New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Token role policy list wildcard matching #3756
Comments
I had a similar idea but in reverse:
and the allowed policies:
|
Yes, this would be great. I'd love to be able to easily manage this. As it is I'm probably going to have to do a two-step whenever I update our policies and scan the existing policies, and then rebuild the whitelist to configure the role. |
Might I suggest you spend that effort on a PR instead :-D |
Heh. So, I actually took a whack at it, and I think I got it working (see #5815). But in the process I realized that I'm now wondering if it would be possible to restrict what policies can be requested for a token using globs in the policy on the |
Closed by #7277 |
Feature Request:
It would be great if token roles allowed wildcard matching in the allowed/disallowed policy lists.
For example:
I want to programmatically generate policies per node on my system, each node policy prefixed with a namespace identifier.
If I created these policies:
I'd like to be able to write a role with allowed_policies = [ "prefix-*"] to cover them all.
Currently I'd need to enumerate all of them and update the role every time a new policy is added. This works, but the policy list gets rather large and unwieldy.
The text was updated successfully, but these errors were encountered: