29 lines
901 B
YAML
29 lines
901 B
YAML
apiVersion: v1
|
|
kind: ConfigMap
|
|
metadata:
|
|
name: vault-policies
|
|
namespace: dev-tools
|
|
annotations:
|
|
argocd.argoproj.io/sync-wave: "0"
|
|
data:
|
|
client-self.hcl: |
|
|
path "auth/token/lookup-self" { capabilities = ["read"] }
|
|
path "auth/token/renew-self" { capabilities = ["update"] }
|
|
|
|
eso-read-general.hcl: |
|
|
path "general-secrets/data/*" { capabilities = ["read"] }
|
|
path "general-secrets/metadata/*" { capabilities = ["list"] }
|
|
|
|
eso-read-cicd.hcl: |
|
|
path "cicd/data/*" { capabilities = ["read"] }
|
|
path "cicd/metadata/*" { capabilities = ["list"] }
|
|
|
|
eso-read-internal-users.hcl: |
|
|
path "internal-users/data/*" { capabilities = ["read"] }
|
|
path "internal-users/metadata/*" { capabilities = ["list"] }
|
|
|
|
eso-read-oidc.hcl: |
|
|
path "oidc-secrets/data/*" { capabilities = ["read"] }
|
|
path "oidc-secrets/metadata/*" { capabilities = ["list"] }
|
|
|