Hi, i’m implementing ssh key signing as per Using Vault as an SSH certificate authority | by Brian Candler | Medium. i have a specific Policy called ssh-user and i’ve assigned it to a ssh-user Group to enable this.
Rather than manually adding each and every user to the ssh-user Group, is it possible to have vault dynamically populate the group based on whether the users Entity has a (say) ssh_username metadata key.
cheers,