vault_policy_document

This is a data source which can be used to construct a HCL representation of an Vault policy document, for use with resources which expect policy documents, such as the vault_policy resource.

Example Usage

data "vault_policy_document" "example" {
  rule {
    path         = "secret/*"
    capabilities = ["create", "read", "update", "delete", "list"]
    description  = "allow all on secrets"
  }
}

resource "vault_policy" "example" {
  name   = "example_policy"
  policy = data.vault_policy_document.example.hcl
}

Argument Reference

Each document configuration may have one or more rule blocks, which each accept the following arguments:

Parameters

Each of *_parameter attributes can optionally further restrict paths based on the keys and data at those keys when evaluating the permissions for a path.

Support the following arguments:

Attributes Reference

In addition to the above arguments, the following attributes are exported: