# Allow reading audit logs related to secret engines
---
rules:
  - path: "sys/audit"
    capabilities:
      - read
      - list

auth: {}