From aa3961ba31638b613e4e09b9373dd358f307fa0e Mon Sep 17 00:00:00 2001
From: Udo Waechter <udo@maketank.net>
Date: Thu, 16 Nov 2023 12:06:57 +0100
Subject: [PATCH] initial vault config

---
 _sys/vault/vault-service-policy.hcl | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 _sys/vault/vault-service-policy.hcl

diff --git a/_sys/vault/vault-service-policy.hcl b/_sys/vault/vault-service-policy.hcl
new file mode 100644
index 0000000..302fe60
--- /dev/null
+++ b/_sys/vault/vault-service-policy.hcl
@@ -0,0 +1,13 @@
+https://developer.hashicorp.com/vault/tutorials/day-one-consul/deployment-guide
+#consul acl policy create -name vault-service -rules @vault-service-policy.hcl
+#consul acl token create \
+#    -description "Vault Service Token" \
+#   -policy-name vault-service
+
+
+service "vault" { policy = "write" }
+key_prefix "vault/" { policy = "write" }
+agent_prefix "" { policy = "read" }
+session_prefix "" { policy = "write" }
+
+