# Allow Rundeck access to its KV secrets
---
rules:
  - path: "rundeck/data/*"
    capabilities:
      - create
      - read
      - update
      - delete
      - list
  - path: "rundeck/metadata/*"
    capabilities:
      - list

auth:
  approle:
    - rundeck-role