Dear hashicorp community,
I would like to modify a policy so tokens under it can move secrets from one path to another. I have added this to the policy path "sys/remount" { capabilities = ["update", "sudo"] }
but this gives user permission to move any secrets under any path. How can I restrict this so user can only move secrets under test path? for instance be able to do vault secrets move test/kv test/new-kv
thank you very much