NET-1825: More new ACL token creation docs (#18063)
Co-authored-by: Paul Glass <pglass@hashicorp.com>
Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
* backport of commit c77fe8fb20f01b12b72b339998bf7dadba9f8be0
* backport of commit 7c3963cd2c64a585eabc912f52fca707cbb92f39
* backport of commit e706f4ccfd4fd892dedc06fc1af6aa32a2541331
* Add FIPS reference to consul enterprise docs (#18028)`
* Add FIPS reference to consul enterprise docs
* Update website/content/docs/enterprise/index.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
* remove support for ecs client (fips)
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
---------
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
## Backport
This PR is auto-generated from #18154 to be assessed for backporting due
to the inclusion of the label backport/1.16.
The below text is copied from the body of the original PR.
---
### Description
Addresses
https://github.com/hashicorp/consul/pull/17171#issuecomment-1636930705
### Testing & Reproduction steps
<!--
* In the case of bugs, describe how to replicate
* If any manual tests were done, document the steps and the conditions
to replicate
* Call out any important/ relevant unit tests, e2e tests or integration
tests you have added or are adding
-->
### Links
<!--
Include any links here that might be helpful for people reviewing your
PR (Tickets, GH issues, API docs, external benchmarks, tools docs, etc).
If there are none, feel free to delete this section.
Please be mindful not to leak any customer or confidential information.
HashiCorp employees may want to use our internal URL shortener to
obfuscate links.
-->
### PR Checklist
* [ ] updated test coverage
* [ ] external facing docs updated
* [ ] appropriate backport labels added
* [ ] not a security concern
---
<details>
<summary> Overview of commits </summary>
- f5a6411ce7cbda9dddc506b731210d4ebda6bdb1
</details>
Co-authored-by: David Yu <dyu@hashicorp.com>
## Backport
This PR is auto-generated from #18134 to be assessed for backporting due
to the inclusion of the label backport/1.16.
The below text is copied from the body of the original PR.
---
### Description
- Fix unmatched bracket in the
[doc](https://developer.hashicorp.com/consul/docs/services/usage/checks#ttl-check-configuration)
(see the following screenshot of the page)
<img width="618" alt="Screenshot 2023-07-13 at 9 01 19 PM"
src="https://github.com/hashicorp/consul/assets/463631/20707735-906f-4b06-999d-44e6329a9fec">
### Testing & Reproduction steps
<!--
* In the case of bugs, describe how to replicate
* If any manual tests were done, document the steps and the conditions
to replicate
* Call out any important/ relevant unit tests, e2e tests or integration
tests you have added or are adding
-->
### Links
<!--
Include any links here that might be helpful for people reviewing your
PR (Tickets, GH issues, API docs, external benchmarks, tools docs, etc).
If there are none, feel free to delete this section.
Please be mindful not to leak any customer or confidential information.
HashiCorp employees may want to use our internal URL shortener to
obfuscate links.
-->
### PR Checklist
* [ ] updated test coverage
* [ ] external facing docs updated
* [ ] appropriate backport labels added
* [ ] not a security concern
---
<details>
<summary> Overview of commits </summary>
- d40243b3a37b58737bd5cbb104913ce0c2c87f3c
</details>
Co-authored-by: cskh <hui.kang@hashicorp.com>
## Backport
This PR is auto-generated from #18004 to be assessed for backporting due
to the inclusion of the label backport/1.16.
The below text is copied from the body of the original PR.
---
### Description
<!-- Please describe why you're making this change, in plain English.
-->
- Add jwt-provider docs for jwks cluster configuration. The
configuration was added here:
https://github.com/hashicorp/consul/pull/17978
---
<details>
<summary> Overview of commits </summary>
- 1ab3c3be1e85f4b70a0eafbc875a28311f030e49
</details>
Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
* backport of commit 0d7bee8adcf2a80aa7045ad7efcef080241f3a1e
* backport of commit 408cbe8ae0e24dd0d4947a872ebe4cc05f05805e
* backport of commit a0854784dcdc2a26bff3c5f39a687d6db73bc64a
* backport of commit 71c4c6564f78008fb653b70c4c354368423415ae
* backport of commit 0c060fa2badfe3d465065b08bdde2951f81b05a3
---------
Co-authored-by: Luke Kysow <1034429+lkysow@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit 3ef758cefb78124d160bd69681fbb226b062e399
* backport of commit f7c54b6ce2ac3bb185a12aad5f649f4eed237cca
* backport of commit 6b2e88c154c2cab5bf6f013417d6b134171f16c0
* backport of commit 87dc79fddb162451ce9dd6d46615397dccb22dc9
* backport of commit 3d9805c133ab6dfde39cd41135a4c7f4048466b5
* backport of commit e76ec0a1937e7722edc554d96fa3e792bd1f56a0
* backport of commit 4b03ba27c1190e02af46e52261a2417534fdf3f4
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit e1bf4284947af9edd36e9d6f4d2c32e2d1fe9b14
* backport of commit ddf214e638327cdf4b76d325d3c4194d6e26cee3
* backport of commit e41bd9c4e372c2b83d673d6f5c4afcfb44bdf14f
* backport of commit b9cfc86e145d0b90474a1e13f5f02ce7599d9f0f
* backport of commit 0ddf013d6c4e7d44c0c6dfff8fe0c56e5c4b6ca5
* backport of commit 1b0b513b05c1b14c9eb69f0e74f72fc7a0bba118
* backport of commit 29442ad641b0de0df9753cdd207b9f15bc76e6e5
* backport of commit 5e7ddf5c7ef764e7df8fa4f6cd03431e89e8b441
* backport of commit f2b6fa7b4362ecde79b3b8a9752da6d2774d44d8
* backport of commit 83b84a985a131c0ce2b10351f6dd5ca68cef5bf2
* backport of commit 56d81738cc8143ddec27cc5134af23da4bfc2dd8
* backport of commit 0ab44f06c7249adc8a0ba43c369c66ae1f18e8c8
* backport of commit 69c99fbccb711d32194eefd04419b854cacf8750
* backport of commit b79e1245c1bf765c97462f322c09965314317b0a
* backport of commit fb1441976be9c78a2d658b094e178a0c0f75eb5e
* backport of commit 3b7b2a04242e17fc88296fc248ba491e697697c4
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit 1c8b71521297965bf04034caed10d29586084447
* backport of commit 0d690d9eb6d6f29bb2771f59c1a3c707360d92a5
---------
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
* backport of commit a8658bf7c88722c0b88481637c213ce838eb3c7c
* backport of commit 966673b5fe20854f815211fe97cfff30056a002d
* backport of commit 7cea575b3a5c28f014fb35c42f46079ccbeaeef0
* backport of commit 17e57a3abe52c19d323c4159b1521788298e8216
* backport of commit 86a7dc34657c4434cb89077fff95217744e596e5
* backport of commit 7f541fffaabb377de97e13b20e8052b9573643df
* backport of commit 4e46d282ff8f24418321e32924c466762dd3f459
* backport of commit 72d7b61634ffc539f4c5a70de6c648a51a74c9f4
* backport of commit 2b6169f7cb3bd374ce0a378fc174268790dd1d4b
* backport of commit b94a833ec952979e9fc7d6518ce30897b3477323
* backport of commit 74e0ec2a05ead2da243086dedab606ff16185afe
* backport of commit be0167b4920f2406f53f326780fff2f7633734d7
* backport of commit a92a3088b4d5431fc6668c1859cd46301e44af8e
* backport of commit 4b02d312d718ac9ea265d8d39463a7625e659c51
* backport of commit f131207d42ce1684a49e18c4096def2fa6d68a82
* backport of commit 3f0be37f49b0b006e5d9ecdba8e9a4af8c933230
* backport of commit 29ed7aaf6f7e080e41e896111b9f25b95af880a7
* backport of commit 8ae546707beaf3a52c28f2e5d8a9d85b965ee93c
* backport of commit 8ed74fcf442dd8cf5e9abb8317d106564c47cfd1
* backport of commit 36537bafb6962d2f966da754a19cbc6a23ef2535
* backport of commit ef7599d7789a216e688a4663538b2e9d06f82c07
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit 7196fb16d9a6277e351571bb0404747d34e50aaa
* backport of commit facfb7742d8de892457d8cecc7e820d2b14ae559
---------
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
* no-op commit due to failed cherry-picking
* Fix formatting for webhook-certs Consul tutorial (#17810)
* Fix formatting for webhook-certs Consul tutorial
* Make a small grammar change to also pick up whitespace changes necessary for formatting
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Steven Zamborsky <97125550+stevenzamborsky@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit 391db7e58b501b3ed7561fec352f2f3f5004a29f
* backport of commit f204d5b52ab80836128882a65d7d7c5e53b2fa3d
---------
Co-authored-by: Chris Thain <chris.m.thain@gmail.com>
* backport of commit 452d08d5e8e40c0710a2042dd1d67b8eaa5fe43d
* backport of commit 1f1f222c97f981a23de44be2afdef37c25f4a91a
---------
Co-authored-by: Ronald Ekambi <ronekambi@gmail.com>
* backport of commit fa99a741344d96cda07cebd327cabe6d37858ae5
* backport of commit aef14f225347c42b3f62768f18f1cf8593303491
* backport of commit dd5e8e0efaba266c1701cb8c1a56c53857730161
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit c02c4445ccf3cd3dd15199932d81de78b32c1210
* backport of commit 3237e24a11496172837fb05a0dcdbd0266e8710e
* backport of commit 3bbd88fb79094dc641cd1ff43e8a8cdde92df3d9
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
* backport of commit 9f1631dc0db7c3320356d60500a7f28f38673d5f
* backport of commit 5b6b2e37c0d1e11dcf1a6a12e09932b8c18da620
---------
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
* no-op commit due to failed cherry-picking
* docs: minor fixes to JWT auth docs (#17680)
* Fixes
* service intentions fixes
---------
Co-authored-by: temp <temp@hashicorp.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
* backport of commit 1602c996fd1bc6d73f9a2c34d93687700307382a
* backport of commit 132c6ee6c5e119b904d2133cb93722a7ab321634
* backport of commit 5e64b930f55531d4d6668b797b5643b98489d163
* backport of commit 83a7b3fe52adc04835c52ffeb08adbcc3ac23d17
---------
Co-authored-by: Paul Glass <pglass@hashicorp.com>
* add docs for consul-k8s config read command
This PR adds documentation for the functionality introduced in
https://github.com/hashicorp/consul-k8s/pull/2078.
* add output
---------
Co-authored-by: David Yu <dyu@hashicorp.com>
Fix ACL check on health endpoint
Prior to this change, the service health API would not explicitly return an
error whenever a token with invalid permissions was given, and it would instead
return empty results. With this change, a "Permission denied" error is returned
whenever data is queried. This is done to better support the agent cache, which
performs a fetch backoff sleep whenever ACL errors are encountered. Affected
endpoints are: `/v1/health/connect/` and `/v1/health/ingress/`.
* agent: configure server lastseen timestamp
Signed-off-by: Dan Bond <danbond@protonmail.com>
* use correct config
Signed-off-by: Dan Bond <danbond@protonmail.com>
* add comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* use default age in test golden data
Signed-off-by: Dan Bond <danbond@protonmail.com>
* add changelog
Signed-off-by: Dan Bond <danbond@protonmail.com>
* fix runtime test
Signed-off-by: Dan Bond <danbond@protonmail.com>
* agent: add server_metadata
Signed-off-by: Dan Bond <danbond@protonmail.com>
* update comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* correctly check if metadata file does not exist
Signed-off-by: Dan Bond <danbond@protonmail.com>
* follow instructions for adding new config
Signed-off-by: Dan Bond <danbond@protonmail.com>
* add comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* update comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* Update agent/agent.go
Co-authored-by: Dan Upton <daniel@floppy.co>
* agent/config: add validation for duration with min
Signed-off-by: Dan Bond <danbond@protonmail.com>
* docs: add new server_rejoin_age_max config definition
Signed-off-by: Dan Bond <danbond@protonmail.com>
* agent: add unit test for checking server last seen
Signed-off-by: Dan Bond <danbond@protonmail.com>
* agent: log continually for 60s before erroring
Signed-off-by: Dan Bond <danbond@protonmail.com>
* pr comments
Signed-off-by: Dan Bond <danbond@protonmail.com>
* remove unneeded todo
* agent: fix error message
Signed-off-by: Dan Bond <danbond@protonmail.com>
---------
Signed-off-by: Dan Bond <danbond@protonmail.com>
Co-authored-by: Dan Upton <daniel@floppy.co>
hc-github-team-consul-core