3-add-example-for-periodic-orphan-token #4
@ -131,7 +131,10 @@ In Vault with a user that has sufficient permissions:
|
|||||||
Now tie it all together by creating a group named `rbacgroup_zabbix`. Add the `zabbix` entity to it and make it use the policy `zabbix`. At this point the policy does not yet exist which is fine, you can set a policy name and Vault will offer to `Add new policy`, see screenshot below. Don't worry, this will not actually add a new policy - empty, broken or otherwise. Vault will simply link your group to the policy `zabbix` which does not exist. You'll get to that in a minute.
|
Now tie it all together by creating a group named `rbacgroup_zabbix`. Add the `zabbix` entity to it and make it use the policy `zabbix`. At this point the policy does not yet exist which is fine, you can set a policy name and Vault will offer to `Add new policy`, see screenshot below. Don't worry, this will not actually add a new policy - empty, broken or otherwise. Vault will simply link your group to the policy `zabbix` which does not exist. You'll get to that in a minute.
|
||||||
|
|
||||||
Like so:
|
Like so:
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
#### Group ID replacement
|
||||||
|
|
||||||
Next up check out [policies/zabbix/zabbix.hcl](policies/zabbix/zabbix.hcl). Do some light replacement before importing it into Vault. The policy file contains a few occurrences of the string `GROUPID`, replace them with the group ID of `rbacgroup_zabbix`.
|
Next up check out [policies/zabbix/zabbix.hcl](policies/zabbix/zabbix.hcl). Do some light replacement before importing it into Vault. The policy file contains a few occurrences of the string `GROUPID`, replace them with the group ID of `rbacgroup_zabbix`.
|
||||||
* Via Vault's UI you can get the group ID at `Access > Groups > rbacgroup_zabbix`.
|
* Via Vault's UI you can get the group ID at `Access > Groups > rbacgroup_zabbix`.
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user