan Morgan <tristan.morgan@hashicorp.com>
Date: Wed, 13 Nov 2024 10:03:13 +1100
Subject: [PATCH 3/3] Update policies to scope agent access.

---
 .../structs/acltemplatedpolicy/policies/ce/nomad-client.hcl  | 4 ++--
 .../structs/acltemplatedpolicy/policies/ce/nomad-server.hcl  | 5 ++---
 .../ce/nomad-client-templated-policy.json.golden             | 2 +-
 .../ce/nomad-client-templated-policy.pretty-meta.golden      | 3 ++-
 .../ce/nomad-server-templated-policy.json.golden             | 2 +-
 .../ce/nomad-server-templated-policy.pretty-meta.golden      | 4 ++--
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
index 4045531f0869..6ea8804909e1 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-client.hcl
@@ -1,4 +1,4 @@
-agent_prefix "" {
+agent "{{.Name}}" {
   policy = "read"
 }
 node "{{.Name}}" {
@@ -9,4 +9,4 @@ service_prefix "" {
 }
 key_prefix "" {
   policy = "read"
-}
\ No newline at end of file
+}
diff --git a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
index 2bb5f49852bb..4eeaa39ae5a3 100644
--- a/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
+++ b/agent/structs/acltemplatedpolicy/policies/ce/nomad-server.hcl
@@ -1,8 +1,7 @@
-
 acl  = "write"
 mesh = "write"
 
-agent_prefix "" {
+agent "{{.Name}}" {
   policy = "read"
 }
 node "{{.Name}}" {
@@ -10,4 +9,4 @@ node "{{.Name}}" {
 }
 service_prefix "" {
   policy = "write"
-}
\ No newline at end of file
+}
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
index 5b596950967d..61d2d762ae5d 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-client",
     "Schema": "",
-    "Template": "agent_prefix \"\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}",
+    "Template": "agent \"{{.Name}}\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\nkey_prefix \"\" {\n  policy = \"read\"\n}\n",
     "Description": "Gives the token or role permissions required for integration with a nomad client."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
index 99ce3c443733..59360c8527dd 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-client-templated-policy.pretty-meta.golden
@@ -5,7 +5,7 @@ Input variables:
 Example usage:
 	consul acl token create -templated-policy builtin/nomad-client -var name:node-1
 Raw Template:
-agent_prefix "" {
+agent "{{.Name}}" {
   policy = "read"
 }
 node "{{.Name}}" {
@@ -17,3 +17,4 @@ service_prefix "" {
 key_prefix "" {
   policy = "read"
 }
+
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
index 6adac15f2153..400edcc8f596 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.json.golden
@@ -1,6 +1,6 @@
 {
     "TemplateName": "builtin/nomad-server",
     "Schema": "",
-    "Template": "\nacl  = \"write\"\nmesh = \"write\"\n\nagent_prefix \"\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}",
+    "Template": "acl  = \"write\"\nmesh = \"write\"\n\nagent \"{{.Name}}\" {\n  policy = \"read\"\n}\nnode \"{{.Name}}\" {\n  policy = \"write\"\n}\nservice_prefix \"\" {\n  policy = \"write\"\n}\n",
     "Description": "Gives the token or role permissions required for integration with a nomad server."
 }
\ No newline at end of file
diff --git a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
index 9c38bd962e83..290bf6ee4cc3 100644
--- a/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
+++ b/command/acl/templatedpolicy/testdata/FormatTemplatedPolicy/ce/nomad-server-templated-policy.pretty-meta.golden
@@ -5,11 +5,10 @@ Input variables:
 Example usage:
 	consul acl token create -templated-policy builtin/nomad-server -var name:node-1
 Raw Template:
-
 acl  = "write"
 mesh = "write"
 
-agent_prefix "" {
+agent "{{.Name}}" {
   policy = "read"
 }
 node "{{.Name}}" {
@@ -18,3 +17,4 @@ node "{{.Name}}" {
 service_prefix "" {
   policy = "write"
 }
+