37 lines
610 B
HCL
37 lines
610 B
HCL
path "/sys/mounts" {
|
|
capabilities = [ "read" ]
|
|
}
|
|
|
|
path "/sys/mounts/pki/root" {
|
|
capabilities = [ "read" ]
|
|
}
|
|
|
|
path "/sys/mounts/pki/connect" {
|
|
capabilities = [ "read" ]
|
|
}
|
|
|
|
path "/sys/mounts/pki/connect/tune" {
|
|
capabilities = ["update", "read", "create"]
|
|
}
|
|
|
|
path "/pki/root/" {
|
|
capabilities = [ "read" ]
|
|
}
|
|
|
|
path "/pki/root/root/sign-intermediate" {
|
|
capabilities = [ "update" ]
|
|
}
|
|
|
|
path "/pki/connect/*" {
|
|
capabilities = [ "create", "read", "update", "delete", "list" ]
|
|
}
|
|
|
|
path "auth/token/renew-self" {
|
|
capabilities = [ "update" ]
|
|
}
|
|
|
|
path "auth/token/lookup-self" {
|
|
capabilities = [ "read" ]
|
|
}
|
|
|