diff --git a/.images/hcp-vault-secrets-credentials.png b/.images/hcp-vault-secrets-credentials.png
new file mode 100644
index 0000000..e5e9cf2
Binary files /dev/null and b/.images/hcp-vault-secrets-credentials.png differ
diff --git a/hcp-vault-secrets/README.md b/hcp-vault-secrets/README.md
index c45cff6..377ad5a 100644
--- a/hcp-vault-secrets/README.md
+++ b/hcp-vault-secrets/README.md
@@ -23,7 +23,14 @@ module "vault" {
 
 ## Configuration
 
-To configure the HCP Vault Secrets module, you must create an HCP Service Principal from the HCP Vault Secrets app in the HCP console. This will give you the `HCP_CLIENT_ID` and `HCP_CLIENT_SECRET` that you need to authenticate with HCP Vault Secrets. See the [HCP Vault Secrets documentation](https://developer.hashicorp.com/hcp/docs/vault-secrets) for more information.
+To configure the HCP Vault Secrets module, follow these steps,
+
+1. [Create secrets in HCP Vault Secrets](https://developer.hashicorp.com/vault/tutorials/hcp-vault-secrets-get-started/hcp-vault-secrets-create-secret)
+2. Create an HCP Service Principal from the HCP Vault Secrets app in the HCP console. This will give you the `HCP_CLIENT_ID` and `HCP_CLIENT_SECRET` that you need to authenticate with HCP Vault Secrets.
+   ![HCP vault secrets credentials](../.images/hcp-vault-secrets-credentials.png)
+3. Set `HCP_CLIENT_ID` and `HCP_CLIENT_SECRET` variables on the coder provisioner (recommended) or supply them as input to the module.
+
+> See the [HCP Vault Secrets documentation](https://developer.hashicorp.com/hcp/docs/vault-secrets) for more information.
 
 ## Fetch All Secrets