luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity

feat(website): migrates nav data format and updates docs pages (#11242) 

* migrates nav data format and updates docs pages

* removes sidebar_title from content files
This commit is contained in:
Bryce Kalow 2021-04-06 12:49:04 -05:00 committed by GitHub
parent a81f6683d2
commit b76a56d40c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
555 changed files with 3409 additions and 2301 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
website/content/api-docs/auth/alicloud.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AliCloud - Auth Methods - HTTP API
sidebar_title: AliCloud
description: This is the API documentation for the Vault AliCloud auth method.
---

1
website/content/api-docs/auth/app-id.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AppID - Auth Methods - HTTP API
sidebar_title: App ID <sup>DEPRECATED</sup>
description: This is the API documentation for the Vault App ID auth method.
---

1
website/content/api-docs/auth/approle.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AppRole - Auth Methods - HTTP API
sidebar_title: AppRole
description: This is the API documentation for the Vault AppRole auth method.
---

62
website/content/api-docs/auth/aws.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AWS - Auth Methods - HTTP API
sidebar_title: AWS
description: This is the API documentation for the Vault AWS auth method.
---
@ -516,8 +515,8 @@ $ curl \
Configures the periodic tidying operation of the access listed identity entries.
| Method | Path |
| :----- | :----------------------------------------- |
| Method | Path |
| :----- | :------------------------------------------ |
| `POST` | `/auth/aws/config/tidy/identity-accesslist` |
### Parameters
@ -550,8 +549,8 @@ $ curl \
Returns the previously configured periodic access list tidying settings.
| Method | Path |
| :----- | :----------------------------------------- |
| Method | Path |
| :----- | :------------------------------------------ |
| `GET` | `/auth/aws/config/tidy/identity-accesslist` |
### Sample Request
@ -577,8 +576,8 @@ $ curl \
Deletes the previously configured periodic access list tidying settings.
| Method | Path |
| :------- | :----------------------------------------- |
| Method | Path |
| :------- | :------------------------------------------ |
| `DELETE` | `/auth/aws/config/tidy/identity-accesslist` |
### Sample Request
@ -594,8 +593,8 @@ $ curl \
Configures the periodic tidying operation of the deny listed role tag entries.
| Method | Path |
| :----- | :---------------------------------------- |
| Method | Path |
| :----- | :--------------------------------------- |
| `POST` | `/auth/aws/config/tidy/roletag-denylist` |
### Parameters
@ -628,8 +627,8 @@ $ curl \
Returns the previously configured periodic deny list tidying settings.
| Method | Path |
| :----- | :---------------------------------------- |
| Method | Path |
| :----- | :--------------------------------------- |
| `GET` | `/auth/aws/config/tidy/roletag-denylist` |
### Sample Request
@ -655,8 +654,8 @@ $ curl \
Deletes the previously configured periodic deny list tidying settings.
| Method | Path |
| :------- | :---------------------------------------- |
| Method | Path |
| :------- | :--------------------------------------- |
| `DELETE` | `/auth/aws/config/tidy/roletag-denylist` |
### Sample Request
@ -1109,8 +1108,8 @@ that if the role tag was previously used to perform a successful login,
placing the tag in the deny list does not invalidate the already issued
token.
| Method | Path |
| :----- | :-------------------------------------- |
| Method | Path |
| :----- | :------------------------------------- |
| `POST` | `/auth/aws/roletag-denylist/:role_tag` |
### Parameters
@ -1132,8 +1131,8 @@ $ curl \
Returns the deny list entry of a previously deny listed role tag.
| Method | Path |
| :----- | :-------------------------------------- |
| Method | Path |
| :----- | :------------------------------------- |
| `GET` | `/auth/aws/roletag-denylist/:role_tag` |
### Parameters
@ -1165,8 +1164,8 @@ $ curl \
Lists all the role tags that are deny listed.
| Method | Path |
| :----- | :---------------------------- |
| Method | Path |
| :----- | :--------------------------- |
| `LIST` | `/auth/aws/roletag-denylist` |
### Sample Request
@ -1194,8 +1193,8 @@ $ curl \
Deletes a deny listed role tag.
| Method | Path |
| :------- | :-------------------------------------- |
| Method | Path |
| :------- | :------------------------------------- |
| `DELETE` | `/auth/aws/roletag-denylist/:role_tag` |
### Parameters
@ -1218,8 +1217,8 @@ $ curl \
Cleans up the entries in the deny listed based on expiration time on the entry and
`safety_buffer`.
| Method | Path |
| :----- | :--------------------------------- |
| Method | Path |
| :----- | :-------------------------------- |
| `POST` | `/auth/aws/tidy/roletag-denylist` |
### Parameters
@ -1242,8 +1241,8 @@ $ curl \
Returns an entry in the identity access list. An entry will be created/updated by every
successful login.
| Method | Path |
| :----- | :------------------------------------------ |
| Method | Path |
| :----- | :------------------------------------------- |
| `GET` | `/auth/aws/identity-accesslist/:instance_id` |
### Parameters
@ -1278,8 +1277,8 @@ $ curl \
Lists all the instance IDs that are in the access list of successful logins.
| Method | Path |
| :----- | :----------------------------- |
| Method | Path |
| :----- | :------------------------------ |
| `LIST` | `/auth/aws/identity-accesslist` |
### Sample Request
@ -1305,8 +1304,8 @@ $ curl \
Deletes a cache of the successful login from an instance.
| Method | Path |
| :------- | :------------------------------------------ |
| Method | Path |
| :------- | :------------------------------------------- |
| `DELETE` | `/auth/aws/identity-accesslist/:instance_id` |
### Parameters
@ -1329,8 +1328,8 @@ $ curl \
Cleans up the entries in the access list based on expiration time and
`safety_buffer`.
| Method | Path |
| :----- | :---------------------------------- |
| Method | Path |
| :----- | :----------------------------------- |
| `POST` | `/auth/aws/tidy/identity-accesslist` |
### Parameters
@ -1361,4 +1360,3 @@ URLs are deprecated. The affected APIs include:
| `/auth/aws/tidy/roletag-denylist` | `/auth/aws/tidy/roletag-blacklist` |
| `/auth/aws/config/tidy/identity-accesslist` | `/auth/aws/config/tidy/identity-whitelist` |
| `/auth/aws/config/tidy/roletag-denylist` | `/auth/aws/config/tidy/roletag-blacklist` |

1
website/content/api-docs/auth/azure.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Azure - Auth Methods - HTTP API
sidebar_title: Azure
description: |-
This is the API documentation for the Vault Azure authentication
method plugin.

1
website/content/api-docs/auth/cert.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: TLS Certificate - Auth Methods - HTTP API
sidebar_title: TLS Certificates
description: |-
This is the API documentation for the Vault TLS Certificate authentication
method.

1
website/content/api-docs/auth/cf.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Cloud Foundry - Auth Methods - HTTP API
sidebar_title: Cloud Foundry
description: This is the API documentation for the Vault Cloud Foundry auth method.
---

1
website/content/api-docs/auth/gcp.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Google Cloud - Auth Methods - HTTP API
sidebar_title: Google Cloud
description: |-
This is the API documentation for the Vault Google Cloud authentication
method.

1
website/content/api-docs/auth/github.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: GitHub - Auth Methods - HTTP API
sidebar_title: GitHub
description: This is the API documentation for the Vault GitHub auth method.
---

1
website/content/api-docs/auth/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Auth Methods - HTTP API
sidebar_title: Auth Methods
description: |-
Each auth method publishes its own set of API paths and methods.
These endpoints are documented in this section.

1
website/content/api-docs/auth/jwt.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: JWT/OIDC - Auth Methods - HTTP API
sidebar_title: JWT/OIDC
description: |-
This is the API documentation for the Vault JWT/OIDC authentication
method plugin.

1
website/content/api-docs/auth/kerberos.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Kerberos - Auth Methods - HTTP API
sidebar_title: Kerberos
description: This is the API documentation for the Vault Kerberos auth method plugin.
---

1
website/content/api-docs/auth/kubernetes.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Kubernetes - Auth Methods - HTTP API
sidebar_title: Kubernetes
description: This is the API documentation for the Vault Kubernetes auth method plugin.
---

1
website/content/api-docs/auth/ldap.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: LDAP - Auth Methods - HTTP API
sidebar_title: LDAP
description: This is the API documentation for the Vault LDAP auth method.
---

1
website/content/api-docs/auth/oci.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: OCI - Auth Methods - HTTP API
sidebar_title: OCI
description: This is the API documentation for the Vault OCI auth method plugin.
---

1
website/content/api-docs/auth/okta.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Okta - Auth Methods - HTTP API
sidebar_title: Okta
description: This is the API documentation for the Vault Okta auth method.
---

1
website/content/api-docs/auth/radius.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: RADIUS - Auth Methods - HTTP API
sidebar_title: RADIUS
description: This is the API documentation for the Vault RADIUS auth method.
---

1
website/content/api-docs/auth/token.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Token - Auth Methods - HTTP API
sidebar_title: Tokens
description: This is the API documentation for the Vault token auth method.
---

1
website/content/api-docs/auth/userpass.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Userpass - Auth Methods - HTTP API
sidebar_title: Username & Password
description: |-
This is the API documentation for the Vault username and password
auth method.

1
website/content/api-docs/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: HTTP API
sidebar_title: Overview
description: Vault has an HTTP API that can be used to control every aspect of Vault.
---

1
website/content/api-docs/libraries.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'HTTP API: Libraries'
sidebar_title: Client Libraries
description: >-
List of official and community contributed libraries for interacting with the
Vault HTTP API.

1
website/content/api-docs/relatedtools.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Related Tools
sidebar_title: Related Tools
description: Short list of third-party tools that work with or are related to Vault.
---

1
website/content/api-docs/secret/ad.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Active Directory - Secrets Engines - HTTP API
sidebar_title: Active Directory
description: This is the API documentation for the Vault Active Directory secrets engine.
---

1
website/content/api-docs/secret/alicloud.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AliCloud - Secrets Engines - HTTP API
sidebar_title: AliCloud
description: This is the API documentation for the Vault AliCloud secrets engine.
---

1
website/content/api-docs/secret/aws.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AWS - Secrets Engines - HTTP API
sidebar_title: AWS
description: This is the API documentation for the Vault AWS secrets engine.
---

1
website/content/api-docs/secret/azure.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Azure - Secrets Engines - HTTP API
sidebar_title: Azure
description: This is the API documentation for the Vault Azure secrets engine.
---

1
website/content/api-docs/secret/cassandra.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Cassandra - Secrets Engines - HTTP API
sidebar_title: Cassandra <sup>DEPRECATED</sup>
description: This is the API documentation for the Vault Cassandra secrets engine.
---

1
website/content/api-docs/secret/consul.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Consul - Secrets Engines - HTTP API
sidebar_title: Consul
description: This is the API documentation for the Vault Consul secrets engine.
---

1
website/content/api-docs/secret/cubbyhole.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Cubbyhole - Secrets Engines - HTTP API
sidebar_title: Cubbyhole
description: This is the API documentation for the Vault Cubbyhole secrets engine.
---

1
website/content/api-docs/secret/databases/cassandra.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Cassandra - Database - Secrets Engines - HTTP API
sidebar_title: Cassandra
description: >-
The Cassandra plugin for Vault's database secrets engine generates database
credentials to access Cassandra servers.

21
website/content/api-docs/secret/databases/couchbase.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Couchbase - Database - Secrets Engines - HTTP API
sidebar_title: Couchbase
description: >-
The Couchbase plugin for Vault's database secrets engine generates database
credentials to access Couchbase servers.
@ -59,17 +58,17 @@ V_{{.DisplayName | uppercase | truncate 64}}_{{.RoleName | uppercase | truncate
<details>
<summary><b>Example Usernames:</b></summary>
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `V_TOKEN_MYROLENAME_USZT1N4CYHAL4M0XTGX3_1614294836` |
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `V_TOKEN_MYROLENAME_USZT1N4CYHAL4M0XTGX3_1614294836` |
| Example | |
| ------------- | ------------------------------------------------------------------------------ |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `V_AMUCHLONGER_DISPNAME_ROLE-NAME-WITH-DASHES_S0T9XB0JSAB9NQZ7YJ40_1614294836` |
| Example | |
| ------------- | ------------------------------------------------------------------------------ |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `V_AMUCHLONGER_DISPNAME_ROLE-NAME-WITH-DASHES_S0T9XB0JSAB9NQZ7YJ40_1614294836` |
</details>
</details>

1
website/content/api-docs/secret/databases/elasticdb.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Elasticsearch - Database - Secrets Engines - HTTP API
sidebar_title: Elasticsearch
description: >-
The Elasticsearch plugin for Vault's database secrets engine generates
database credentials to access Elasticsearch.

1
website/content/api-docs/secret/databases/hanadb.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: HANA - Database - Secrets Engines - HTTP API
sidebar_title: HanaDB
description: >-
The HANA plugin for Vault's database secrets engine generates database
credentials to access HANA servers.

1
website/content/api-docs/secret/databases/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Database - Secrets Engines - HTTP API
sidebar_title: Databases
description: Top page for database secrets engine information
---

1
website/content/api-docs/secret/databases/influxdb.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Influxdb - Database - Secrets Engines - HTTP API
sidebar_title: Influxdb
description: >-
The Influxdb plugin for Vault's database secrets engine generates database
credentials to access Influxdb servers.

21
website/content/api-docs/secret/databases/mongodb.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: MongoDB - Database - Secrets Engines - HTTP API
sidebar_title: MongoDB
description: >-
The MongoDB plugin for Vault's database secrets engine generates database
credentials to access MongoDB servers.
@ -59,17 +58,17 @@ has a number of parameters to further configure a connection.
<details>
<summary><b>Example Usernames:</b></summary>
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-token-myrolename-jNFRlKsZZMxJEx60o66i-1614294836` |
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-token-myrolename-jNFRlKsZZMxJEx60o66i-1614294836` |
| Example | |
| ------------- | ------------------------------------------------------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-amuchlonger_dis-role-name-with--jNFRlKsZZMxJEx60o66i-1614294836` |
| Example | |
| ------------- | ------------------------------------------------------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-amuchlonger_dis-role-name-with--jNFRlKsZZMxJEx60o66i-1614294836` |
</details>
</details>

1
website/content/api-docs/secret/databases/mongodbatlas.mdx
View File

@ -1,7 +1,6 @@
---
layout: 'api'
page_title: 'MongoDB Atlas - Database - Secrets Engines - HTTP API'
sidebar_title: 'MongoDB Atlas'
description: |-
The MongoDB Atlas plugin for Vault's Database Secrets Engine generates MongoDB Database User credentials for MongoDB Atlas.
---

21
website/content/api-docs/secret/databases/mssql.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: MSSQL - Database - Secrets Engines - HTTP API
sidebar_title: MSSQL
description: >-
The MSSQL plugin for Vault's database secrets engine generates database
credentials to access MSSQL servers.
@ -58,17 +57,17 @@ has a number of parameters to further configure a connection.
<details>
<summary><b>Example Usernames:</b></summary>
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-token-myrolename-jNFRlKsZZMxJEx60o66i-1614294836` |
| Example | |
| ------------- | ---------------------------------------------------- |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-token-myrolename-jNFRlKsZZMxJEx60o66i-1614294836` |
| Example | |
| ------------- | ----------------------------------------------------------------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-amuchlonger_dispname-role-name-with-dashe-LUHU9xqm6YNisikA3iCQ-1614294836` |
| Example | |
| ------------- | ----------------------------------------------------------------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-amuchlonger_dispname-role-name-with-dashe-LUHU9xqm6YNisikA3iCQ-1614294836` |
</details>
</details>

21
website/content/api-docs/secret/databases/mysql-maria.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: MySQL/MariaDB - Database - Secrets Engines - HTTP API
sidebar_title: MySQL/MariaDB
description: >-
The MySQL/MariaDB plugin for Vault's database secrets engine generates
database credentials to access MySQL and MariaDB servers.
@ -95,17 +94,17 @@ has a number of parameters to further configure a connection.
<details>
<summary><b>Example Usernames:</b></summary>
| Example | |
| ------------- | ------------------ |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-myro-jNFRlKsZZ` |
| Example | |
| ------------- | ------------------ |
| `DisplayName` | `token` |
| `RoleName` | `myrolename` |
| Username | `v-myro-jNFRlKsZZ` |
| Example | |
| ------------- | ----------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-role-b9ODeKsfl` |
| Example | |
| ------------- | ----------------------- |
| `DisplayName` | `amuchlonger_dispname` |
| `RoleName` | `role-name-with-dashes` |
| Username | `v-role-b9ODeKsfl` |
</details>
</details>

1
website/content/api-docs/secret/databases/oracle.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Oracle - Database - Secrets Engines - HTTP API
sidebar_title: Oracle
description: >-
The Oracle plugin for Vault's database secrets engine generates database
credentials to access Oracle servers.

1
website/content/api-docs/secret/databases/postgresql.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: PostgreSQL - Database - Secrets Engines - HTTP API
sidebar_title: PostgreSQL
description: >-
The PostgreSQL plugin for Vault's database secrets engine generates database
credentials to access PostgreSQL servers.

1
website/content/api-docs/secret/databases/redshift.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Redshift - Database - Secrets Engines - HTTP API
sidebar_title: Redshift
description: >-
The Redshift plugin for Vault's database secrets engine generates database
credentials to access the AWS Redshift service.

1
website/content/api-docs/secret/databases/snowflake.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Snowflake - Database - Secrets Engines - HTTP API
sidebar_title: Snowflake
description: >-
The Snowflake plugin for Vault's database secrets engine generates database
credentials to access Snowflake servers.

1
website/content/api-docs/secret/gcp.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Google Cloud - Secrets Engines - HTTP API
sidebar_title: Google Cloud
description: This is the API documentation for the Vault Google Cloud secrets engine.
---

1
website/content/api-docs/secret/gcpkms.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Google Cloud KMS - Secrets Engines - HTTP API
sidebar_title: Google Cloud KMS
description: This is the API documentation for the Vault Google Cloud KMS secrets engine.
---

1
website/content/api-docs/secret/identity/entity-alias.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Entity Alias - HTTP API'
sidebar_title: Entity Alias
description: >-
This is the API documentation for managing entity aliases in the identity
store.

1
website/content/api-docs/secret/identity/entity.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Entity - HTTP API'
sidebar_title: Entity
description: This is the API documentation for managing entities in the identity store.
---

1
website/content/api-docs/secret/identity/group-alias.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Group Alias - HTTP API'
sidebar_title: Group Alias
description: >-
This is the API documentation for managing the group aliases in the identity
store.

3
website/content/api-docs/secret/identity/group.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Group - HTTP API'
sidebar_title: Group
description: This is the API documentation for managing groups in the identity store.
---
@ -15,7 +14,7 @@ This endpoint creates or updates a Group.
### Parameters
- `name` `(string: entity-<UUID>)` Name of the group. If set (and
- `name` `(string: entity-<UUID>)` Name of the group. If set (and
ID is not set), updates the corresponding existing group.
- `id` `(string: <optional>)` - ID of the group. If set, updates the

1
website/content/api-docs/secret/identity/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Identity - Secrets Engines - HTTP API
sidebar_title: Identity
description: This is the API documentation for the Vault Identity secrets engine.
---

1
website/content/api-docs/secret/identity/lookup.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Lookup - HTTP API'
sidebar_title: Lookup
description: |-
This is the API documentation for entity and group lookups from identity
store.

1
website/content/api-docs/secret/identity/tokens.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: 'Identity Secret Backend: Identity Tokens - HTTP API'
sidebar_title: Identity Tokens
description: >-
This is the API documentation for configuring, acquiring, and validating vault
issued identity tokens.

1
website/content/api-docs/secret/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Secrets Engines - HTTP API
sidebar_title: Secrets Engines
description: |-
Each secrets engine publishes its own set of API paths and methods. These
endpoints are documented in this section.

21
website/content/api-docs/secret/key-management/awskms.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: AWS KMS - Key Management - Secrets Engines - HTTP API
sidebar_title: AWS KMS
description: The AWS KMS API documentation for the Key Management secrets engine.
---
@ -43,13 +42,13 @@ the given parameter values.
as environment variables. Credentials provided to this parameter will take precedence over
credentials provided via environment variables.
- `access_key` `(string: <required>)` - The AWS access key ID. May also be specified
by the `AWS_ACCESS_KEY_ID` environment variable.
- `secret_key` `(string: <required>)` - The AWS secret access key. May also be specified
by the `AWS_SECRET_ACCESS_KEY` environment variable.
- `session_token` `(string: <optional>)` - The AWS session token. May also be specified
by the `AWS_SESSION_TOKEN` environment variable.
- `endpoint` `(string: <optional>)` - The KMS API endpoint to be used to make AWS KMS
requests. May also be specified by the `AWS_KMS_ENDPOINT` environment variable. This
is useful when connecting to KMS over a [VPC Endpoint](https://docs.aws.amazon.com/kms/latest/developerguide/kms-vpc-endpoint.html).
If not set, the secrets engine will use the default API endpoint for the region.
- `access_key` `(string: <required>)` - The AWS access key ID. May also be specified
by the `AWS_ACCESS_KEY_ID` environment variable.
- `secret_key` `(string: <required>)` - The AWS secret access key. May also be specified
by the `AWS_SECRET_ACCESS_KEY` environment variable.
- `session_token` `(string: <optional>)` - The AWS session token. May also be specified
by the `AWS_SESSION_TOKEN` environment variable.
- `endpoint` `(string: <optional>)` - The KMS API endpoint to be used to make AWS KMS
requests. May also be specified by the `AWS_KMS_ENDPOINT` environment variable. This
is useful when connecting to KMS over a [VPC Endpoint](https://docs.aws.amazon.com/kms/latest/developerguide/kms-vpc-endpoint.html).
If not set, the secrets engine will use the default API endpoint for the region.

17
website/content/api-docs/secret/key-management/azurekeyvault.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Azure Key Vault - Key Management - Secrets Engines - HTTP API
sidebar_title: Azure Key Vault
description: The Azure Key Vault API documentation for the Key Management secrets engine.
---
@ -40,11 +39,11 @@ the given parameter values.
be specified as environment variables. Environment variables will take precedence over
credentials provided via this parameter.
- `tenant_id` `(string: <required>)` - The tenant ID for the Azure Active Directory
organization. May also be specified by the `AZURE_TENANT_ID` environment variable.
- `client_id` `(string: <required or MSI>)` - The client ID for credentials to invoke the
Azure APIs. May also be specified by the `AZURE_CLIENT_ID` environment variable.
- `client_secret` `(string: <required or MSI>)` - The client secret for credentials to invoke
the Azure APIs. May also be specified by the `AZURE_CLIENT_SECRET` environment variable.
- `environment` `(string: "AzurePublicCloud")` - The Azure Cloud environment API endpoints to
use. May also be specified by the `AZURE_ENVIRONMENT` environment variable.
- `tenant_id` `(string: <required>)` - The tenant ID for the Azure Active Directory
organization. May also be specified by the `AZURE_TENANT_ID` environment variable.
- `client_id` `(string: <required or MSI>)` - The client ID for credentials to invoke the
Azure APIs. May also be specified by the `AZURE_CLIENT_ID` environment variable.
- `client_secret` `(string: <required or MSI>)` - The client secret for credentials to invoke
the Azure APIs. May also be specified by the `AZURE_CLIENT_SECRET` environment variable.
- `environment` `(string: "AzurePublicCloud")` - The Azure Cloud environment API endpoints to
use. May also be specified by the `AZURE_ENVIRONMENT` environment variable.

5
website/content/api-docs/secret/key-management/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Key Management - Secrets Engines - HTTP API
sidebar_title: Key Management <sup>ENTERPRISE</sup>
description: The API documentation for the Key Management secrets engine.
---
@ -266,8 +265,8 @@ the given parameter values.
the [KMS Providers](/docs/secrets/key-management#kms-providers) section. The following values
are supported:
- `azurekeyvault`
- `awskms`
- `azurekeyvault`
- `awskms`
### Common Parameters

7
website/content/api-docs/secret/kmip.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: KMIP - Secrets Engines - HTTP API
sidebar_title: KMIP <sup>ENTERPRISE</sup>
description: This is the API documentation for the Vault KMIP secrets engine.
---
@ -24,9 +23,9 @@ update your API calls accordingly.
This endpoint configures shared information for the secrets engine. After writing
to it the KMIP engine will generate a CA and start listening for KMIP requests.
If the server was already running and any non-client settings are changed, the
server will be restarted using the new settings. All generated CAs will use
server will be restarted using the new settings. All generated CAs will use
entropy augmentation to generate their certificates if entropy augmentation
is enabled.
is enabled.
### Parameters
@ -404,7 +403,7 @@ $ curl \
| :----- | :-------------------------------------------------- |
| `POST` | `/kmip/scope/:scope/role/:role/credential/generate` |
Create a new client certificate tied to the given role and scope.
Create a new client certificate tied to the given role and scope.
This endpoint uses entropy augmentation to generate the client certificate
if entropy augmentation is enabled.

1
website/content/api-docs/secret/kv/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: KV - Secrets Engines - HTTP API
sidebar_title: Key/Value
description: This is the API documentation for the Vault KV secrets engine.
---

1
website/content/api-docs/secret/kv/kv-v1.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: KV - Secrets Engines - HTTP API
sidebar_title: K/V Version 1
description: This is the API documentation for the Vault KV secrets engine.
---

1
website/content/api-docs/secret/kv/kv-v2.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: KV - Secrets Engines - HTTP API
sidebar_title: K/V Version 2
description: This is the API documentation for the Vault KV secrets engine.
---

1
website/content/api-docs/secret/mongodbatlas.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: MongoDB Atlas - Secrets Engines - HTTP API
sidebar_title: MongoDB Atlas
description: |-
The MongoDB Atlas Secrets Engine for Vault generates MongoDB Atlas Programmatic API Keys dynamically.
---

1
website/content/api-docs/secret/nomad.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Nomad Secret Backend - HTTP API
sidebar_title: Nomad
description: This is the API documentation for the Vault Nomad secret backend.
---

13
website/content/api-docs/secret/openldap.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: OpenLDAP - Secrets Engines - HTTP API
sidebar_title: OpenLDAP
description: This is the API documentation for the Vault OpenLDAP secrets engine.
---
@ -226,7 +225,6 @@ $ curl \
http://127.0.0.1:8200/v1/openldap/static-cred/hashicorp
```
#### Sample Get Response
```json
@ -266,8 +264,8 @@ OpenLDAP domain user account.
#### Parameters
| Method | Path |
| :------- | :------------------------- |
| Method | Path |
| :------- | :-------------------------- |
| `POST` | `/openldap/role/:role_name` |
| `DELETE` | `/openldap/role/:role_name` |
@ -341,6 +339,7 @@ The `creation_ldif`, `deletion_ldif`, `rollback_ldif`, and `username_template` f
Sample LDIF files:
`creation.ldif`:
```
dn: cn={{.Username}},ou=users,dc=learn,dc=example
objectClass: person
@ -372,7 +371,7 @@ Full Payload:
```
-> Note: The LDIF statements may optionally be base64 encoded. If they are base64 encoded when creating/updating the
role configuration, the decoded version will be returned from the `GET` endpoint.
role configuration, the decoded version will be returned from the `GET` endpoint.
#### Sample POST Request
@ -386,8 +385,8 @@ $ curl \
### Read Dynamic Role Configuration
| Method | Path |
| ------ | -------------------------- |
| Method | Path |
| ------ | --------------------------- |
| `GET` | `/openldap/role/:role_name` |
Retrieves a dynamic role's configuration.

40
website/content/api-docs/secret/pki.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: PKI - Secrets Engines - HTTP API
sidebar_title: PKI
description: This is the API documentation for the Vault PKI secrets engine.
---
@ -1605,30 +1604,27 @@ $ curl \
# Cluster Scalability
Most non-introspection operations in the PKI secrets engine require a write to
Most non-introspection operations in the PKI secrets engine require a write to
storage, and so are forwarded to the cluster's active node for execution.
This table outlines which operations can be executed on performance standbys
This table outlines which operations can be executed on performance standbys
and thus scale horizontally.
| Path | Operations |
| --------------------------- | ------------------- |
| ca[/pem] | Read |
| cert/<em>serial-number</em> | Read |
| cert/ca_chain | Read |
| config/crl | Read |
| certs | List |
| ca_chain | Read |
| crl[/pem] | Read |
| crl/pem | Read |
| issue | Update <sup>*</sup> |
| revoked/* | Read, List |
| sign | Update <sup>*</sup> |
| sign-verbatim | Update <sup>*</sup> |
| Path | Operations |
| --------------------------- | -------------------- |
| ca[/pem] | Read |
| cert/<em>serial-number</em> | Read |
| cert/ca_chain | Read |
| config/crl | Read |
| certs | List |
| ca_chain | Read |
| crl[/pem] | Read |
| crl/pem | Read |
| issue | Update <sup>\*</sup> |
| revoked/\* | Read, List |
| sign | Update <sup>\*</sup> |
| sign-verbatim | Update <sup>\*</sup> |
\* Only if the corresponding role has `no_store` set to true and `generate_lease`
set to false. If `generate_lease` is true the lease creation will be forwarded to
the active node; if `no_store` is false the entire request will be forwarded to
set to false. If `generate_lease` is true the lease creation will be forwarded to
the active node; if `no_store` is false the entire request will be forwarded to
the active node.

1
website/content/api-docs/secret/rabbitmq.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: RabbitMQ - Secrets Engines - HTTP API
sidebar_title: RabbitMQ
description: This is the API documentation for the Vault RabbitMQ secrets engine.
---

1
website/content/api-docs/secret/ssh.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: SSH - Secrets Engines - HTTP API
sidebar_title: SSH
description: This is the API documentation for the Vault SSH secrets engine.
---

52
website/content/api-docs/secret/terraform.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Terraform Cloud Secret Backend - HTTP API
sidebar_title: Terraform Cloud
description: This is the API documentation for the Vault Terraform Cloud secret backend.
---
@ -21,8 +20,8 @@ This endpoint configures the access information for Terraform Cloud. This access
information is used so that Vault can communicate with Terraform Cloud and generate
Terraform Cloud tokens.
| Method | Path |
| :----- | :--------------------- |
| Method | Path |
| :----- | :------------------ |
| `POST` | `/terraform/config` |
### Parameters
@ -35,7 +34,6 @@ Terraform Cloud tokens.
use. This token must have the needed permissions to manage all Organization,
Team, and User tokens desired for this mount.
### Sample Payload
```json
@ -59,8 +57,8 @@ $ curl \
This endpoint queries for information about the Terraform Cloud connection.
| Method | Path |
| :----- | :--------------------- |
| Method | Path |
| :----- | :------------------ |
| `GET` | `/terraform/config` |
### Sample Request
@ -80,19 +78,18 @@ $ curl \
}
```
## Create/Update Role
This endpoint creates or updates the Terraform Cloud role definition in Vault.
If the role does not exist, it will be created. If the role already exists, it
will receive updated attributes.
will receive updated attributes.
Terraform Cloud offers three distinct types of API tokens with varying level of
access: Organizations, Teams, and Users. A Vault Role can manage a single type
of API token at a time, determined by how it is configured:
of API token at a time, determined by how it is configured:
- To manage an Organization API token, provide the organization
name with the `organization` parameter
name with the `organization` parameter
- To manage a Team API token, provide the `team_id` parameter
- To manage a User API token, provide a `user_id` parameter
@ -107,9 +104,8 @@ Please see the [Terraform Cloud API
Token documentation for more
information](https://www.terraform.io/docs/cloud/users-teams-organizations/api-tokens.html).
| Method | Path |
| :----- | :------------------ |
| Method | Path |
| :----- | :---------------------- |
| `POST` | `/terraform/role/:name` |
### Parameters
@ -119,7 +115,7 @@ information](https://www.terraform.io/docs/cloud/users-teams-organizations/api-t
- `organization` `(string: "")` Organization name to manage the single API
token. Organizations can only have a single active API token at any given
time. Conflicts with `user_id`.
time. Conflicts with `user_id`.
- `team_id` `(string: "")` Team ID to manage the single API token. Teams can
only have a single active API token at any given time. Conflicts with
@ -136,7 +132,6 @@ information](https://www.terraform.io/docs/cloud/users-teams-organizations/api-t
as a string duration with a time suffix like `"30s"` or `"1h"` or as seconds. If not
provided, the default Vault Max TTL is used. Only applies to User API tokens.
### Sample Payload
To create a Vault role to manage a Terraform Cloud User tokens
@ -144,8 +139,8 @@ To create a Vault role to manage a Terraform Cloud User tokens
```json
{
"user_id": "user-glhf1234",
"ttl":"1h",
"max_ttl":"24h",
"ttl": "1h",
"max_ttl": "24h"
}
```
@ -164,8 +159,8 @@ $ curl \
This endpoint queries for information about a Terraform Cloud role with the given name.
If no role exists with that name, a 404 is returned.
| Method | Path |
| :----- | :------------------ |
| Method | Path |
| :----- | :---------------------- |
| `GET` | `/terraform/role/:name` |
### Parameters
@ -190,7 +185,7 @@ $ curl \
"name": "tfuser",
"ttl": 3600,
"user_id": "user-glhf1234"
},
}
}
```
@ -198,8 +193,8 @@ $ curl \
This endpoint lists all existing roles in the backend.
| Method | Path |
| :----- | :---------------------- |
| Method | Path |
| :----- | :-------------------------- |
| `LIST` | `/terraform/role` |
| `GET` | `/terraform/role?list=true` |
@ -227,8 +222,8 @@ $ curl \
This endpoint deletes a Terraform Cloud role with the given name. Even if the role does
not exist, this endpoint will still return a successful response.
| Method | Path |
| :------- | :------------------ |
| Method | Path |
| :------- | :---------------------- |
| `DELETE` | `/terraform/role/:name` |
### Parameters
@ -251,9 +246,8 @@ This endpoint rotates the credentials for a Terraform Cloud role that manages an
Organization or Team. This endpoint is only valid for those roles; attempting to
rotate a role that manages user tokens will result in an error.
| Method | Path |
| :------- | :------------------ |
| Method | Path |
| :----- | :----------------------------- |
| `POST` | `/terraform/rotate-role/:name` |
### Parameters
@ -277,8 +271,8 @@ definition. For Organization and Team roles, the same API token is returned
until the token is rotated with `rotate-role`. For User roles, a new token is
generated with each request.
| Method | Path |
| :----- | :------------------- |
| Method | Path |
| :----- | :----------------------- |
| `GET` | `/terraform/creds/:name` |
### Parameters

1
website/content/api-docs/secret/totp.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: TOTP - Secrets Engines - HTTP API
sidebar_title: TOTP
description: This is the API documentation for the Vault TOTP secrets engine.
---

113
website/content/api-docs/secret/transform.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Transform - Secrets Engines - HTTP API
sidebar_title: Transform <sup>ENTERPRISE</sup>
description: This is the API documentation for the Transform secrets engine.
---
@ -211,8 +210,8 @@ This endpoint creates or updates an FPE transformation with the given `name`. If
transformation with the name does not exist, it will be created. If the
transformation exists, it will be updated with the new attributes.
| Method | Path |
| :----- | :------------------------------------ |
| Method | Path |
| :----- | :------------------------------------- |
| `POST` | `/transform/transformations/fpe/:name` |
### Parameters
@ -260,8 +259,8 @@ This endpoint creates or updates a masking transformation with the given `name`.
transformation with the name does not exist, it will be created. If the
transformation exists, it will be updated with the new attributes.
| Method | Path |
| :----- | :---------------------------------------- |
| Method | Path |
| :----- | :----------------------------------------- |
| `POST` | `/transform/transformations/masking/:name` |
### Parameters
@ -310,8 +309,8 @@ This endpoint creates or updates a tokenization transformation with the given `n
transformation with the name does not exist, it will be created. If the
transformation exists, it will be updated with the new attributes.
| Method | Path |
| :----- | :--------------------------------------------- |
| Method | Path |
| :----- | :---------------------------------------------- |
| `POST` | `/transform/transformations/tokenization/:name` |
### Parameters
@ -361,8 +360,8 @@ $ curl \
This endpoint queries an existing transformation by the given name.
| Method | Path |
| :----- | :-------------------------------- |
| Method | Path |
| :----- | :--------------------------------- |
| `GET` | `/transform/transformations/:name` |
- `name` `(string: <required>)`
@ -420,8 +419,8 @@ $ curl
This endpoint deletes an existing transformation by the given name.
| Method | Path |
| :------- | :-------------------------------- |
| Method | Path |
| :------- | :--------------------------------- |
| `DELETE` | `/transform/transformations/:name` |
### Parameters
@ -705,7 +704,7 @@ The database user configured here should only have permission to `SELECT`,
- `type` `(string: <required>)` -
Specifies the type of store. Currently only `sql` is supported.
- `driver` `(string: <required>)` -
- `driver` `(string: <required>)` -
Specifies the database driver to use, and thus which SQL database type.
Currently the supported options are `postgres` or `mysql`
@ -714,9 +713,10 @@ The database user configured here should only have permission to `SELECT`,
- `connection_string` `(string: <required>)` -
A database connection string with template slots for username and password that
Vault will use for locating and connecting to a database. Each
database driver type has a different syntax for its connection strings.
> When using MySQL, make sure to append `?parseTime=true` to enable timestamp parsing.
Vault will use for locating and connecting to a database. Each
database driver type has a different syntax for its connection strings.
> When using MySQL, make sure to append `?parseTime=true` to enable timestamp parsing.
- `username`: `(string: <required>)` -
The username value to use when connecting to the database.
@ -1360,21 +1360,21 @@ $ curl \
## Snapshot Tokenization State
This endpoint starts or continues retrieving a snapshot of the stored
state of a tokenization transform. This state is protected as it is
in the underlying store, and so is safe for storage or transport. Snapshots
This endpoint starts or continues retrieving a snapshot of the stored
state of a tokenization transform. This state is protected as it is
in the underlying store, and so is safe for storage or transport. Snapshots
may be used for backup purposes or to migrate from one store to another.
If more than one store is configured for a tokenization transform, the
If more than one store is configured for a tokenization transform, the
snapshot data contains the contents of the first store.
Since more values may exist than can be returned in a single call, if
a snapshot has more values, the response will contain the `continuation`
Since more values may exist than can be returned in a single call, if
a snapshot has more values, the response will contain the `continuation`
field, an opaque value that if provided on a subsequent call will resume
snapshotting at the next value. If absent, the end of the snapshot has
snapshotting at the next value. If absent, the end of the snapshot has
been reached.
Snapshots are guaranteed to contain the values present at the time
of the first call to start the snapshot. Values tokenized after the
of the first call to start the snapshot. Values tokenized after the
snapshot began may or may not be included.
| Method | Path |
@ -1390,7 +1390,7 @@ snapshot began may or may not be included.
The maximum number of tokenized value states to return on this call.
- `continuation` `string: ""` -
If absent or empty, a new snapshot is started. If present, the
If absent or empty, a new snapshot is started. If present, the
snapshot should continue at the next available value.
### Sample Payload
@ -1401,6 +1401,7 @@ snapshot began may or may not be included.
"continuation": "2F1nUpUKMZUBnwQ77qByt1"
}
```
### Sample Request
```shell-session
@ -1429,7 +1430,7 @@ $ curl \
## Restore Tokenization State
This endpoint restores previously snapshotted tokenization state values
to the underlying store(s) of a tokenization transform. Calls to this
to the underlying store(s) of a tokenization transform. Calls to this
endpoint are idempotent, so multiple outputs from a snapshot run can
be applied via restore in any order and duplicates will not cause a problem.
@ -1448,18 +1449,18 @@ into an `exportable` mode store and vice versa.
- `values` `([]string: <required>)` -
Any number of tokenization state values from a previous snapshot call.
### Sample Payload
```json
{
"values": [
"CiDiVGJaXlcS0ky4mRVvfLdxk7FWh8ATcFMSbQRtWCs/HxJ8CAESIGQH2oukpwPAFoK2SaKUcYAxrnxtvJn7n5d3dWx2eCLcIkZ3FXcQKu5+Bnl4NzOSL2ZkU5t9OOpQOMg0lwsMkq0Vm98ANGC9RabaP2ePddzTkD58GBvsVetYVnqHQFZufQ2pw/EXkFIWMg4I4KvX4vf/////ARCgHw==",
"CiADFWL7/equiN83oWl/MvYWRYQLvjUxDVvoxK1Ghw4drBJ8CAESIOWPEUBUq4ATLY83P3vLknmWlKYjKVwTgB1z7hYGdyHPIka2nyOX1z3D4pMsZWwMFJlNBiT1Lb4MMZ6CUbclykLw/LBG5GTWQbOXx/3Vd54RAA82382mUem8Lu8BCMJYAa6vj/6aS9CLMg4I4KvX4vf/////ARCIJw==",
"CiBf2+RqeiXmIHIh2fytEKOesTZ5U31D4BZ5xyhpuj3UfRJ8CAESIOWPEUBUq4ATLY83P3vLknmWlKYjKVwTgB1z7hYGdyHPIkbbU3ho25Om5AsuLUdsAPiEnyRGbtUUDxrvSoz5T1OVY363dN08cN8diJJro+AE/Zv4QMnq9Vbu8FD237YkLV1bnX/t29ZMMg4I4KvX4vf/////ARDwLg=="
"CiDiVGJaXlcS0ky4mRVvfLdxk7FWh8ATcFMSbQRtWCs/HxJ8CAESIGQH2oukpwPAFoK2SaKUcYAxrnxtvJn7n5d3dWx2eCLcIkZ3FXcQKu5+Bnl4NzOSL2ZkU5t9OOpQOMg0lwsMkq0Vm98ANGC9RabaP2ePddzTkD58GBvsVetYVnqHQFZufQ2pw/EXkFIWMg4I4KvX4vf/////ARCgHw==",
"CiADFWL7/equiN83oWl/MvYWRYQLvjUxDVvoxK1Ghw4drBJ8CAESIOWPEUBUq4ATLY83P3vLknmWlKYjKVwTgB1z7hYGdyHPIka2nyOX1z3D4pMsZWwMFJlNBiT1Lb4MMZ6CUbclykLw/LBG5GTWQbOXx/3Vd54RAA82382mUem8Lu8BCMJYAa6vj/6aS9CLMg4I4KvX4vf/////ARCIJw==",
"CiBf2+RqeiXmIHIh2fytEKOesTZ5U31D4BZ5xyhpuj3UfRJ8CAESIOWPEUBUq4ATLY83P3vLknmWlKYjKVwTgB1z7hYGdyHPIkbbU3ho25Om5AsuLUdsAPiEnyRGbtUUDxrvSoz5T1OVY363dN08cN8diJJro+AE/Zv4QMnq9Vbu8FD237YkLV1bnX/t29ZMMg4I4KvX4vf/////ARDwLg=="
]
}
```
### Sample Request
```shell-session
@ -1472,22 +1473,22 @@ $ curl \
## Export Decoded Tokenization State
This endpoint starts or continues retrieving an export of tokenization
state, including the tokens and their decoded values. This call is only
This endpoint starts or continues retrieving an export of tokenization
state, including the tokens and their decoded values. This call is only
supported on tokenization stores configured with the `exportable` mapping
mode. Refer to the Tokenization
mode. Refer to the Tokenization
[documentation](../docs/secrets/transform/tokenization.mdx#security_considerations)
for when to use the `exportable` mapping mode.
Decoded values are in Base64 representation.
Since more values may exist than can be returned in a single call, if
an export has more values, the response will contain the `continuation`
Since more values may exist than can be returned in a single call, if
an export has more values, the response will contain the `continuation`
field, an opaque value that if provided on a subsequent call will resume
snapshotting at the next value. If absent, the end of the export has
snapshotting at the next value. If absent, the end of the export has
been reached.
Exports are guaranteed to contain the values present at the time
of the first call to start the export. Values tokenized after the
of the first call to start the export. Values tokenized after the
snapshot began may or may not be included.
| Method | Path |
@ -1503,7 +1504,7 @@ snapshot began may or may not be included.
The maximum number of tokenized value states to return on this call.
- `continuation` `string: ""` -
If absent or empty, a new export is started. If present, the
If absent or empty, a new export is started. If present, the
export should continue at the next available value.
### Sample Payload
@ -1514,6 +1515,7 @@ snapshot began may or may not be included.
"continuation": "2F1nUpUKMZUBnwQ77qByt1"
}
```
### Sample Request
```shell-session
@ -1528,7 +1530,7 @@ $ curl \
```json
{
"data": {
"data": {
"continuation": "4hELrrmGAwhHFjmMFny",
"values": [
{
@ -1538,7 +1540,7 @@ $ curl \
{
"plaintext": "dmFsdWUtMg==",
"token": "Q4tYgFXHxUNyMfqRW6fA82DYvMigwdf6JjATauyVzqx2SsmUShMhN5",
"expiration_time": "2021-03-15T00:31:10Z",
"expiration_time": "2021-03-15T00:31:10Z"
},
{
"plaintext": "dmFsdWUtMQ==",
@ -1551,14 +1553,13 @@ $ curl \
## Rotate Tokenization Key
This endpoint rotates the version of the named key. After rotation,
This endpoint rotates the version of the named key. After rotation,
new requests will be encoded with the new version of the key.
| Method | Path |
| :----- | :---------------------------------------------------- |
| `POST` | `/transform/tokenization/keys/:transform_name/rotate` |
### Parameters
- `transform_name` `(string: <required>)`
@ -1576,8 +1577,8 @@ $ curl \
## Update Tokenization Key Config
This endpoint allows the minimum key version to be set for
decode operations.
This endpoint allows the minimum key version to be set for
decode operations.
Only valid for tokenization transformations.
| Method | Path |
@ -1592,17 +1593,17 @@ Only valid for tokenization transformations.
- `min_decryption_version` `(int: <optional>)`
Specifies the minimum key version that vault can use to decode values for the
corresponding transform.
corresponding transform.
### Sample Payload
```json
[
{
"min_decryption_version": 1,
}
]
```
```json
[
{
"min_decryption_version": 1
}
]
```
### Sample Request
@ -1619,10 +1620,9 @@ $ curl \
List all tokenization keys.
Only valid for tokenization transformations.
| Method | Path |
| :----- | :------------------------------- |
| `LIST` | `/transform/tokenization/keys/` |
| Method | Path |
| :----- | :------------------------------ |
| `LIST` | `/transform/tokenization/keys/` |
### Sample Request
@ -1687,7 +1687,7 @@ Once trimmed, previous versions of the key cannot be recovered.
of the URL.
- `min_available_version` `(int: <required>)`
Specifies minimum key version available for use for this transform. All versions below
Specifies minimum key version available for use for this transform. All versions below
this will be permanently forgotten. Cannot be set below `min_decryption_version` or above
`latest_version`.
@ -1708,4 +1708,3 @@ $ curl \
--data @payload.json \
http://127.0.0.1:8200/v1/transform//transform/tokenization/keys/:transform_name/trim
```

1
website/content/api-docs/secret/transit.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: Transit - Secrets Engines - HTTP API
sidebar_title: Transit
description: This is the API documentation for the Vault Transit secrets engine.
---

1
website/content/api-docs/system/audit-hash.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/audit-hash - HTTP API
sidebar_title: <code>/sys/audit-hash</code>
description: |-
The `/sys/audit-hash` endpoint is used to hash data using an audit device's
hash function and salt.

1
website/content/api-docs/system/audit.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/audit - HTTP API
sidebar_title: <code>/sys/audit</code>
description: The `/sys/audit` endpoint is used to enable and disable audit devices.
---

1
website/content/api-docs/system/auth.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/auth - HTTP API
sidebar_title: <code>/sys/auth</code>
description: The `/sys/auth` endpoint is used to manage auth methods in Vault.
---

1
website/content/api-docs/system/capabilities-accessor.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/capabilities-accessor - HTTP API
sidebar_title: <code>/sys/capabilities-accessor</code>
description: |-
The `/sys/capabilities-accessor` endpoint is used to fetch the capabilities of
the token associated with an accessor, on the given paths.

1
website/content/api-docs/system/capabilities-self.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/capabilities-self - HTTP API
sidebar_title: <code>/sys/capabilities-self</code>
description: |-
The `/sys/capabilities-self` endpoint is used to fetch the capabilities of
client token on the given paths.

1
website/content/api-docs/system/capabilities.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/capabilities - HTTP API
sidebar_title: <code>/sys/capabilities</code>
description: |-
The `/sys/capabilities` endpoint is used to fetch the capabilities of a token
on the given paths.

1
website/content/api-docs/system/config-auditing.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/config/auditing - HTTP API
sidebar_title: <code>/sys/config/auditing</code>
description: The `/sys/config/auditing` endpoint is used to configure auditing settings.
---

1
website/content/api-docs/system/config-control-group.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/config/control-group - HTTP API
sidebar_title: <code>/sys/config/control-group</code>
description: The '/sys/config/control-group' endpoint configures control groups.
---

1
website/content/api-docs/system/config-cors.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/config/cors - HTTP API
sidebar_title: <code>/sys/config/cors</code>
description: >-
The '/sys/config/cors' endpoint configures how the Vault server responds to
cross-origin requests.

1
website/content/api-docs/system/config-state.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/config/state - HTTP API
sidebar_title: <code>/sys/config/state</code>
description: The '/sys/config/state' endpoint is used to retrieve the configuration state.
---

1
website/content/api-docs/system/config-ui.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/config/ui - HTTP API
sidebar_title: <code>/sys/config/ui</code>
description: The '/sys/config/ui' endpoint configures the UI.
---

1
website/content/api-docs/system/control-group.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/control-group - HTTP API
sidebar_title: <code>/sys/control-group</code>
description: The '/sys/control-group' endpoint handles the Control Group workflow.
---

1
website/content/api-docs/system/generate-recovery-token.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/generate-recovery-token - HTTP API
sidebar_title: <code>/sys/generate-recovery-token</code>
description: |-
The `/sys/generate-recovery-token/` endpoints are used to create a new
recovery token for Vault. They are only active in recovery mode.

1
website/content/api-docs/system/generate-root.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/generate-root - HTTP API
sidebar_title: <code>/sys/generate-root</code>
description: |-
The `/sys/generate-root/` endpoints are used to create a new root key for
Vault.

1
website/content/api-docs/system/health.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/health - HTTP API
sidebar_title: <code>/sys/health</code>
description: The `/sys/health` endpoint is used to check the health status of Vault.
---

1
website/content/api-docs/system/host-info.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/host-info - HTTP API
sidebar_title: <code>/sys/host-info</code>
description: The '/sys/host-info' endpoint is used to retrieve host information
---

1
website/content/api-docs/system/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: System Backend - HTTP API
sidebar_title: System Backend
description: |-
The system backend is a default backend in Vault that is mounted at the `/sys`
endpoint. This endpoint cannot be disabled or moved, and is used to configure

1
website/content/api-docs/system/init.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/init - HTTP API
sidebar_title: <code>/sys/init</code>
description: The `/sys/init` endpoint is used to initialize a new Vault.
---

7
website/content/api-docs/system/internal-counters.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/internal/counters - HTTP API
sidebar_title: <code>/sys/internal/counters</code>
description: >-
The `/sys/internal/counters` endpoints are used to return data about Vault usage.
---
@ -244,8 +243,8 @@ The time period is from the start of the current month, up until the time that t
Note: the client count may be inaccurate in the moments following a Vault reboot, or leadership change.
The estimate will stabilize when background loading of client data has completed.
| Method | Path |
| :----- | :-------------------------------- |
| Method | Path |
| :----- | :---------------------------------------- |
| `GET` | `/sys/internal/counters/activity/monthly` |
### Sample Request
@ -268,7 +267,7 @@ $ curl \
"data": {
"distinct_entities": 100,
"non_entity_tokens": 120,
"clients": 220,
"clients": 220
},
"wrap_info": null,
"warnings": null,

1
website/content/api-docs/system/internal-specs-openapi.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/internal/specs/openapi - HTTP API
sidebar_title: <code>/sys/internal/specs/openapi</code>
description: >-
The `/sys/internal/specs/openapi` endpoint is used to generate an OpenAPI
document of the mounted backends.

3
website/content/api-docs/system/internal-ui-feature.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/internal/ui/feature-flags - HTTP API
sidebar_title: <code>/sys/internal/ui/feature-flags</code>
description: >-
The `/sys/internal/ui/feature-flags` endpoint exposes feature flags to the UI.
---
@ -12,7 +11,7 @@ The `/sys/internal/ui/feature-flags` endpoint is used to expose feature flags
to the UI so that it can change its behavior in response, even before a user logs in.
This is currently only being used internally for the UI and is
an unauthenticated endpoint. Due to the nature of its intended usage, there is no
an unauthenticated endpoint. Due to the nature of its intended usage, there is no
guarantee on backwards compatibility for this endpoint.
## Get Enabled Feature Flags

1
website/content/api-docs/system/internal-ui-mounts.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/internal/ui/mounts - HTTP API
sidebar_title: <code>/sys/internal/ui/mounts</code>
description: >-
The `/sys/internal/ui/mounts` endpoint is used to manage mount listing
visibility.

1
website/content/api-docs/system/key-status.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/key-status - HTTP API
sidebar_title: <code>/sys/key-status</code>
description: |-
The `/sys/key-status` endpoint is used to query info about the current
encryption key of Vault.

1
website/content/api-docs/system/leader.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/leader - HTTP API
sidebar_title: <code>/sys/leader</code>
description: |-
The `/sys/leader` endpoint is used to check the high availability status and
current leader of Vault.

1
website/content/api-docs/system/lease-count-quotas.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/quotas/lease-count - HTTP API
sidebar_title: <code>/sys/quotas/lease-count</code>
description: The `/sys/quotas/lease-count` endpoint is used to create, edit and delete lease count quotas.
---

1
website/content/api-docs/system/leases.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/leases - HTTP API
sidebar_title: <code>/sys/leases</code>
description: The `/sys/leases` endpoints are used to view and manage leases.
---

1
website/content/api-docs/system/license.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/license - HTTP API
sidebar_title: <code>/sys/license</code>
description: |-
The `/sys/license` endpoint is used to view and update the license used in
Vault.

1
website/content/api-docs/system/metrics.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/metrics - HTTP API
sidebar_title: <code>/sys/metrics</code>
description: The `/sys/metrics` endpoint is used to get telemetry metrics for Vault.
---

1
website/content/api-docs/system/mfa/duo.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/mfa/method/duo - HTTP API
sidebar_title: <code>/sys/mfa/method/duo</code>
description: >-
The '/sys/mfa/method/duo' endpoint focuses on managing Duo MFA behaviors in
Vault Enterprise.

1
website/content/api-docs/system/mfa/index.mdx
View File

@ -1,7 +1,6 @@
---
layout: api
page_title: /sys/mfa - HTTP API
sidebar_title: <code>/sys/mfa</code>
description: >-
The '/sys/mfa' endpoint focuses on managing MFA behaviors in Vault Enterprise
MFA.

Some files were not shown because too many files have changed in this diff Show More