- add policies to sign/issue certificates - manage auth roles for ceph-csi, certmanager, externaldns, huntarr
- update kubernetes_host to match value in jwt - regenerate jwt token and store in vault - add policy to enable access to jwt token - update tf_deploy user with access to token
