Auth.conf alsways overwritten

[eornely]

Hello,

I'm trying to use the PE API to sign a server cert.

I know how to use /puppet-ca/v1/certificate_status but I have problems to allow a specific user to sign.

I generated certs that I use in my curl/nodejs API calls and I have to change the /etc/puppetlabs/puppetserver/conf.d/auth.conf. I changed :
        {
            "allow" : [
                "pe-internal-dashboard"
            ],
            "match-request" : {
                "method" : [
                    "get",
                    "put",
                    "delete"
                ],
                "path" : "/puppet-ca/v1/certificate_status",
                "query-params" : {},
                "type" : "path"
            },
            "name" : "puppetlabs certificate status",
            "sort-order" : 500
        }

To :
        {
            "allow" : [
                "pe-internal-dashboard", "sign_user"
            ],
            "match-request" : {
                "method" : [
                    "get",
                    "put",
                    "delete"
                ],
                "path" : "/puppet-ca/v1/certificate_status",
                "query-params" : {},
                "type" : "path"
            },
            "name" : "puppetlabs certificate status",
            "sort-order" : 500
        }

The problem is that after a moment, it always come back to the previous value. I suppose the file is generated by PE but then where should I put the value sign_user so that he has access to the rule named "puppetlabs certificate status" ?