fixed link error (#13103)
This commit is contained in:
parent
811c7a8133
commit
6a5fc75ff5
|
@ -109,7 +109,7 @@ This client token is then returned to the client.
|
||||||
|
|
||||||
On each request a client provides this token. Vault then uses it to check that
|
On each request a client provides this token. Vault then uses it to check that
|
||||||
the token is valid and has not been revoked or expired, and generates an ACL
|
the token is valid and has not been revoked or expired, and generates an ACL
|
||||||
based on the associated policies. Vault uses a strict default deny
|
based on the associated policies. Vault uses a strict default deny
|
||||||
enforcement strategy. This means unless an associated policy allows for a given action,
|
enforcement strategy. This means unless an associated policy allows for a given action,
|
||||||
it will be denied. Each policy specifies a level of access granted to a path in
|
it will be denied. Each policy specifies a level of access granted to a path in
|
||||||
Vault. When the policies are merged (if multiple policies are associated with a
|
Vault. When the policies are merged (if multiple policies are associated with a
|
||||||
|
@ -118,7 +118,7 @@ client), the highest access level permitted is used. For example, if the
|
||||||
"ops" policy permits read access to the "ops/" path, then the user gets the
|
"ops" policy permits read access to the "ops/" path, then the user gets the
|
||||||
union of those. Policy is matched using the most specific defined policy, which
|
union of those. Policy is matched using the most specific defined policy, which
|
||||||
may be an exact match or the longest-prefix match glob pattern. See
|
may be an exact match or the longest-prefix match glob pattern. See
|
||||||
[Policy Syntax](../concepts/policies#policy-syntax) for more details.
|
[Policy Syntax](/docs/concepts/policies#policy-syntax) for more details.
|
||||||
|
|
||||||
Certain operations are only permitted by "root" users, which is a distinguished
|
Certain operations are only permitted by "root" users, which is a distinguished
|
||||||
policy built into Vault. This is similar to the concept of a root user on a
|
policy built into Vault. This is similar to the concept of a root user on a
|
||||||
|
|
Loading…
Reference in a new issue