improve the vault handling stuff

playbooks/configure-vault.yaml

@@ -1,4 +1,13 @@
 ---
+# Manage Vault configuration (policies, roles, accesses, etc)
+#
+# vault_instances is a dictionary ({instance_name: config}) containing all the
+# required information that is being passed one by one into the configure_vault
+# role for the execution with the help of Vault API invocation.
+#
+# variable `vault_create_auth=true` will force presence of auth methods which
+# are otherwise (default) not created
+#
 - hosts: vault-controller:!disabled
   name: "Configure Vault instances"
   tasks:

playbooks/roles/configure_vault/tasks/auth.yaml

@@ -1,7 +1,8 @@
+---
 - name: Read Auth {{ auth.type }} at {{ auth.path }}
   check_mode: "no"
   ansible.builtin.uri:
-    url: "{{ vault_addr }}/v1/sys/auth/{{ auth.path }}/tune"
+    url: "{{ vault_addr }}/v1/sys/auth/{{ auth.path }}"
     headers:
       X-Vault-Token: "{{ vault_token }}"
     method: "GET"
@@ -28,7 +29,6 @@
         passthrough_request_headers: "{{ auth.passthrough_request_headers | default(omit) }}"
         allowed_response_headers: "{{ auth.allowed_response_headers | default(omit) }}"
       options: "{{ auth.options | default(omit) }}"
-
     status_code: [200, 201, 202, 204]
   when:
     - "current_auth is not defined or current_auth.status != 200"