HashiCorp Exam HCVA0-003 Topic 9 Question 1 Discussion

Actual exam question for HashiCorp's HCVA0-003 exam

Question #: 1
Topic #: 9

[All HCVA0-003 Questions]

When creating a policy, an error was thrown:

Which statement describes the fix for this issue?

AReplace write with create in the capabilities list

BYou cannot have a wildcard (' * ') in the path

Csudo is not a capability

Show Suggested Answer

Suggested Answer: A

The error was thrown because the policy code contains an invalid capability, ''write''. The valid capabilities for a policy are ''create'', ''read'', ''update'', ''delete'', ''list'', and ''sudo''. The ''write'' capability is not recognized by Vault and should be replaced with ''create'', which allows creating new secrets or overwriting existing ones. The other statements are not correct, because the wildcard (*) and the sudo capability are both valid in a policy. The wildcard matches any number of characters within a path segment, and the sudo capability allows performing certain operations that require root privileges.

[Policy Syntax | Vault | HashiCorp Developer]

by Wai at Apr 06, 2025, 06:37 PM

Limited Time Offer

25%

25 days ago

I think the fix is to replace write with create in the capabilities list.

upvoted 0 times

...