The syntax for defining salt functions in config or pillar files has changed to
also support the syntax used in module.run
.
The old syntax for the mine_function - as a dict, or as a list with dicts that
contain more than exactly one key - is still supported but discouraged in favor
of the more uniform syntax of module.run.
Salt has had master-side ACL for the salt mine for some time, where the master
configuration contained mine_get that specified which minions could request
which functions. However, now you can specify which minions can access a function
in the salt mine function definition itself (or when calling mine.send
).
This targeting works the same as the generic minion targeting as specified
here. The parameters used are allow_tgt
and allow_tgt_type
.
See also the documentation of the Salt Mine.