From 04586dc7336cfac6fc6ee1b9d7c355d4a4b34cce Mon Sep 17 00:00:00 2001 From: Niels de Vos Date: Mon, 16 Nov 2020 08:32:53 +0100 Subject: [PATCH] deploy: add "list" operation to Vault policy Signed-off-by: Niels de Vos --- examples/kms/vault/vault.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/kms/vault/vault.yaml b/examples/kms/vault/vault.yaml index d7eb1fcdc..f58dd818a 100644 --- a/examples/kms/vault/vault.yaml +++ b/examples/kms/vault/vault.yaml @@ -82,11 +82,11 @@ items: # create policy to use keys related to the cluster vault policy write "${CLUSTER_IDENTIFIER}" - << EOS path "secret/data/ceph-csi/*" { - capabilities = ["create", "update", "delete", "read"] + capabilities = ["create", "update", "delete", "read", "list"] } path "secret/metadata/ceph-csi/*" { - capabilities = ["read", "delete"] + capabilities = ["read", "delete", "list"] } EOS