From a206184b0ca410ef4ebe7fc867d1c1ca54364c05 Mon Sep 17 00:00:00 2001
From: hygienic-books <hygienic-books@tentic.net>
Date: Sat, 24 Sep 2022 00:01:21 +0200
Subject: [PATCH] docs(ansible): Tighten sentence structure (#1)

---
 README.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index e93b851..5df826c 100644
--- a/README.md
+++ b/README.md
@@ -96,7 +96,7 @@ Get the Vault command-line client via [vaultproject.io/downloads](https://www.va
 
 * Optionally [policies/role-cfgmgmt/role-cfgmgmt.hcl](policies/role-cfgmgmt/role-cfgmgmt.hcl) gets you started with read-only secrets access for example for a config management tool like Ansible.
 
-    You'll want to create an Ansible entity with an alias and create both a `token` and a `userpass` alias. Lastly within the `userpass` auth method create a user of the same name used for both the entity and its aliases and use that user to authenticate against Vault. Retrieve a token. You'll likely want a distinct group where your Ansible entity becomes a member and which uses a policy such as the example at [policies/role-cfgmgmt/role-cfgmgmt.hcl](policies/role-cfgmgmt/role-cfgmgmt.hcl).
+    You'll want to create an Ansible entity create both a `token` and a `userpass` alias. Lastly within the `userpass` auth method create a user of the same name used for both the entity and its aliases and use that user to authenticate against Vault. Retrieve a token. You'll likely want a distinct group where your Ansible entity becomes a member and which uses a policy such as the example at [policies/role-cfgmgmt/role-cfgmgmt.hcl](policies/role-cfgmgmt/role-cfgmgmt.hcl).
 
     From here on out it's just more of what you already did, feel free to make this fit your own approach.
 
@@ -115,7 +115,7 @@ Get the Vault command-line client via [vaultproject.io/downloads](https://www.va
     * Add an alias of type `userpass` to the entity.
     * Within the `userpass` auth method create a user (an account if you will) with the same name as the alias you just created so in this case `zabbix`, set a password for the account
 
-    Now tie it all together by creating a group named `rbacgroup_zabbix`. Add the `zabbix` entity to it and make it use the policy `role-zabbix`. At this point the policy does not yet exist which is fine, you can set a policy name and Vault will offer to `Add new policy`. Don't worry, this will not actually add a new policy - empty, broken or otherwise. Vault will simply link your group to the policy `role-zabbix` which does not exist. You'll get to that in a minute.
+    Now tie it all together by creating a group named `rbacgroup_zabbix`. Add the `zabbix` entity to it and make it use the policy `role-zabbix`. At this point the policy does not yet exist which is fine, you can set a policy name and Vault will offer to `Add new policy`, see screenshot below. Don't worry, this will not actually add a new policy - empty, broken or otherwise. Vault will simply link your group to the policy `role-zabbix` which does not exist. You'll get to that in a minute.
 
     Like so:
     ![Vault 1.11.3 Create Group menu](https://i.imgur.com/3Ni53BE.png)
@@ -140,7 +140,7 @@ Get the Vault command-line client via [vaultproject.io/downloads](https://www.va
         ```
     With your ID in hand and [policies/role-zabbix/role-zabbix.hcl](policies/role-zabbix/role-zabbix.hcl) updated import it as a new policy. You're going to want to save it with the same policy name you assigned earlier to `rbacgroup_zabbix` which was `role-zabbix`. This role will grant read-only access to secrets underneath a folder `for_rbacgroup_zabbix` which in our example lives inside a `kv` version 2 secrets engine mounted at its default location `kv`.
 
-    So whenever your Zabbix instance needs access to something store secrets underneath `kv/for_rbacgroup_zabbix`. The policy will make sure only the group with correct ID will have access to secrets.
+    Now whenever your Zabbix instance needs access to something store secrets underneath `kv/for_rbacgroup_zabbix`. The policy will make sure only the group with correct ID will have access to secrets underneath that directory.
 
     Log in to Vault with `userpass` and the `zabbix` account from above, get the account's token and lastly double-check that `zabbix` with its token can read a secret:
     ```