From f8558ca1f27e8e7c533cd8aa5369e6fd0e9b7dd4 Mon Sep 17 00:00:00 2001 From: Martin Forssen Date: Wed, 15 Jun 2016 13:32:36 +0200 Subject: [PATCH] Fixed a number of spelling errors in aws-ec2.html.md --- website/source/docs/auth/aws-ec2.html.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/website/source/docs/auth/aws-ec2.html.md b/website/source/docs/auth/aws-ec2.html.md index 60034dc39..6d328a941 100644 --- a/website/source/docs/auth/aws-ec2.html.md +++ b/website/source/docs/auth/aws-ec2.html.md @@ -40,11 +40,11 @@ security, as detailed later in this documentation. ## Authorization Workflow -The basic mechanism of operaion is per-role. Roles are registered in the -backend and associated with various optional restricitons, such as the set +The basic mechanism of operation is per-role. Roles are registered in the +backend and associated with various optional restrictions, such as the set of allowed policies and max TTLs on the generated tokens. Each role can -be specified with the contraints that are to be met during the login. For -example, currently the contraint that is supported is to bind against AMI +be specified with the constraints that are to be met during the login. For +example, currently the constraint that is supported is to bind against AMI ID. A role which is bound to a specific AMI, can only be used for login by those instances that are deployed on the same AMI. @@ -54,7 +54,7 @@ role entry in the backend can also be associated with a "role tag". These tags are generated by the backend and are placed as the value of a tag with the given key on the EC2 instance. The role tag can be used to further restrict the parameters set on the role, but cannot be used to grant additional privileges. -If a role with AMI bound contraint, has "role tag" enabled on the role, and +If a role with AMI bound constraint, has "role tag" enabled on the role, and the EC2 instance performing login does not have an expected tag on it, or if the tag on the instance is deleted for some reason, authentication fails. @@ -791,7 +791,7 @@ The response will be in JSON. For example:
Description
Registers a role in the backend. Only those instances which are using the role registered using this endpoint, - will be able to perform the login operation. Contraints can be specified on the role, that are applied on the + will be able to perform the login operation. Constraints can be specified on the role, that are applied on the instances attempting to login. Currently only one constraint is supported which is 'bound_ami_id', which must be specified. Going forward, when more than one constraint is supported, the requirement will be to specify at least one constraint, but not necessarily 'bound_ami_id'. @@ -1152,7 +1152,7 @@ The response will be in JSON. For example:
Places a valid role tag in a blacklist. This ensures that the role tag cannot be used by any instance to perform a login operation again. - Note that if the role tag was previousy used to perfom a successful + Note that if the role tag was previously used to perform a successful login, placing the tag in the blacklist does not invalidate the already issued token.