In what language is policy written in HashiCorp Vault?

In HashiCorp Vault, policies are written in HCL (HashiCorp Configuration Language). HCL is specifically designed for defining configurations in a human-readable way while still being machine-friendly. This makes it ideal for defining policies in Vault, as it allows users to write clear and concise access controls.

HCL provides rich expressions and a clean syntax, which makes it easy for users to indicate permissions and behaviors within their policies. Since security policies in Vault determine how and when clients can access secrets and certificates, using HCL offers a structured approach that is both powerful and easy to understand.

Other languages like JSON, YAML, or XML are not used for writing Vault policies. JSON could be seen as a rigid format that lacks some of the expressiveness of HCL, meanwhile, YAML is often used in other contexts but does not have a defined role in Vault policy definition. XML, too, does not offer the succinctness and readability needed for policy specification in this environment. Thus, HCL stands out as the most fitting choice for writing policies in HashiCorp Vault.