Update : policy global

2025-01-18 12:09:24 +01:00 · 2025-01-18 12:09:24 +01:00 · d6e5136ebf
commit d6e5136ebf
parent 6ff6c00ee7
1 changed files with 28 additions and 0 deletions
--- a/policy/global.hcl
+++ b/policy/global.hcl
@ -0,0 +1,28 @@
+# Mount secrets engines
+path "sys/mounts/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Configure the Terraform secrets engine and create roles
+path "terraform/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Manage the leases
+path "sys/leases/+/terraform/creds/my-user/*" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}
+
+path "sys/leases/+/terraform/creds/my-user" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}
+
+# Write ACL policies
+path "sys/policies/acl/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Manage tokens for verification
+path "auth/token/create" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}