github.com/tommi2day/pwcli@v0.0.0-20240317203041-4d1177a5ab91/test/docker/vault_provision/provisioner_policy.hcl

github.com/tommi2day/pwcli@v0.0.0-20240317203041-4d1177a5ab91/test/docker/vault_provision/provisioner_policy.hcl (about)

     1  # Manage auth methods broadly across Vault
     2  path "auth/*"
     3  {
     4    capabilities = ["create", "read", "update", "delete", "list", "sudo"]
     5  }
     6  
     7  # Create, update, and delete auth methods
     8  path "sys/auth/*"
     9  {
    10    capabilities = ["create", "update", "delete", "sudo"]
    11  }
    12  
    13  # List auth methods
    14  path "sys/auth"
    15  {
    16    capabilities = ["read"]
    17  }
    18  
    19  # List existing policies
    20  path "sys/policies/acl"
    21  {
    22    capabilities = ["list"]
    23  }
    24  
    25  # Create and manage ACL policies via API & UI
    26  path "sys/policies/acl/*"
    27  {
    28    capabilities = ["create", "read", "update", "delete", "list", "sudo"]
    29  }
    30  
    31  # List, create, update, and delete key/value secrets
    32  path "secret/*"
    33  {
    34    capabilities = ["create", "read", "update", "delete", "list"]
    35  }
    36  
    37  # generate passwords
    38  path "sys/policies/password/*"
    39  {
    40     capabilities = ["read"]
    41  }