bstein/titan-iac
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

vault: allow admin policy to update shared secrets

Browse Source
This commit is contained in:
Brad Stein 2026-01-15 04:17:14 -03:00
parent de6665c450
commit 5899c9acb3
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
services/vault/scripts/vault_k8s_auth_configure.sh
View File

@ -133,6 +133,12 @@ path "kv/data/atlas/vault/*" {
path "kv/metadata/atlas/vault/*" { path "kv/metadata/atlas/vault/*" {
capabilities = ["list"] capabilities = ["list"]
} }
path "kv/data/atlas/shared/*" {
capabilities = ["create", "update", "read", "patch"]
}
path "kv/metadata/atlas/shared/*" {
capabilities = ["list"]
}
' '
write_raw_policy "vault-admin" "${vault_admin_policy}" write_raw_policy "vault-admin" "${vault_admin_policy}"