Skip to content

EvgeniyBlinov/vault-policy-generator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
policy.yml
policy.yml
 
 
vaultPG.py
vaultPG.py
 
 

Repository files navigation

MIT License

Simple Hashicorp Vault policy path generator

Usage

cat ./policy.yml | ./vaultPG.py

Source

#  vim: set et fenc=utf-8 ff=unix sts=2 sw=2 ts=2
# policy
#   c = create
#   r = read
#   u = update
#   d = delete
#   l = list
#   s = sudo
#   x = deny
#   UPPERCASE = recurse mode
path:
  - path: "secret/data/dc1/shared*"
    capabilities: Lcrud
  - path: "secret/data/dc1/read"
    capabilities: Lr

Policy

{
  "path": {
    "secret": {
      "capabilities": [
        "list"
      ]
    },
    "secret/data": {
      "capabilities": [
        "list"
      ]
    },
    "secret/data/dc1": {
      "capabilities": [
        "list"
      ]
    },
    "secret/data/dc1/read": {
      "capabilities": [
        "read",
        "list"
      ]
    },
    "secret/data/dc1/shared*": {
      "capabilities": [
        "delete",
        "create",
        "read",
        "update",
        "list"
      ]
    }
  }
}

License

MIT License

Author

About

vault-policy-generator

Resources

Readme

License

MIT license
Activity

Stars

8 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages