From 78dd48319cd37a4ce7e9688082121daa371579f8 Mon Sep 17 00:00:00 2001 From: hygienic-books Date: Tue, 25 Apr 2023 22:55:59 +0200 Subject: [PATCH] fix(docs): Typo --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index bf92408..e87a04b 100644 --- a/README.md +++ b/README.md @@ -103,7 +103,7 @@ We're going to allow all human users to change their own `userpass` password. Th Optionally [policies/cfgmgmt/cfgmgmt.hcl](policies/cfgmgmt/cfgmgmt.hcl) gets you started with read-only secrets access for example for a config management tool like Ansible. -You'll want to create an Ansible entity and a `userpass` alias. Think of the alias as glue that ties an auth method to an entity. This in turn allows you to specify policy that applies to the entity, gets inherited by aliases and lastly inherited by auth methods. +You'll want to create an Ansible entity and a `userpass` alias. Think of the alias as glue that ties an auth method to an entity. This in turn allows you to specify policies that apply to the entity, get inherited by aliases and lastly inherited by auth methods. In this simple use case create create a user in the `userpass` auth method, use the same name used from both the entity and its alias. Use that user to authenticate against Vault and retrieve a token. You'll likely want a distinct group where your Ansible entity becomes a member and which uses a policy such as the example at [policies/cfgmgmt/cfgmgmt.hcl](policies/cfgmgmt/cfgmgmt.hcl).