Permissions for Hashicorp Vault template

Midas1989

Junior Member

Joined: Feb 2020

Posts: 12
#1

Permissions for Hashicorp Vault template

18-05-2023, 11:57

Dear zabbix community,

i don't see what permission the token needs to get all the information from the vault.

I do not want to make it too generous
Can someone tell me what the policy must look like?

Thanks for help
Tags: None
Midas1989

Junior Member

Joined: Feb 2020

Posts: 12
#2

18-05-2023, 12:11

so i have found all permissions for work

a policy with the follow content
path "/sys/metrics" {
capabilities = ["list" , "read"]
}

path "auth/token/lookup-accessor" {
capabilities = ["read", "update"]
}

and this content in the vault.hcl file
telemetry {
disable_hostname = true
prometheus_retention_time = "12h"
}

Last edited by Midas1989; 19-05-2023, 10:51.
Comment

Ad Widget