1. Home
  2. Discussions
  3. HashiCorp
  4. HashiCorp Security Automation Certification
  5. HCVA0-003 Discussions
  6. HCVA0-003 Exam Topic 6 Question 56 Discussion

HashiCorp Certified: Vault Associate (003)Exam HCVA0-003 Question # 56 Topic 6 Discussion

 HashiCorp Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

HashiCorp Certified: Vault Associate (003)Exam HCVA0-003 Question # 56 Topic 6 Discussion

HCVA0-003 Exam Topic 6 Question 56 Discussion:
Question #: 56
Topic #: 6

You need to write a new policy for Vault for a group of users on the automation team. The requirements stipulate that each user (and all future users) get access to their own private section of a KV secrets engine at the path kv/team/ and be able to manage their own secrets. Which policy below meets these requirements while minimizing the administrative effort and following the principle of least privilege?
A.

path "secret/data/groups/{{identity.groups.ids.2f62-9503-42aa7A869741.name}}/" { capabilities = ["list"] }

B.

path "kv/team/frank/" { capabilities = ["create", "update", "read", "delete"] } path "kv/team/steve/" { capabilities = ["create", "update", "read", "delete"] } path "kv/team/bryan/" { capabilities = ["create", "update", "read", "delete"] }

C.

path "kv/team/" { capabilities = ["create", "update", "read", "delete"] }

D.

path "kv/team/{{identity.entity.id}}/" { capabilities = ["create", "update", "read", "delete"] } path "kv/team/{{identity.entity.id}}" { capabilities = ["create", "update", "read", "delete"] }

Get Premium HCVA0-003 Questions
Actual exam question for HashiCorp HCVA0-003 exam by Milo985 at Aug 2, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next