From b7e6231084b3c0ef309bb947cfcbd01ee50461b5 Mon Sep 17 00:00:00 2001 From: Theron Voran Date: Mon, 17 Aug 2020 10:30:06 -0700 Subject: [PATCH] Restoring the example policies for blocking sha1 (#9677) (In the transit api-docs) --- website/pages/api-docs/secret/transit/index.mdx | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/website/pages/api-docs/secret/transit/index.mdx b/website/pages/api-docs/secret/transit/index.mdx index 26e4b6924b89..5071f9417058 100644 --- a/website/pages/api-docs/secret/transit/index.mdx +++ b/website/pages/api-docs/secret/transit/index.mdx @@ -891,9 +891,9 @@ supports signing. only for legacy applications. Signing using SHA-1 can be blocked by operators by assigning the following policy corresponding to a named key: - ``` - { - ] + ```hcl + path "/transit/sign/:name/sha1" { + capabilities = ["deny"] } ``` @@ -1046,9 +1046,9 @@ data. be blocked by operators by assigning the following policy corresponding to a named key: - ``` - { - ] + ```hcl + path "/transit/verify/:name/sha1" { + capabilities = ["deny"] } ```