Update : policy global

2025-01-18 12:09:24 +01:00
parent 6ff6c00ee7
commit d6e5136ebf
1 changed files with 28 additions and 0 deletions
@@ -0,0 +1,28 @@
+# Mount secrets engines
+path "sys/mounts/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Configure the Terraform secrets engine and create roles
+path "terraform/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Manage the leases
+path "sys/leases/+/terraform/creds/my-user/*" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}
+
+path "sys/leases/+/terraform/creds/my-user" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}
+
+# Write ACL policies
+path "sys/policies/acl/*" {
+  capabilities = [ "create", "read", "update", "delete", "list" ]
+}
+
+# Manage tokens for verification
+path "auth/token/create" {
+  capabilities = [ "create", "read", "update", "delete", "list", "sudo" ]
+}