[Vault] The policy for create and read keys only

zenevermind · October 10, 2021, 7:32am

I have a secret named secret/test and a token associated with the policy test-policy
I would like to modify that policy to make the token can only create and read keys in the KV without allowing updating them.

My current policy is as below. It can help me to create, read and even update the old keys

path "secret/data/test" {
  capabilities = ["read", "update"]
}

I’m new in Vault so hope anyone can help me to resolve this problem.

aram · October 10, 2021, 8:28am

Just remove “update”?

zenevermind · October 10, 2021, 5:01pm

So how can I create a new key if removing the update capality?

aram · October 10, 2021, 5:13pm

Topic		Replies	Views
Vault policy write only + read parameters too Vault	5	2125	November 28, 2021
Having problem with ACL Policies Vault	4	307	March 18, 2020
ACL Policy - permission denied Vault	3	1276	November 9, 2021
Understanding Vault policies behavior Vault	2	358	November 16, 2019
Vault policy not working for API Vault	4	223	May 8, 2023

[Vault] The policy for create and read keys only

Related topics