Hello
An application with a certain role (ABC) has been associated with below policy :
path “secret/data/test/ABC_grp” {
capabilities = [“read”,“create”,“update”,“delete”,“patch”]
}
As expected, With ABC app token, I’m able to upload/read and so forth following data. In UI, I see these key(s)/values(s) :
I’m looking for a finer control on who can see a particular data in this path. To elaborate, another application with a different role ( ‘DEF’) cannot see key ‘fruit’ from /test/ABC_grp but can see ‘car’
How would my policy look like? BTW, I’m using for testing purpose OSS and enabled Kv2 secret engine
Appreciate help.
Thanks