# Allow management of policies (create, update, delete, list, and read)
---
rules:
  - path: "sys/policies/acl/*"
    capabilities:
      - create
      - update
      - delete
      - read
      - list
  - path: "sys/policies/acl"
    capabilities:
      - read
      - list

auth:
  approle:
    - tf_vault