VaultCLI Create-Policy Command
Use the vaultCLI create-policy command to create a role-based access control policy to allow users or applications to access secrets.
Syntax
vaultcli create-policy [options]
| Option | Description |
|
-h or --help |
Displays usage text. |
|
-g or --ad-group stringArray |
||-separated string containing the DN & display name of AD groups to be added as principals. |
|
-L or --ad-logon-name stringArray |
Logon name of AD users to be added as principals. This option is repeatable. |
|
-u or --ad-upn stringArray |
The UPN of AD users to be added as principals. This option is repeatable. |
|
-l or --local-user stringArray |
Reserved for future use. |
|
-n or --name string |
The name of the policy. Strings must be enclosed in double quotes. |
|
-R or --Resource stringArray |
A comma-separated string containing the box ID and secret IDs to be added as resources. Add * after the box ID to include all secrets in the box. |
|
-r or --role string |
The role of the user that is being assigned. |
|
-t or --tagkey stringArray |
The tag key to associate with the policy. This option is repeatable. |
|
-v or --tagvalue stringArray |
The tag value to associate with the policy. This option is repeatable. |
