Vault Configuration

To configure Vault so that Lieutenant Operator can use it, follow these steps:

  1. Visit https://yourvault/ui/vault/policies/acl and click Create ACL Policy. Then paste following policy into the field:

    path "kv/data/*" {
      capabilities = ["read", "create", "update", "delete"]
    path "kv/metadata/*" {
      capabilities = ["read", "create", "update", "delete", "list"]
    path "kv/delete/*" {
      capabilities = ["update"]

    Name it lieutenant-operator

  2. Create a new secret engine by visiting https://yourvault/ui/vault/secrets and clicking on Enable new engine.

    1. Select KV

    2. Click next, the path needs to be kv and the Version needs to be 2

    3. Click Enable Engine