Vault KV V2 List Policy

tech · Mar 25, 2021 · ~1 min

Enable kv-v2 on secrets secret

1
$ vault kv enable-versioning secret

Put something inside secrets secret

1
$ vault kv put secret/your-path your-key=your-value

Create policy file

1
2
3
4
5
6
7
8
$ tee policyfile.hcl <<EOF
path "secret/*" {
  capabilities = [ "list" ]
}
path "secret/data/your-path" {
  capabilities = [ "read" ]
}
EOF

Please notify that we add policy rules for secret/data/your-path even though we use secret/your-path as a path. Because KV-V2 add data prefix before your path name

Apply the policy file to your role

1
$ vault policy write your-role policyfile.hcl

Thank you for reading!

· · ·

Love This Content?

Kindly support me via Bitcoin, Ko-fi, Trakteer, or just continue to read another content. Any kind of supports is greatly appreciated!