docs(ansible): Rewrite Ansible section to mention creation of not only entity and alias(es) but also a userpass user (#1)

2022-09-23 22:51:00 +02:00 · 2022-09-23 22:51:00 +02:00 · cefdd12177
commit cefdd12177
parent 5e1146546d
1 changed files with 1 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -96,7 +96,7 @@ Get the Vault command-line client via [vaultproject.io/downloads](https://www.va

 * Optionally [policies/role-cfgmgmt/cfgmgmt.hcl](policies/role-cfgmgmt/cfgmgmt.hcl) gets you started with read-only secrets access for example for a config management tool like Ansible.

-    You'll want to create an Ansible entity with an alias, create both a `token` and a `userpass` alias and use the latter one to authenticate against Vault to retrieve a token. You'll likely want a distinct group where your Ansible entity becomes a member and which uses a policy such as the example at [policies/role-cfgmgmt/cfgmgmt.hcl](policies/role-cfgmgmt/cfgmgmt.hcl).
+    You'll want to create an Ansible entity with an alias and create both a `token` and a `userpass` alias. Lastly within the `userpass` auth method create a user of the same name used for both the entity and its aliases and use that user to authenticate against Vault. Retrieve a token. You'll likely want a distinct group where your Ansible entity becomes a member and which uses a policy such as the example at [policies/role-cfgmgmt/cfgmgmt.hcl](policies/role-cfgmgmt/cfgmgmt.hcl).

    From here on out it's just more of what you already did, feel free to make this fit your own approach.