improved docs for install script

michaelwittig · michaelwittig · commit 5e5c3a27d0c5 · 2017-04-25T19:48:00.000+02:00
diff --git a/import_users.sh b/import_users.sh
@@ -8,6 +8,7 @@ IAM_AUTHORIZED_GROUPS=""
 LOCAL_MARKER_GROUP="iam-synced-users"
 
 # Give the users these local UNIX groups
+# Comma seperated list
 LOCAL_GROUPS=""
 
 # Specify an IAM group for users who should be given sudo privileges, or leave
diff --git a/install.sh b/install.sh
@@ -8,10 +8,16 @@ Install import_users.sh and authorized_key_commands.
     -h              display this help and exit
     -v              verbose mode.
 
-    -a arn          AssumeRole ARN to get users from another AWS account
-    -i group,group  Comma seperated list of IAM groups that should have ssh access
-    -l group,group  Comma seperated list of UNIX groups to add the users to
-    -s group        IAM group that should have sudo access. use ##ALL## if all users need it
+    -a arn          Assume a role before contacting AWS IAM to get users and keys.
+                    This can be used if you define your users in one AWS account, while the EC2
+                    instance you use this script runs in another.
+    -i group,group  Which IAM groups have access to this instance
+                    Comma seperated list of IAM groups. Leave empty for all available IAM users
+    -l group,group  Give the users these local UNIX groups
+                    Comma seperated list
+    -s group        Specify an IAM group for users who should be given sudo privileges, or leave
+                    empty to not change sudo access, or give it the value '##ALL##' to have all
+                    users be given sudo rights.
 
 
 EOF
diff --git a/showcase.yaml b/showcase.yaml
@@ -126,10 +126,16 @@ Resources:
                     -h              display this help and exit
                     -v              verbose mode.
 
-                    -a arn          AssumeRole ARN to get users from another AWS account
-                    -i group,group  Comma seperated list of IAM groups that should have ssh access
-                    -l group,group  Comma seperated list of UNIX groups to add the users to
-                    -s group        IAM group that should have sudo access. use ##ALL## if all users need it
+                    -a arn          Assume a role before contacting AWS IAM to get users and keys.
+                                    This can be used if you define your users in one AWS account, while the EC2
+                                    instance you use this script runs in another.
+                    -i group,group  Which IAM groups have access to this instance
+                                    Comma seperated list of IAM groups. Leave empty for all available IAM users
+                    -l group,group  Give the users these local UNIX groups
+                                    Comma seperated list
+                    -s group        Specify an IAM group for users who should be given sudo privileges, or leave
+                                    empty to not change sudo access, or give it the value '##ALL##' to have all
+                                    users be given sudo rights.
 
 
                 EOF
