Update credential help

Use "vault login" instead of "vault auth" and use "method" consistently over provider.
2017-09-06 10:02:15 -04:00 · 2017-09-06 10:02:15 -04:00 · 7b8c472e22
parent d85c6a43c0
commit 7b8c472e22
7 changed files with 46 additions and 51 deletions
--- a/builtin/credential/aws/cli.go
+++ b/builtin/credential/aws/cli.go
@ -108,9 +108,9 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=aws [CONFIG K=V...]
+Usage: vault login -method=aws [CONFIG K=V...]

-  The AWS authentication provider allows users to authenticate with AWS IAM
+  The AWS authentication method allows users to authenticate with AWS IAM
  credentials. The AWS IAM credentials may be specified in a number of ways,
  listed in order of precedence below:

@ -124,11 +124,11 @@ Usage: vault auth -method=aws [CONFIG K=V...]

  Authenticate using locally stored credentials:

-      $ vault auth -method=aws
+      $ vault login -method=aws

  Authenticate by passing keys:

-      $ vault auth -method=aws aws_access_key_id=... aws_secret_access_key=...
+      $ vault login -method=aws aws_access_key_id=... aws_secret_access_key=...

 Configuration:

@ -145,14 +145,13 @@ Configuration:
      Value for the x-vault-aws-iam-server-id header in requests

  mount=<string>
-      Path where the AWS credential provider is mounted. This is usually
-      provided via the -path flag in the "vault auth" command, but it can be
-      specified here as well. If specified here, it takes precedence over
-      the value for -path. The default value is "aws".
+      Path where the AWS credential method is mounted. This is usually provided
+      via the -path flag in the "vault login" command, but it can be specified
+      here as well. If specified here, it takes precedence over the value for
+      -path. The default value is "aws".

  role=<string>
      Name of the role to request a token against
-
 `

 	return strings.TrimSpace(help)
--- a/builtin/credential/cert/cli.go
+++ b/builtin/credential/cert/cli.go
@ -40,22 +40,21 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=cert [CONFIG K=V...]
+Usage: vault login -method=cert [CONFIG K=V...]

-  The certificate authentication provider allows uers to authenticate with a
+  The certificate authentication method allows uers to authenticate with a
  client certificate passed with the request. The -client-cert and -client-key
-  flags are included with the "vault auth" command, NOT as configuration to
-  the authentication provider.
+  flags are included with the "vault login" command, NOT as configuration to the
+  authentication method.

  Authenticate using a local client certificate:

-      $ vault auth -method=cert -client-cert=cert.pem -client-key=key.pem
+      $ vault login -method=cert -client-cert=cert.pem -client-key=key.pem

 Configuration:

  name=<string>
      Certificate role to authenticate against.
-
 `

 	return strings.TrimSpace(help)
--- a/builtin/credential/github/cli.go
+++ b/builtin/credential/github/cli.go
@ -39,23 +39,23 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=github [CONFIG K=V...]
+Usage: vault login -method=github [CONFIG K=V...]

-  The GitHub authentication provider allows users to authenticate using a
-  GitHub personal access token. Users can generate a personal access token
-  from the settings page on their GitHub account.
+  The GitHub authentication method allows users to authenticate using a GitHub
+  personal access token. Users can generate a personal access token from the
+  settings page on their GitHub account.

  Authenticate using a GitHub token:

-      $ vault auth -method=github token=abcd1234
+      $ vault login -method=github token=abcd1234

 Configuration:

  mount=<string>
-      Path where the GitHub credential provider is mounted. This is usually
-      provided via the -path flag in the "vault auth" command, but it can be
-      specified here as well. If specified here, it takes precedence over
-      the value for -path. The default value is "github".
+      Path where the GitHub credential method is mounted. This is usually
+      provided via the -path flag in the "vault login" command, but it can be
+      specified here as well. If specified here, it takes precedence over the
+      value for -path. The default value is "github".

  token=<string>
      GitHub personal access token to use for authentication.
--- a/builtin/credential/ldap/cli.go
+++ b/builtin/credential/ldap/cli.go
@ -62,24 +62,24 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=ldap [CONFIG K=V...]
+Usage: vault login -method=ldap [CONFIG K=V...]

-  The LDAP authentication provider allows users to authenticate using LDAP or
+  The LDAP authentication method allows users to authenticate using LDAP or
  Active Directory.

  If MFA is enabled, a "method" and/or "passcode" may be required depending on
-  the MFA provider. To check which MFA is in use, run:
+  the MFA method. To check which MFA is in use, run:

      $ vault read auth/<mount>/mfa_config

  Authenticate as "sally":

-      $ vault auth -method=ldap username=sally
+      $ vault login -method=ldap username=sally
      Password (will be hidden):

  Authenticate as "bob":

-      $ vault auth -method=ldap username=bob password=password
+      $ vault login -method=ldap username=bob password=password

 Configuration:

@ -95,7 +95,6 @@ Configuration:

  username=<string>
      LDAP username to use for authentication.
-
 `

 	return strings.TrimSpace(help)
--- a/builtin/credential/okta/cli.go
+++ b/builtin/credential/okta/cli.go
@ -53,18 +53,18 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro
 // Help method for okta cli
 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=okta [CONFIG K=V...]
+Usage: vault login -method=okta [CONFIG K=V...]

-  The OKTA authentication provider allows users to authenticate using OKTA.
+  The OKTA authentication method allows users to authenticate using OKTA.

  Authenticate as "sally":

-      $ vault auth -method=okta username=sally
+      $ vault login -method=okta username=sally
      Password (will be hidden):

  Authenticate as "bob":

-      $ vault auth -method=okta username=bob password=password
+      $ vault login -method=okta username=bob password=password

 Configuration:

@ -74,7 +74,7 @@ Configuration:

  username=<string>
      OKTA username to use for authentication.
-    `
+`

 	return strings.TrimSpace(help)
 }
--- a/builtin/credential/token/cli.go
+++ b/builtin/credential/token/cli.go
@ -63,15 +63,15 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth TOKEN [CONFIG K=V...]
+Usage: vault login TOKEN [CONFIG K=V...]

-  The token authentication provider allows logging in directly with a token.
-  This can be a token from the "token-create" command or API. There are no
-  configuration options for this authentication provider.
+  The token authentication method allows logging in directly with a token. This
+  can be a token from the "token-create" command or API. There are no
+  configuration options for this authentication method.

  Authenticate using a token:

-      $ vault auth 96ddf4bc-d217-f3ba-f9bd-017055595017
+      $ vault login 96ddf4bc-d217-f3ba-f9bd-017055595017

  This token usually comes from a different source such as the API or via the
  built-in "vault token-create" command.
@ -80,8 +80,7 @@ Configuration:

  token=<string>
      The token to use for authentication. This is usually provided directly
-      via the "vault auth" command.
-
+      via the "vault login" command.
 `

 	return strings.TrimSpace(help)
--- a/builtin/credential/userpass/cli.go
+++ b/builtin/credential/userpass/cli.go
@ -66,24 +66,24 @@ func (h *CLIHandler) Auth(c *api.Client, m map[string]string) (*api.Secret, erro

 func (h *CLIHandler) Help() string {
 	help := `
-Usage: vault auth -method=userpass [CONFIG K=V...]
+Usage: vault login -method=userpass [CONFIG K=V...]

-  The userpass authentication provider allows users to authenticate using
-  Vault's internal user database.
+  The userpass authentication method allows users to authenticate using Vault's
+  internal user database.

  If MFA is enabled, a "method" and/or "passcode" may be required depending on
-  the MFA provider. To check which MFA is in use, run:
+  the MFA method. To check which MFA is in use, run:

      $ vault read auth/<mount>/mfa_config

  Authenticate as "sally":

-      $ vault auth -method=userpass username=sally
+      $ vault login -method=userpass username=sally
      Password (will be hidden):

  Authenticate as "bob":

-      $ vault auth -method=userpass username=bob password=password
+      $ vault login -method=userpass username=bob password=password

 Configuration:

@ -94,12 +94,11 @@ Configuration:
      MFA OTP/passcode.

  password=<string>
-      Password to use for authentication. If not provided, the CLI will
-      prompt for this on stdin.
+      Password to use for authentication. If not provided, the CLI will prompt
+      for this on stdin.

  username=<string>
      Username to use for authentication.
-
 `

 	return strings.TrimSpace(help)