Hello guys… i have a very simple, common task, that has been impossible.
I have a key value v1 secrets engine on path /kv1/, there i create a EDL/data1 and EDL/data2 so i have
/kv1/EDL/data1
and
/kv1/EDL/data2
now… i want to create a token for a user that can read and write on that path… so i create the following policiy
path "/secret/kv1/EDL/*" {
capabilities = ["create", "read", "update", "patch", "delete", "list"]
}
path "/kv1/EDL/*" {
capabilities = ["create", "read", "update", "patch", "delete", "list"]
}
create a token with that policy
vault token create -policy=edl
and when i access the gui using that token and try to access /kv1/EDL i got…
Not Authorized
You don’t have access to kv1/
. If you think you’ve reached this page in error, please contact your administrator.
im almost crazy with this… how can i create a simple token so the user can access /kv1/EDL/* ???