upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-04-26 00:30:11 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Fix a few quirks in the GCP auth backend's docs. (#3322)

Browse source
This commit is contained in:
Bruno Miguel Custódio 2017-09-19 13:41:41 +01:00 committed by Jeff Mitchell
parent 96da396adf
commit 14714f399a
2 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
website/source/api/auth/gcp/index.html.md
View file

@ -146,7 +146,7 @@ entities attempting to login.
- `service_accounts` `(array: [])` - Required for `iam` roles.
A comma-separated list of service account emails or ids.
Defines the service accounts that login is restricted to. If set to `\*`, all
Defines the service accounts that login is restricted to. If set to `*`, all
service accounts are allowed (role will still be bound by project).
### Sample Payload

4
website/source/docs/auth/gcp.html.md
View file

@ -75,7 +75,7 @@ curl -H "Authorization: Bearer $OAUTH_TOKEN" \
**Golang Example**
We use the Go OAuth2 libraries, GCP IAM API, and Vault API.
We use the Go OAuth2 libraries, GCP IAM API, and Vault API. The example generates a token valid for the `dev-role` role (as indicated by the `aud` field of `jwtPayload`).
```go
// Abbreviated imports to show libraries.
@ -117,7 +117,7 @@ func main() {
// 1. Generate signed JWT using IAM.
resourceName := fmt.Sprintf("projects/%s/serviceAccounts/%s", project, serviceAccount)
jwtPayload := map[string]interface{}{
"aud": "auth/gcp/login",
"aud": "vault/dev-role",
"sub": serviceAccount,
"exp": time.Now().Add(time.Minute * 10).Unix(),
}