github.com/maier/nomad@v0.4.1-0.20161110003312-a9e3d0b8549d/website/source/data/vault/nomad-server-policy.hcl

github.com/maier/nomad@v0.4.1-0.20161110003312-a9e3d0b8549d/website/source/data/vault/nomad-server-policy.hcl (about)

     1  # Allow creating tokens under the role
     2  path "auth/token/create/nomad-server" {
     3    capabilities = ["create", "update"]
     4  }
     5  
     6  # Allow looking up the role
     7  path "auth/token/roles/nomad-server" {
     8    capabilities = ["read"]
     9  }
    10  
    11  # Allow looking up incoming tokens to validate they have permissions to
    12  # access the tokens they are requesting
    13  path "auth/token/lookup/*" {
    14    capabilities = ["read"]
    15  }
    16  
    17  # Allow revoking tokens that should no longer exist
    18  path "/auth/token/revoke-accessor/*" {
    19    capabilities = ["update"]
    20  }