# Allow access to read pki_int issuers
---
rules:
  - path: "pki_int/issuer/*"
    capabilities:
      - read
      - list

auth:
  approle:
    - tf_vault