Update documentation after user feedback (#203)

* Update README * Update README
2024-01-11 09:22:44 +00:00 · 2024-01-11 09:22:44 +00:00 · 57a732407a
commit 57a732407a
parent db919e34fe
1 changed files with 12 additions and 7 deletions
--- a/README.md
+++ b/README.md
@ -21,7 +21,7 @@ When setting up authentication, the provider will always try to use the key flow

   The SDK will check the credentials file located in the path defined by the `STACKIT_CREDENTIALS_PATH` env var, if specified,
   or in `$HOME/.stackit/credentials.json` as a fallback.
-   The credentials should be set using the same name as the environment variables. Example:
+   The credentials file should be a json and each credential should be set using the name of the respective environment variable, as stated below in each flow. Example:

   ```json
   {
@ -32,14 +32,19 @@ When setting up authentication, the provider will always try to use the key flow

 ## Key flow

-To use the key flow, you need to have a service account key and an RSA key-pair.
-To configure it, follow this steps:
+    The following instructions assume that you have created a service account and assigned it the necessary permissions, e.g. `project.owner`.

-    The following instructions assume that you have created a service account and assigned it the necessary permissions, e.g. project.owner.
+To use the key flow, you need to have a service account key, which must have an RSA key-pair attached to it.

-1.  In the Portal, go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key.
+When creating the service account key, a new pair can be created automatically, which will be included in the service account key. This will make it much easier to configure the key flow authentication in the CLI, by just providing the service account key.

- You can create your own RSA key-pair or have the Portal generate one for you.
+**Optionally**, you can provide your own private key when creating the service account key, which will then require you to also provide it explicitly to the CLI, additionaly to the service account key. Check the STACKIT Knowledge Base for an [example of how to create your own key-pair](https://docs.stackit.cloud/stackit/en/usage-of-the-service-account-keys-in-stackit-175112464.html#UsageoftheserviceaccountkeysinSTACKIT-CreatinganRSAkey-pair).
+
+To configure the key flow, follow this steps:
+
+1.  Create a service account key:
+
+- Use the STACKIT Portal: go to the `Service Accounts` tab, choose a `Service Account` and go to `Service Account Keys` to create a key. For more details, see [Create a service account key](https://docs.stackit.cloud/stackit/en/create-a-service-account-key-175112456.html)

 2.  Save the content of the service account key by copying it and saving it in a JSON file.

@ -71,7 +76,7 @@ To configure it, follow this steps:
   - setting the environment variable: `STACKIT_SERVICE_ACCOUNT_KEY_PATH`
   - setting `STACKIT_SERVICE_ACCOUNT_KEY_PATH` in the credentials file (see above)

-> **If you have provided your own RSA key-pair when creating the service account key**, you also need to configure your private key (takes precedence over the private key included in the service account key, if present). **The private key must be PEM encoded** and can be provided using one of the options below:
+> **Optionally, only if you have provided your own RSA key-pair when creating the service account key**, you also need to configure your private key (takes precedence over the one included in the service account key, if present). **The private key must be PEM encoded** and can be provided using one of the options below:
 >
 > - setting the field in the provider block: `private_key` or `private_key_path`
 > - setting the environment variable: `STACKIT_PRIVATE_KEY_PATH`