updates influxctl create in dedicated

2025-03-27 10:13:37 -06:00 · 2025-03-27 10:13:37 -06:00 · 169e9e9ead
parent f8ffc97b58
commit 169e9e9ead
1 changed files with 77 additions and 18 deletions
--- a/content/influxdb3/cloud-dedicated/reference/cli/influxctl/token/create.md
+++ b/content/influxdb3/cloud-dedicated/reference/cli/influxctl/token/create.md
@ -10,25 +10,33 @@ weight: 301
 ---

 The `influxctl token create` command creates a database token with specified
-permissions to resources in an InfluxDB Cloud Dedicated cluster and outputs
-the token string.
+permissions to resources in an {{< product-name omit=" Clustered">}} cluster and
+outputs the token string.

 The `--read-database` and `--write-database` flags support the `*` wildcard
 which grants read or write permissions to all databases. Enclose wildcards in
 single or double quotes--for example: `'*'` or `"*"`.

+The `--expires-at` flag specifies the data and time a token should expire.
+Provide an [RFC3339 timestamp](/influxdb3/cloud-dedicated/reference/glossary/#rfc3339-timestamp).
+
+> [!Important]
+> If you don't specify a token expiration, the token never expires.
+
 The `--format` flag lets you print the output in other formats.
 The `json` format is available for programmatic parsing by other tooling.
 Default: `table`.

 ## Notable behaviors

- InfluxDB might take some time--from a few seconds to a few minutes--to activate and synchronize new tokens.
-If a new database token doesn't immediately work (you receive a `401 Unauthorized` error) for querying or writing, wait and then try again.
+- InfluxDB might take some time--from a few seconds to a few minutes--to
+  activate and synchronize new tokens. If a new database token doesn't
+  immediately work (you receive a `401 Unauthorized` error) for querying or
+  writing, wait and then try again.
 - Token strings are viewable _only_ on token creation.

 > [!Note]
->
+> 
 > #### Store secure tokens in a secret store
 > 
 > Token strings are viewable _only_ on token creation and aren't stored by InfluxDB.
@ -36,10 +44,13 @@ If a new database token doesn't immediately work (you receive a `401 Unauthorize

 ## Usage

-```sh
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  [--read-database=<DATABASE_NAME>] \
  [--write-database=<DATABASE_NAME>] \
+  [--expires-at=<RFC3339_DATE>] \
  <TOKEN_DESCRIPTION>
 ```

@ -53,6 +64,7 @@ influxctl token create \

 | Flag |                    | Description                                          |
 | :--- | :----------------- | :--------------------------------------------------- |
+|      | `--expires-at`     | Token expiration date and time in RFC3339 format     |
 |      | `--format`         | Output format (`table` _(default)_ or `json`)        |
 |      | `--read-database`  | Grant read permissions to a database _(Repeatable)_  |
 |      | `--write-database` | Grant write permissions to a database _(Repeatable)_ |
@ -62,13 +74,6 @@ influxctl token create \
 _Also see [`influxctl` global flags](/influxdb3/cloud-dedicated/reference/cli/influxctl/#global-flags)._
 {{% /caption %}}

-> [!Note]
-> 
-> #### Using a new token
-> 
-> InfluxDB might take some time to synchronize new tokens.
-> If a new database token doesn't immediately work for querying or writing, wait a few seconds and try again.
-
 ## Examples

 - [Create a token with read and write access to a database](#create-a-token-with-read-and-write-access-to-a-database)
@ -76,6 +81,7 @@ _Also see [`influxctl` global flags](/influxdb3/cloud-dedicated/reference/cli/in
 - [Create a token with read-only access to a database](#create-a-token-with-read-only-access-to-a-database)
 - [Create a token with read-only access to multiple databases](#create-a-token-with-read-only-access-to-multiple-databases)
 - [Create a token with mixed permissions to multiple databases](#create-a-token-with-mixed-permissions-on-multiple-databases)
+- [Create a token that expires in seven days](#create-a-token-that-expires-in-seven-days)

 In the examples below, replace the following:

@ -86,7 +92,10 @@ In the examples below, replace the following:
 ### Create a token with read and write access to a database

 {{% code-placeholders "DATABASE_NAME" %}}
-```sh
+
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  --read-database DATABASE_NAME \
  --write-database DATABASE_NAME \
@ -96,7 +105,9 @@ influxctl token create \

 ### Create a token with read and write access to all databases

-```sh
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  --read-database "*" \
  --write-database "*" \
@ -106,7 +117,10 @@ influxctl token create \
 ### Create a token with read-only access to a database

 {{% code-placeholders "DATABASE_NAME" %}}
-```sh
+
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  --read-database DATABASE_NAME \
  "Read-only token for DATABASE_NAME"
@ -116,7 +130,10 @@ influxctl token create \
 ### Create a token with read-only access to multiple databases

 {{% code-placeholders "DATABASE_NAME|DATABASE2_NAME" %}}
-```sh
+
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  --read-database DATABASE_NAME \
  --read-database DATABASE2_NAME \
@ -127,7 +144,10 @@ influxctl token create \
 ### Create a token with mixed permissions to multiple databases

 {{% code-placeholders "DATABASE_NAME|DATABASE2_NAME" %}}
-```sh
+
+<!-- pytest.mark.skip -->
+
+```bash
 influxctl token create \
  --read-database DATABASE_NAME \
  --read-database DATABASE2_NAME \
@ -135,3 +155,42 @@ influxctl token create \
  "Read-only on DATABASE_NAME, read/write on DATABASE2_NAME"
 ```
 {{% /code-placeholders %}}
+
+### Create a token that expires in seven days
+
+{{% code-placeholders "DATABASE_NAME" %}}
+
+{{< code-tabs-wrapper >}}
+{{% code-tabs %}}
+[Linux](#)
+[macOS](#)
+{{% /code-tabs %}}
+{{% code-tab-content %}}
+
+<!-- pytest.mark.skip -->
+
+```bash
+influxctl token create \
+  --read-database DATABASE_NAME \
+  --write-database DATABASE_NAME \
+  --expires-at $(date -d "+7 days" +"%Y-%m-%dT%H:%M:%S%z") \
+  "Read/write token for DATABASE_NAME with 7d expiration"
+```
+
+{{% /code-tab-content %}}
+{{% code-tab-content %}}
+
+<!-- pytest.mark.skip -->
+
+```bash
+influxctl token create \
+  --read-database DATABASE_NAME \
+  --write-database DATABASE_NAME \
+  --expires-at $(gdate -d "+7 days" +"%Y-%m-%dT%H:%M:%S%z") \
+  "Read/write token for DATABASE_NAME with 7d expiration"
+```
+
+{{% /code-tab-content %}}
+{{< /code-tabs-wrapper >}}
+
+{{% /code-placeholders %}}