mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-10 00:10:20 +00:00
deploy: add sys/mounts to Vault policy
Add "sys/mounts" so that VaultBackendKey does not need to be set. The libopenstorage API detects the version for the key-value store in Vault by reading "sys/mounts". Without permissions to read this endpoint, the VaultBackendKey is required to be configured. Signed-off-by: Niels de Vos <ndevos@redhat.com>
This commit is contained in:
Niels de Vos
mergify[bot]
parent
04586dc733
commit
db6d376434
@ -88,6 +88,10 @@ items:
|
|||||||
path "secret/metadata/ceph-csi/*" {
|
path "secret/metadata/ceph-csi/*" {
|
||||||
capabilities = ["read", "delete", "list"]
|
capabilities = ["read", "delete", "list"]
|
||||||
}
|
}
|
||||||
|
|
||||||
|
path "sys/mounts" {
|
||||||
|
capabilities = ["read"]
|
||||||
|
}
|
||||||
EOS
|
EOS
|
||||||
|
|
||||||
# create a role
|
# create a role
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user