Files
terraform-vault/policies/kv/service/forgebot/config/read.yaml
T
unkinben 65f844cbe1
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/plan Pipeline was successful
Fix: add policy binding for forgebot K8s auth role
Every K8s auth role needs at least one entry in the policy_auth_map.
Add a policy granting the forgebot role read access to the namespace-
scoped KV path, which the operator SA needs when authenticating with
the forgebot role instead of the default role.
2026-06-08 23:00:35 +10:00

10 lines
131 B
YAML

---
rules:
- path: "kv/data/kubernetes/namespace/forgebot/*"
capabilities:
- read
auth:
k8s/au/syd1:
- forgebot