infra/tf/bao-policies/k8s-default.hcl

4 lines
245 B
HCL
Raw Permalink Normal View History

path "${k8s_secrets_path}/data/{{identity.entity.aliases.${k8s_auth_backend_accessor}.metadata.service_account_namespace}}/{{identity.entity.aliases.${k8s_auth_backend_accessor}.metadata.service_account_name}}/*" {
2024-09-10 17:36:12 +00:00
capabilities = ["read"]
}