Hello, I have a vault enterprise installed on my network.
I give every group of people I want to have the same namespace an hcl policy that looks like this:
path "namespace/*" {
capabilities = ["sudo"]
}
and that works fine, every group gets full ownership for their namesapce.
My problem comes when I want to give certain groups access to engines located in root.
I tried giving them a policy for that specific route:
path "pkiEngine" {
capabilities = ["sudo"]
}
but that way they can only see the engine listed in root but when they try to click it it redirects to a page saying they dont have permission.
What do I need to change in the second policy so they have access to specific engines in root?