slawek/vault
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix: override default restritive policy for identity admin.

Browse Source
This commit is contained in:
Sławek Koszewski
2026-01-19 20:43:39 +01:00
parent 6c5323025b
commit 30eaccb1a3
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
policies/identity_admin_policy.hcl
View File

@@ -1,8 +1,13 @@
# Add identity admin role to the token # Add identity admin role to the token
path "identity/*" { path "identity/*" {
capabilities = ["create", "read", "update", "delete", "list", "sudo"] capabilities = ["create", "read", "update", "delete", "list"]
} }
path "identity/entity/*/name" { # Override default policies for identity management
capabilities = ["create", "read", "update", "delete", "list", "sudo"] path "identity/entity/id/{{identity.entity.id}}" {
capabilities = ["create", "read", "update", "delete", "list"]
}
path "identity/entity/name/{{identity.entity.name}}" {
capabilities = ["create", "read", "update", "delete", "list"]
} }