Add ACL for password policies and transit engines for admin
This commit is contained in:
parent
adf338ea73
commit
63c5cd9973
|
@ -19,6 +19,14 @@ path "sys/policies/acl/*" {
|
|||
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
||||
}
|
||||
|
||||
# List and manage password policies
|
||||
path "sys/policies/password" {
|
||||
capabilities = ["list"]
|
||||
}
|
||||
path "sys/policies/password/*" {
|
||||
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
||||
}
|
||||
|
||||
# Enable and manage authentication methods broadly across Vault
|
||||
|
||||
# Manage auth methods broadly across Vault
|
||||
|
@ -61,6 +69,10 @@ path "/database/*" {
|
|||
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
||||
}
|
||||
|
||||
# Manage transit engines
|
||||
path "/transit/*" {
|
||||
capabilities = ["create", "read", "update", "delete", "list", "sudo"]
|
||||
}
|
||||
|
||||
# Manage secrets engines
|
||||
path "sys/mounts/*" {
|
||||
|
|
Loading…
Reference in New Issue