From c6dfe2bea1b620ff24078ccd4760fa4c522476fd Mon Sep 17 00:00:00 2001 From: annaone <67009092+annaone@users.noreply.github.com> Date: Wed, 7 Sep 2022 16:34:46 -0400 Subject: [PATCH] Update quickstart-hashicorp-vault-master.template --- ...quickstart-hashicorp-vault-master.template | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/templates/quickstart-hashicorp-vault-master.template b/templates/quickstart-hashicorp-vault-master.template index 4c6ed16..66f806e 100644 --- a/templates/quickstart-hashicorp-vault-master.template +++ b/templates/quickstart-hashicorp-vault-master.template @@ -138,8 +138,7 @@ Parameters: Description: Linux distribution AMI for the Vault instances. Type: String KeyPairName: - Description: Key pair to securely connect to your instance. - after it launches. + Description: Key pair to securely connect to your instance after it launches. Type: AWS::EC2::KeyPair::KeyName NumBastionHosts: Description: Enter the number of bastion hosts to create. @@ -284,8 +283,8 @@ Parameters: Type: String Default: client-role-iam MinLength: "3" - ConstraintDescription: This identifier should be at least 3 characters in length. - Description: The HashiCorp Vault name for the AWS IAM Role. + ConstraintDescription: This identifier should be at least three characters in length. + Description: The HashiCorp Vault name for the AWS IAM role. VaultVersion: Type: String Description: Specify which version of HashiCorp Vault to install. @@ -329,11 +328,11 @@ Parameters: Description: "URL of Kubernetes cluster (e.g., https://192.168.99.100:8443)." Type: String VaultKubernetesCertificate: - Description: "AWS SSM Parameter containing a base64-encoded PEM CA certificate of the Kubernetes cluster service account." + Description: "AWS SSM parameter containing a base64-encoded PEM CA certificate of the Kubernetes cluster service account." Default: "" Type: String VaultKubernetesJWT: - Description: "AWS SSM Secure Parameter containing a base64-encoded JWT token of the Kubernetes cluster service account." + Description: "AWS SSM secure parameter containing a base64-encoded JWT token of the Kubernetes cluster service account." Default: "" Type: String VaultKubernetesServiceAccount: @@ -473,13 +472,13 @@ Outputs: Description: The AWS KMS Key used to Auto Unseal HashiCorp Vault and encrypt the ROOT TOKEN and Recovery Secret. VaultKMSKeyArn: Value: !GetAtt "HashiCorpVaultStack.Outputs.VaultKMSKeyArn" - Description: The AWS KMS Key used to Auto Unseal HashiCorp Vault and encrypt the ROOT TOKEN and Recovery Secret. + Description: The AWS KMS key used to Auto Unseal HashiCorp Vault and encrypt the ROOT TOKEN and Recovery Secret. VaultLoadBalancer: Value: !GetAtt "HashiCorpVaultStack.Outputs.VaultLoadBalancer" - Description: HashiCorp Vault Load Balancer address + Description: HashiCorp Vault Load Balancer address. VaultAuditLogGroup: Value: !GetAtt "HashiCorpVaultStack.Outputs.VaultAuditLogGroup" - Description: CloudWatch Log Group where the HashiCorp Vault audit logs are recorded + Description: CloudWatch log group where the HashiCorp Vault audit logs are recorded. Rules: DomainNamePresentWithHostedID: RuleCondition: @@ -506,4 +505,4 @@ Rules: - !Not [!Equals [!Ref HostedZoneID, '']] - !Not [!Equals [!Ref ACMSSLCertificateArn, '']] - !Not [!Equals [!Ref DomainName, '']] - AssertDescription: "Using an SSL certificate is enforced. A CertificateArn or a HostedZoneID and Domain Name must be provided." \ No newline at end of file + AssertDescription: "Using an SSL certificate is enforced. A CertificateArn or a HostedZoneID and Domain Name must be provided."