HashiCorp Certified: Vault Associate VA-002-P Question # 11 Topic 2 Discussion

VA-002-P Exam Topic 2 Question 11 Discussion:

Question #: 11

Topic #: 2

An administrator wants to create a new KV mount for individual users to maintain their own secrets but needs a way to simplify the policy so they don't need to write a new one for each new user? With the requirements listed below, what would such a policy look like?
Requirement: Each user can perform all operations on their allocated key/value secret path

path "user-kv/data/{{identity.entity.name}}/*" {

capabilities = [ "create", "update", "read", "delete", "list" ]

}

path "user-kv/data/{{identity.entity.id.name}}/*" {

capabilities = [ "create", "update", "read", "delete", "list" ]

}

path "user-kv/data/{{identity.entity.aliases.<>.id}}/*" {

capabilities = [ "create", "update", "read", "delete", "list" ]

}

path "user-kv/data/{{user}}/*" {

capabilities = [ "create", "update", "read", "delete", "list" ]

}

Get Premium VA-002-P Questions

Actual exam question for HashiCorp VA-002-P exam by Zephyr2825 at Aug 2, 2025, 12:00:00 AM

Contribute your Thoughts:

Chosen Answer: A B C D
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

HashiCorp Certified: Vault Associate VA-002-P Question # 11 Topic 2 Discussion

HashiCorp Certified: Vault Associate VA-002-P Question # 11 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

HashiCorp Certified: Vault Associate VA-002-P Question # 11 Topic 2 Discussion

HashiCorp Certified: Vault Associate VA-002-P Question # 11 Topic 2 Discussion

Correct Answer:

Options Selected by Other Users:

Contribute your Thoughts:

Awaiting moderator approval