Enable kv-v2 on secrets secret
$ vault kv enable-versioning secret Put something inside secrets secret
$ vault kv put secret/your-path your-key=your-value Create policy file
$ tee policyfile.hcl <<EOF path "secret/*" { capabilities = ["list"] } path "secret/data/your-path" { capabilities = ["read"] } EOF Please notify that we add policy rules for secret/data/your-path even though we use secret/your-path as a path. Because KV-V2 add data prefix before your path name
Apply the policy file to your role
$ vault policy write your-role policyfile.hcl 
Top comments (1)
Thanks for this