Merge pull request #1529 from maf23/spelling-fix
Fixed a number of spelling errors in aws-ec2.html.md
This commit is contained in:
commit
547cb99afb
|
@ -40,11 +40,11 @@ security, as detailed later in this documentation.
|
||||||
|
|
||||||
## Authorization Workflow
|
## Authorization Workflow
|
||||||
|
|
||||||
The basic mechanism of operaion is per-role. Roles are registered in the
|
The basic mechanism of operation is per-role. Roles are registered in the
|
||||||
backend and associated with various optional restricitons, such as the set
|
backend and associated with various optional restrictions, such as the set
|
||||||
of allowed policies and max TTLs on the generated tokens. Each role can
|
of allowed policies and max TTLs on the generated tokens. Each role can
|
||||||
be specified with the contraints that are to be met during the login. For
|
be specified with the constraints that are to be met during the login. For
|
||||||
example, currently the contraint that is supported is to bind against AMI
|
example, currently the constraint that is supported is to bind against AMI
|
||||||
ID. A role which is bound to a specific AMI, can only be used for login by
|
ID. A role which is bound to a specific AMI, can only be used for login by
|
||||||
those instances that are deployed on the same AMI.
|
those instances that are deployed on the same AMI.
|
||||||
|
|
||||||
|
@ -54,7 +54,7 @@ role entry in the backend can also be associated with a "role tag". These tags
|
||||||
are generated by the backend and are placed as the value of a tag with the
|
are generated by the backend and are placed as the value of a tag with the
|
||||||
given key on the EC2 instance. The role tag can be used to further restrict the
|
given key on the EC2 instance. The role tag can be used to further restrict the
|
||||||
parameters set on the role, but cannot be used to grant additional privileges.
|
parameters set on the role, but cannot be used to grant additional privileges.
|
||||||
If a role with AMI bound contraint, has "role tag" enabled on the role, and
|
If a role with AMI bound constraint, has "role tag" enabled on the role, and
|
||||||
the EC2 instance performing login does not have an expected tag on it, or if the
|
the EC2 instance performing login does not have an expected tag on it, or if the
|
||||||
tag on the instance is deleted for some reason, authentication fails.
|
tag on the instance is deleted for some reason, authentication fails.
|
||||||
|
|
||||||
|
@ -791,7 +791,7 @@ The response will be in JSON. For example:
|
||||||
<dt>Description</dt>
|
<dt>Description</dt>
|
||||||
<dd>
|
<dd>
|
||||||
Registers a role in the backend. Only those instances which are using the role registered using this endpoint,
|
Registers a role in the backend. Only those instances which are using the role registered using this endpoint,
|
||||||
will be able to perform the login operation. Contraints can be specified on the role, that are applied on the
|
will be able to perform the login operation. Constraints can be specified on the role, that are applied on the
|
||||||
instances attempting to login. Currently only one constraint is supported which is 'bound_ami_id', which must
|
instances attempting to login. Currently only one constraint is supported which is 'bound_ami_id', which must
|
||||||
be specified. Going forward, when more than one constraint is supported, the requirement will be to specify at
|
be specified. Going forward, when more than one constraint is supported, the requirement will be to specify at
|
||||||
least one constraint, but not necessarily 'bound_ami_id'.
|
least one constraint, but not necessarily 'bound_ami_id'.
|
||||||
|
@ -1152,7 +1152,7 @@ The response will be in JSON. For example:
|
||||||
<dd>
|
<dd>
|
||||||
Places a valid role tag in a blacklist. This ensures that the role tag
|
Places a valid role tag in a blacklist. This ensures that the role tag
|
||||||
cannot be used by any instance to perform a login operation again.
|
cannot be used by any instance to perform a login operation again.
|
||||||
Note that if the role tag was previousy used to perfom a successful
|
Note that if the role tag was previously used to perform a successful
|
||||||
login, placing the tag in the blacklist does not invalidate the
|
login, placing the tag in the blacklist does not invalidate the
|
||||||
already issued token.
|
already issued token.
|
||||||
</dd>
|
</dd>
|
||||||
|
|
Loading…
Reference in New Issue