Learn how to define a new user with a new role
IAM in Vault controls access based on users. These users are assigned a role that defines the capabilities (REST API operations and CLI commands) they can use and policies that provide for fine-grained control over the data they can access.
This guide demonstrates how to define a new user called
Dashboard with a new role called
In the IAM configuration TOML file, add this text to the
role = "DashboardRole"
and this to the
capabilities = 
policies = 
DashboardRole role has no capabilities and no policies, therefore this user cannot perform any Vault operations and cannot access any data.