diff --git a/example/controller.nomad.hcl b/example/controller.nomad.hcl index 47db8fa..c16ebb7 100644 --- a/example/controller.nomad.hcl +++ b/example/controller.nomad.hcl @@ -77,7 +77,7 @@ httpConnection: protocol: https host: truenas.example.org:443 port: 443 - apiKey: {{ with secret "/kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }} + apiKey: {{ with secret "kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }} allowInsecure: false apiVersion: 2 @@ -117,7 +117,7 @@ _EOF # Load vault root CA into the trust store template { data = <<-EOF - {{ with secret "/pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }} + {{ with secret "pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }} EOF destination = "local/ca.crt" } @@ -209,7 +209,7 @@ httpConnection: protocol: https host: truenas.example.org:443 port: 443 - apiKey: {{ with secret "/kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }} + apiKey: {{ with secret "kv/service/democratic-csi" }}{{ .Data.data.truenas_api_key }}{{ end }} allowInsecure: false apiVersion: 2 @@ -240,7 +240,7 @@ _EOF # Load vault root CA into the trust store template { data = <<-EOF - {{ with secret "/pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }} + {{ with secret "pki/root/cert/ca" }}{{ .Data.certificate }}{{ end }} EOF destination = "local/ca.crt" } diff --git a/example/vault/policies/democratic-csi.hcl b/example/vault/policies/democratic-csi.hcl index 23fbf0e..667bfe0 100644 --- a/example/vault/policies/democratic-csi.hcl +++ b/example/vault/policies/democratic-csi.hcl @@ -1,12 +1,12 @@ # Access the vault KV (v2) store -path "/kv/data/service/democratic-csi" { +path "kv/data/service/democratic-csi" { capabilities = ["read"] } -path "/kv/metadata/service/democratic-csi/*" { +path "kv/metadata/service/democratic-csi/*" { capabilities = ["read", "list"] } -path "/kv/data/service/democratic-csi/*" { +path "kv/data/service/democratic-csi/*" { capabilities = ["read"] }