docs(index.md): capitalisation & formatting

This commit is contained in:
tigattack 2020-06-18 20:15:15 +01:00 committed by GitHub
parent e85236959b
commit 647d56e90c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 9 additions and 9 deletions

View File

@ -10,30 +10,30 @@ From https://docs.ansible.com/ansible/2.5/reference_appendices/tower.html
Tower allows you to control access to who can access what, even allowing sharing of SSH credentials without someone being able to transfer those credentials. Inventory can be graphically managed or synced with a wide variety of cloud sources. It logs all of your jobs, integrates well with LDAP, and has an amazing browsable REST API. Command line tools are available for easy integration with Jenkins as well. Provisioning callbacks provide great support for autoscaling topologies. Tower allows you to control access to who can access what, even allowing sharing of SSH credentials without someone being able to transfer those credentials. Inventory can be graphically managed or synced with a wide variety of cloud sources. It logs all of your jobs, integrates well with LDAP, and has an amazing browsable REST API. Command line tools are available for easy integration with Jenkins as well. Provisioning callbacks provide great support for autoscaling topologies.
!!! note !!! note
AWX is the Open-Source version of Tower, and AWX will be used interchangeably throughout this document. AWX is the open-source version of Tower. The term "AWX" will be used interchangeably throughout this document.
## Preparation ## Preparation
The following placeholders will be used: The following placeholders will be used:
- `awx.company` is the FQDN of the AWX/Tower Install - `awx.company` is the FQDN of the AWX/Tower install.
- `passbook.company` is the FQDN of the passbook Install - `passbook.company` is the FQDN of the passbook install.
Create an application in passbook and note the slug, as this will be used later. Create a SAML Provider with the following Parameters: Create an application in passbook and note the slug, as this will be used later. Create a SAML provider with the following parameters:
- ACS URL: `https://awx.company/sso/complete/saml/` - ACS URL: `https://awx.company/sso/complete/saml/`
- Audience: `awx` - Audience: `awx`
- Issuer: `https://awx.company/sso/metadata/saml/` - Issuer: `https://awx.company/sso/metadata/saml/`
You can of course use a custom Signing Certificate, and adjust durations. You can of course use a custom signing certificate, and adjust durations.
## AWX Configuration ## AWX Configuration
Navigate to `https://awx.company/#/settings/auth` to configure SAML. Set the Field `SAML SERVICE PROVIDER ENTITY ID` to `awx`. Navigate to `https://awx.company/#/settings/auth` to configure SAML. Set the Field `SAML SERVICE PROVIDER ENTITY ID` to `awx`.
For the fields `SAML SERVICE PROVIDER PUBLIC CERTIFICATE` and `SAML SERVICE PROVIDER PRIVATE KEY`, you can either use custom Certificates, or use the self-signed Pair generated by Passbook. For the fields `SAML SERVICE PROVIDER PUBLIC CERTIFICATE` and `SAML SERVICE PROVIDER PRIVATE KEY`, you can either use custom certificates, or use the self-signed pair generated by passbook.
Provide Metadata in the `SAML Service Provider Organization Info` Field: Provide metadata in the `SAML Service Provider Organization Info` field:
```json ```json
{ {
@ -45,7 +45,7 @@ Provide Metadata in the `SAML Service Provider Organization Info` Field:
} }
``` ```
Provide Metadata in the `SAML Service Provider Technical Contact` and `SAML Service Provider Technical Contact` Fields: Provide metadata in the `SAML Service Provider Technical Contact` and `SAML Service Provider Technical Contact` fields:
```json ```json
{ {
@ -71,4 +71,4 @@ In the `SAML Enabled Identity Providers` paste the following configuration:
} }
``` ```
`x509cert` is the Certificate configured in passbook. Remove the --BEGIN CERTIFICATE-- and --END CERTIFICATE-- headers, then enter the cert as one non-breaking string. `x509cert` is the certificate configured in passbook. Remove the `--BEGIN CERTIFICATE--` and `--END CERTIFICATE--` headers, then enter the cert as one non-breaking string.