Vault KV-V2 list policy
Mar 25, 2021
·
~1min read
Enable kv-v2 on secrets secret
$ vault kv enable-versioning secret
Put something inside secrets secret
$ vault kv put secret/your-path your-key=your-value
Create policy file
$ tee policyfile.hcl <<EOF
path "secret/*" {
capabilities = [ "list" ]
}
path "secret/data/your-path" {
capabilities = [ "read" ]
}
EOF
Please notify that we add policy rules for secret/data/your-path
even though we use secret/your-path
as a path. Because KV-V2 add data
prefix before your path name
Apply the policy file to your role
$ vault policy write your-role policyfile.hcl
Thank you for reading!