From 1f58ba01c118778d310078a067806322e7ebce5d Mon Sep 17 00:00:00 2001
From: Martin <hauskrechtmartin@gmail.com>
Date: Thu, 5 Mar 2020 13:41:45 +0100
Subject: [PATCH] Update readme

---
 README.md | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

diff --git a/README.md b/README.md
index 2ef75fa..bf46673 100644
--- a/README.md
+++ b/README.md
@@ -32,5 +32,20 @@ ENTRYPOINT ["/usr/bin/dumb-init", "--"]
 CMD ["bash", "-c", "eval $(./aws_sm_loader) && exec printenv"]
 ```
 
+## Writing binary secrets to file
 
+If secret contains binary data it will be written to file. Value after last `/` from secret name will be used as filename.
+Path for files can be set using `SM_SECRETS_PATH` env variable. Default is current directory.
+
+## Ignoring secrets
+
+If tag `aws_sm_loader_ignore` with value `true` is set for a secret, it won't be exported into the env.
+
+## File permissions for binary secrets
+
+File permissions for secrets that will be outputted into files can be set using `SM_SECRETS_FILEMODE` env variable.
+
+Values in *octal permissions notation* with leading zero is expected.
+
+Default value is read only: `0440`.