18 lines
350 B
HCL
18 lines
350 B
HCL
# Policy for system application
|
|
path "secret/data/app/*" {
|
|
capabilities = ["create", "read", "update", "delete", "list"]
|
|
}
|
|
|
|
path "secret/metadata/app/*" {
|
|
capabilities = ["list"]
|
|
}
|
|
|
|
# Allow token renewal
|
|
path "auth/token/renew-self" {
|
|
capabilities = ["update"]
|
|
}
|
|
|
|
# Allow token lookup
|
|
path "auth/token/lookup-self" {
|
|
capabilities = ["read"]
|
|
} |