github.com/tommi2day/pwcli@v0.0.0-20240317203041-4d1177a5ab91/test/docker/vault_provision/admin_policy.hcl (about) 1 # Manage auth methods broadly across Vault 2 path "auth/*" 3 { 4 capabilities = ["create", "read", "update", "delete", "list", "sudo"] 5 } 6 7 # Create, update, and delete auth methods 8 path "sys/auth/*" 9 { 10 capabilities = ["create", "update", "delete", "sudo"] 11 } 12 13 # List auth methods 14 path "sys/auth" 15 { 16 capabilities = ["read"] 17 } 18 19 # List existing policies 20 path "sys/policies/acl" 21 { 22 capabilities = ["list"] 23 } 24 25 # Create and manage ACL policies 26 path "sys/policies/acl/*" 27 { 28 capabilities = ["create", "read", "update", "delete", "list", "sudo"] 29 } 30 31 # List, create, update, and delete key/value secrets 32 path "secret/*" 33 { 34 capabilities = ["create", "read", "update", "delete", "list", "sudo"] 35 } 36 37 # Manage secrets engines 38 path "sys/mounts/*" 39 { 40 capabilities = ["create", "read", "update", "delete", "list", "sudo"] 41 } 42 43 # List existing secrets engines. 44 path "sys/mounts" 45 { 46 capabilities = ["read"] 47 } 48 49 # Read health checks 50 path "sys/health" 51 { 52 capabilities = ["read", "sudo"] 53 } 54 55 # generate passwords 56 path "sys/policies/password/*" 57 { 58 capabilities = ["read", "update","delete","list","sudo"] 59 }