feat: add tf_vault required policies

move management of Vault back to tf_vault approle. for this, we need to
create a number of policies that are missing.

- add policies to manage consul secret engines
- add policies to manage pki secret engines
- add policies to manage kv secret engines
- add policies to manage ssh secret engines
This commit is contained in:
2026-02-14 18:39:21 +11:00
parent f8f1185b42
commit fd03727ec2
12 changed files with 159 additions and 0 deletions
+11
View File
@@ -0,0 +1,11 @@
# Allow access to read pki_root issuers
---
rules:
- path: "pki_root/issuer/*"
capabilities:
- read
- list
auth:
approle:
- tf_vault