Which isnota capability that can be used when writing a Vault policy?
A.
delete
B.
modify
C.
create
D.
list
E.
read
F.
update
The Answer Is:
B
This question includes an explanation.
Explanation:
Comprehensive and Detailed in Depth Explanation:
When writing a Vault policy, the valid capabilities are predefined, andmodifyis not among them. The HashiCorp Vault documentation states: "When writing a policy in Vault, permissions which can be applied to paths include create, read, update, delete, list, deny, and sudo." These capabilities dictate what actions a token can perform on a path.
The docs elaborate: "Capabilities are specific permissions assigned to paths in a policy. For example, create allows creating new resources, update modifies existing ones, delete removes them, list retrieves listings, and read accesses data."Modifyis not a recognized capability; it’s likely a misnomer for update. Thus, B is the correct answer.