Allow reading kv/service/acme-to-vault

2023-10-16 13:37:25 +02:00 · 2023-10-16 13:37:25 +02:00 · bc01e4e772
parent 84dc3078e2
commit bc01e4e772
1 changed files with 4 additions and 0 deletions
--- a/vault/policies/acme-to-vault.hcl
+++ b/vault/policies/acme-to-vault.hcl
@ -11,3 +11,7 @@ path "[[ .vault.prefix ]]kv/data/service/[[ .acme.instance ]]/account/*" {
 path "[[ .vault.prefix ]]kv/metadata/service/[[ .acme.instance ]]/account/*" {
  capabilities = ["list","read"]
 }
+
+path "[[ .vault.prefix ]]kv/data/service/[[ .acme.instance ]]" {
+  capabilities = ["read"]
+}