infra/tf/bao-policies/k8s-default.hcl

path "test-kv/data/{{identity.entity.aliases.${k8s_auth_backend}.metadata.service_account_namespace}}/*" {
    capabilities = ["read"]
}
	`path "test-kv/data/{{identity.entity.aliases.${k8s_auth_backend}.metadata.service_account_namespace}}/*" {`
	`capabilities = ["read"]`
	`}`