luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

Merge pull request #1529 from maf23/spelling-fix 

Fixed a number of spelling errors in aws-ec2.html.md
This commit is contained in:
Vishal Nayak 2016-06-15 07:47:21 -04:00 committed by GitHub
parent bf2cab6cd3 f8558ca1f2
commit 547cb99afb
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
website/source/docs/auth/aws-ec2.html.md
View File

@ -40,11 +40,11 @@ security, as detailed later in this documentation.
## Authorization Workflow
The basic mechanism of operaion is per-role. Roles are registered in the
backend and associated with various optional restricitons, such as the set
The basic mechanism of operation is per-role. Roles are registered in the
backend and associated with various optional restrictions, such as the set
of allowed policies and max TTLs on the generated tokens. Each role can
be specified with the contraints that are to be met during the login. For
example, currently the contraint that is supported is to bind against AMI
be specified with the constraints that are to be met during the login. For
example, currently the constraint that is supported is to bind against AMI
ID. A role which is bound to a specific AMI, can only be used for login by
those instances that are deployed on the same AMI.
@ -54,7 +54,7 @@ role entry in the backend can also be associated with a "role tag". These tags
are generated by the backend and are placed as the value of a tag with the
given key on the EC2 instance. The role tag can be used to further restrict the
parameters set on the role, but cannot be used to grant additional privileges.
If a role with AMI bound contraint, has "role tag" enabled on the role, and
If a role with AMI bound constraint, has "role tag" enabled on the role, and
the EC2 instance performing login does not have an expected tag on it, or if the
tag on the instance is deleted for some reason, authentication fails.
@ -791,7 +791,7 @@ The response will be in JSON. For example:
<dt>Description</dt>
<dd>
Registers a role in the backend. Only those instances which are using the role registered using this endpoint,
will be able to perform the login operation. Contraints can be specified on the role, that are applied on the
will be able to perform the login operation. Constraints can be specified on the role, that are applied on the
instances attempting to login. Currently only one constraint is supported which is 'bound_ami_id', which must
be specified. Going forward, when more than one constraint is supported, the requirement will be to specify at
least one constraint, but not necessarily 'bound_ami_id'.
@ -1152,7 +1152,7 @@ The response will be in JSON. For example:
<dd>
Places a valid role tag in a blacklist. This ensures that the role tag
cannot be used by any instance to perform a login operation again.
Note that if the role tag was previousy used to perfom a successful
Note that if the role tag was previously used to perform a successful
login, placing the tag in the blacklist does not invalidate the
already issued token.
</dd>