From 847b9a73e4df02954ad9d60dc7b8f067f09b8ed6 Mon Sep 17 00:00:00 2001
From: carpenti <carpenti@adobe.com>
Date: Fri, 21 Oct 2016 15:47:38 +0200
Subject: [PATCH] add explicit reference to grains['id'] as a 'safe' grain for
 pillars

The documentation is a bit vague concerning the safe way to target
a specific minion inside pillars.

This commit explicitly mention grains['id'] as safe (according to PR
https://github.com/saltstack/salt/pull/12128)
---
 doc/faq.rst | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/doc/faq.rst b/doc/faq.rst
index 1a54381043ea..9feae7caec1e 100644
--- a/doc/faq.rst
+++ b/doc/faq.rst
@@ -361,6 +361,8 @@ files on the local system, grains are considered less secure than other
 identifiers in Salt. Use caution when targeting sensitive operations or setting
 pillar values based on grain data.
 
+The only grain which can be safely used is ``grains['id']`` which contains the Minion ID.
+
 When possible, you should target sensitive operations and data using the Minion
 ID. If the Minion ID of a system changes, the Salt Minion's public key must be
 re-accepted by an administrator on the Salt Master, making it less vulnerable