Enable kv-v2 on secrets secret
1
| $ vault kv enable-versioning secret
|
Put something inside secrets secret
1
| $ vault kv put secret/your-path your-key=your-value
|
Create policy file
1
2
3
4
5
6
7
8
| $ tee policyfile.hcl <<EOF
path "secret/*" {
capabilities = [ "list" ]
}
path "secret/data/your-path" {
capabilities = [ "read" ]
}
EOF
|
Please notify that we add policy rules for secret/data/your-path
even though we use secret/your-path
as a path. Because KV-V2 add data
prefix before your path name
Apply the policy file to your role
1
| $ vault policy write your-role policyfile.hcl
|
Thank you for reading!
Any kind of supports is greatly appreciated! Kindly support me via
Bitcoin,
Ko-fi,
Trakteer, or just continue to read another content. You can write a response via
Webmention and let me know the URL via
Telegraph.