Infisical’s permissions system provides granular access control.
secrets/read
. This permission allows the subject to read secrets.
environment
: Control access based on environment slugssecretPath
: Control access based on secret pathssecretName
: Control access based on secret namessecretTags
: Control access based on tags (only supports $in operator)Operator | Description | Example |
---|---|---|
$eq | Equal | { environment: { $eq: "production" } } |
$ne | Not equal | { environment: { $ne: "development" } } |
$in | Matches any value in array | { environment: { $in: ["staging", "production"] } } |
$glob | Pattern matching using glob syntax | { secretPath: { $glob: "/app/\*" } } |