Tutorial: Vault Policy update

zbaban · September 28, 2020, 5:47pm

Hello,
In the Vault Policy/Check Token Capabilities tutorial, the third step
$vault token capabilities $ADMIN_TOKEN sys/auth/approle

should show: create, delete, sudo, update.
In your tutorial it lists read too, which is not accurate according to the Policy written above (admin-policy.hcl),

# Create, update, and delete auth methods
path "sys/auth/*"
{
  capabilities = ["create", "update", "delete", "sudo"]
}

so it just needs to be updated to avoid confusion.

Thanks,

Zaid

Topic		Replies	Views
Token capabilities either wrongly calculated from policy or docs are wrong Vault vault , policy-as-code	0	21	July 17, 2024
Best practices for "admin" policy? Vault	3	1257	October 2, 2020
Help to understand how to create tokens Vault	0	272	March 9, 2021
[Vault] The policy for create and read keys only Vault	3	394	October 10, 2021
Non root token that can create new tokens with newly created policy Vault	5	332	March 15, 2023

Tutorial: Vault Policy update

Related topics