Fix a few quirks in the GCP auth backend's docs. (#3322)

2025-11-26 21:21:12 +01:00 · 2017-09-19 13:41:41 +01:00 · 2017-09-19 13:41:41 +01:00 · 14714f399a
commit 14714f399a
parent 96da396adf
2 changed files with 3 additions and 3 deletions
--- a/website/source/api/auth/gcp/index.html.md
+++ b/website/source/api/auth/gcp/index.html.md
@ -146,7 +146,7 @@ entities attempting to login.

 - `service_accounts` `(array: [])` - Required for `iam` roles.
  A comma-separated list of service account emails or ids.
-  Defines the service accounts that login is restricted to. If set to `\*`, all
+  Defines the service accounts that login is restricted to. If set to `*`, all
  service accounts are allowed (role will still be bound by project).

 ### Sample Payload
--- a/website/source/docs/auth/gcp.html.md
+++ b/website/source/docs/auth/gcp.html.md
@ -75,7 +75,7 @@ curl -H "Authorization: Bearer $OAUTH_TOKEN" \

 **Golang Example**

-We use the Go OAuth2 libraries, GCP IAM API, and Vault API.
+We use the Go OAuth2 libraries, GCP IAM API, and Vault API. The example generates a token valid for the `dev-role` role (as indicated by the `aud` field of `jwtPayload`).

 ```go
 // Abbreviated imports to show libraries.
@ -117,7 +117,7 @@ func main() {
 	// 1. Generate signed JWT using IAM.
 	resourceName := fmt.Sprintf("projects/%s/serviceAccounts/%s", project, serviceAccount)
 	jwtPayload := map[string]interface{}{
-		"aud": "auth/gcp/login",
+		"aud": "vault/dev-role",
 		"sub": serviceAccount,
 		"exp": time.Now().Add(time.Minute * 10).Unix(),
 	}