You have been tasked with writing a policy that will allow read permissions for all secrets at path secret/bar. The users that are assigned this policy should also be able to list the secrets. What should this policy look like?
D means it grants access only to one additional level under secret/bar/, not recursively to all secrets within it.
If the goal is to read all secrets under secret/bar/ and list them, the correct choice would be option A
The first path secret/bar/* with the read capability ensures that users can read the secrets stored at any path under secret/bar (including nested secrets).
The second path secret/bar/ with the list capability allows users to list the keys (secrets) directly stored under secret/bar.
The answer depends on whether the user also should be allowed to read all nested secrets under secret/bar. The question doesn't state this, so I opt for D, where the user gains access to items IN secret/bar only, not further down.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
djgodzilla
1 month, 2 weeks agodjgodzilla
1 month, 2 weeks agodjgodzilla
1 month, 2 weeks agoimhl
4 months agoStokvisss
7 months agodaz_rekka
1 year, 3 months ago