Here is the situation: I created an user
vault write auth/userpass/users/'username' password='password' policies=default
with default policy and added path
"secret/db_pass/*" {
capabilities = ["create","read","delete","update","list"]
}
in the default policy. But when I am trying to access secret/ I am getting error 'You don't have access to secret/, though I have added permission in the policy file.
Am I doing something wrong? Could some gentle soul please help? Let me know if any other information is required.
Not sure but seems policy structure had been changed. In order to access "secret/db_pass/" you should be having permission to access secret/ itself. So, I am achieving it with 2 policies. One to get access to secret/ and other for secret/db_pass/.
path "secret/" {
capabilities = ["list"]
}
path "secret/db_pass/*"
{ capabilities = ["create","read","delete","update","list"]
}