Document how to give access to Vault for a given team
Document in the Vault usage runbook how to enable a team to access Vault:
- Access Request to create a group in Okta and assign it to the Vault application: either use an appropriate existing AR template or create a new one
- Add new group to the user groups in Vault: https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/blob/master/environments/vault-production/groups.tf
- Allow new group to access their secrets: https://ops.gitlab.net/gitlab-com/gl-infra/config-mgmt/-/blob/master/environments/vault-production/secrets_policies.tf