# Templated access to kv secrets for kubernetes # # kv/kubernetes/namespace// # kv/kubernetes/cluster/// --- rules: - path: "kv/data/kubernetes/namespace/{{identity.entity.aliases.auth_kubernetes_ac24966b.metadata.service_account_namespace}}/{{identity.entity.aliases.auth_kubernetes_ac24966b.metadata.service_account_name}}/*" capabilities: - read - path: "kv/data/kubernetes/cluster/au/syd1/{{identity.entity.aliases.auth_kubernetes_ac24966b.metadata.service_account_namespace}}/{{identity.entity.aliases.auth_kubernetes_ac24966b.metadata.service_account_name}}/*" capabilities: - read auth: k8s/au/syd1: - default