Hi all
I am trying to combine tags with ACLs, but failing miserably.
I have assigned the tag to two of my VMs running Tailscale. I have put my user as tag owner and I have made an ACL that should give the VMs with the tag access to each other.
The issue is when I go to the Machines page in the web admin and do a mouse-over on the tag I get the following message:
“This tag is invalid because the machine’s creator is not in the tag owners’ group. See the ACL file for who is allowed to claim a tag.”
The ACL looks like this
{
“tagOwners”: {
“tag:VMs-Test”: [“email@email.com”],
},
// Access control lists.
“acls”: [
// Match absolutely everything. Comment out this section if you want
// to define specific ACL restrictions.
{ “action”: “accept”, “users”: [“tag:VMs-Test”], “ports”: [“tag:VMs-Test:“] },
//{ “action”: “accept”, “users”: [””], “ports”: [“:”] },
]
}
*Email has been changed in the above paste, but is the same mail as is states as the creator for the machines (I only have 1 user).
Any suggestion as to what I have done wrong?
Thanks in advance,
Thomas