diff --git a/acls/nomad-admin-policy.hcl b/acls/nomad-admin-policy.hcl
index 9fe3564..c6e4792 100644
--- a/acls/nomad-admin-policy.hcl
+++ b/acls/nomad-admin-policy.hcl
@@ -1,6 +1,12 @@
 namespace "*" {
   policy       = "write"
   capabilities = ["alloc-node-exec"]
+
+  variables {
+    path "*" {
+      capabilities = ["write", "read", "destroy"]
+    }
+  }
 }
 
 agent {