I'm using Hashicorp Vault:
I want a user that can create new users, but can't read their secrets.
Would I just create a policy like:
path "sys/auth/token/*" {
policy = "write"
}
since all policies are set to deny?
This was the incorrect way to use Vault. These were my errors:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.