headscale/hscontrol/policy/v2/testdata/acl_results/ACL-SF08.json

{
  "test_id": "ACL-SF08",
  "timestamp": "2026-03-17T14:45:45Z",
  "error": true,
  "input": {
    "policy_file": "acl_policies/acl_sf08.json",
    "full_policy": {
      "groups": {
        "group:admins": ["kratail2tid@passkey"],
        "group:developers": ["kristoffer@dalby.cc", "kratail2tid@passkey"],
        "group:monitors": ["monitorpasskeykradalby@passkey"],
        "group:empty": []
      },
      "tagOwners": {
        "tag:server": ["kratail2tid@passkey"],
        "tag:prod": ["kratail2tid@passkey"],
        "tag:client": ["kratail2tid@passkey"],
        "tag:router": ["kratail2tid@passkey"],
        "tag:exit": ["kratail2tid@passkey"]
      },
      "hosts": {
        "webserver": "100.108.74.26",
        "prodbox": "100.103.8.15",
        "internal": "10.0.0.0/8",
        "subnet24": "192.168.1.0/24"
      },
      "autoApprovers": {
        "routes": {
          "10.33.0.0/16": ["tag:router"],
          "0.0.0.0/0": ["tag:exit"],
          "::/0": ["tag:exit"]
        }
      },
      "acls": [
        {
          "action": "accept",
          "src": ["autogroup:member", "tag:client"],
          "dst": ["autogroup:self:*"]
        }
      ]
    },
    "api_endpoint": "https://api.tailscale.com/api/v2/tailnet/kratail2tid%40passkey/acl",
    "api_response_code": 400,
    "api_response_body": { "message": "autogroup:self can only be used with users, groups, or supported autogroups" }
  }
}