Giovanni Bajo
|
02d3b1c74c
|
auth/ldap: add support for groups with unique members
|
2015-05-09 22:04:20 +02:00 |
Giovanni Bajo
|
c313ff2802
|
auth/ldap: implement authorization via LDAP groups
|
2015-05-09 22:04:20 +02:00 |
Giovanni Bajo
|
dc6b4ab9db
|
auth/ldap: add configuration path for groups
|
2015-05-09 22:04:20 +02:00 |
Giovanni Bajo
|
7e39da2e67
|
Attempt connection to LDAP server at login time.
Also switch to a LDAP library fork which fixes a panic when
shutting down a connection immediately.
|
2015-05-09 22:04:19 +02:00 |
Giovanni Bajo
|
7492c5712a
|
Initial implementation of the LDAP credential backend
|
2015-05-09 22:04:19 +02:00 |
Seth Vargo
|
f3c3f4717a
|
Remove references to -var
|
2015-05-08 11:45:29 -04:00 |
Armon Dadgar
|
a6a4bee2ee
|
cred/app-id: Add help synopsis to login path
|
2015-05-07 15:45:43 -07:00 |
Seth Vargo
|
04015fdf55
|
Fix output from GitHub help
|
2015-05-07 14:13:12 -04:00 |
Armon Dadgar
|
b07d0bc56f
|
audit/file: Create file if it does not exist. Fixes #148
|
2015-05-06 11:33:06 -07:00 |
Mitchell Hashimoto
|
deab183cbd
|
token/disk: write token with 0600
|
2015-05-02 13:34:01 -07:00 |
Trevor Pounds
|
582677b134
|
Fix documentation typo.
|
2015-04-28 22:15:56 -07:00 |
Armon Dadgar
|
848433a355
|
audit/file: add log_raw parameter and default to hashing
|
2015-04-27 15:56:41 -07:00 |
Armon Dadgar
|
f01e14351a
|
audit/syslog: switch defaults
|
2015-04-27 15:56:41 -07:00 |
Armon Dadgar
|
de7a81a8fb
|
audit/syslog: Copy structure before hashing to avoid breaking result
|
2015-04-27 15:56:40 -07:00 |
Armon Dadgar
|
1b659d41ff
|
audit/syslog: Hash everything by default, optionally disable
|
2015-04-27 15:56:40 -07:00 |
Armon Dadgar
|
bb1dd509d7
|
audit/syslog: first pass
|
2015-04-27 15:56:40 -07:00 |
Armon Dadgar
|
434305a6c2
|
secret/aws: Using roles instead of policy
|
2015-04-27 14:20:28 -07:00 |
Armon Dadgar
|
5edf8cf3a8
|
Do not root protect role configurations
|
2015-04-27 14:07:20 -07:00 |
Armon Dadgar
|
12e8c0f8cf
|
secret/postgres: secret/mysql: roles endpoints root protected
|
2015-04-27 14:04:10 -07:00 |
Armon Dadgar
|
816d981d1a
|
secret/consul: replace policy with roles, and prefix the token path
|
2015-04-27 13:59:56 -07:00 |
Armon Dadgar
|
6a38090822
|
secret/transit: rename policy to keys
|
2015-04-27 13:52:47 -07:00 |
Armon Dadgar
|
793e6efef4
|
secret/transit: Adding more help. Fixes #41
|
2015-04-27 12:47:09 -07:00 |
Armon Dadgar
|
27c73da308
|
audit/file: Attempt to create directory path. Fixes #38
|
2015-04-27 12:40:32 -07:00 |
Armon Dadgar
|
a753fadcb4
|
secret/postgresql: testing support for multiple statements
|
2015-04-27 12:00:07 -07:00 |
Armon Dadgar
|
1c8288c3da
|
secret/postgresql: support multiple sql statements
|
2015-04-27 11:31:27 -07:00 |
Armon Dadgar
|
50879eb2e5
|
mysql: cleanup
|
2015-04-27 11:31:11 -07:00 |
Armon Dadgar
|
9cae5520a0
|
logical/consul: Added missing policy endpoints
|
2015-04-27 11:08:37 -07:00 |
Armon Dadgar
|
1d95694a7c
|
secret/mysql: improve the example statement
|
2015-04-25 12:58:50 -07:00 |
Armon Dadgar
|
503241eeee
|
secret/mysql: adding acceptance test
|
2015-04-25 12:56:23 -07:00 |
Armon Dadgar
|
e378f5c4a2
|
secret/mysql: fixing mysql oddities
|
2015-04-25 12:56:11 -07:00 |
Armon Dadgar
|
57e66f3b6c
|
secret/mysql: initial pass at mysql secret backend
|
2015-04-25 12:05:26 -07:00 |
Armon Dadgar
|
9087471bad
|
credential/cert: support leasing and renewal
|
2015-04-24 12:58:39 -07:00 |
Armon Dadgar
|
3a9e20748b
|
credential/cert: default display name
|
2015-04-24 10:52:17 -07:00 |
Armon Dadgar
|
7b4ceeb7e6
|
credential/cert: more validation on cert setup
|
2015-04-24 10:39:44 -07:00 |
Armon Dadgar
|
d57c8ea0f0
|
credential/cert: return logical error if invalid
|
2015-04-24 10:36:25 -07:00 |
Armon Dadgar
|
ae272b83ce
|
credential/cert: major refactor
|
2015-04-24 10:31:57 -07:00 |
Armon Dadgar
|
28b18422b7
|
credential/cert: First pass at public key credential backend
|
2015-04-23 21:46:21 -07:00 |
Mitchell Hashimoto
|
ee2b113831
|
audit/file: append
|
2015-04-19 22:43:39 -07:00 |
Mitchell Hashimoto
|
0b7e7190b5
|
credentials/userpass: integrate into auth cli
|
2015-04-19 15:17:24 -07:00 |
Mitchell Hashimoto
|
c5cadc026d
|
credential/userpass: renewal
|
2015-04-19 15:12:50 -07:00 |
Mitchell Hashimoto
|
0ae9eadfd3
|
credential/userpass: help
|
2015-04-19 15:07:11 -07:00 |
Mitchell Hashimoto
|
0aec679bb4
|
credential/userpass: login
|
2015-04-19 15:06:29 -07:00 |
Mitchell Hashimoto
|
fedda20c41
|
credential/userpass: configuring users
|
2015-04-19 14:59:30 -07:00 |
Mitchell Hashimoto
|
17676af663
|
logical/postgresql: when renewing, alter the valid until
|
2015-04-18 22:55:33 -07:00 |
Mitchell Hashimoto
|
4e21f702a8
|
logical/consul: leasing
|
2015-04-18 22:29:46 -07:00 |
Mitchell Hashimoto
|
517236ea50
|
logical/consul: config/access is the new path for config
|
2015-04-18 22:28:53 -07:00 |
Mitchell Hashimoto
|
23a156b414
|
logical/aws: leasing/renewal support
|
2015-04-18 22:25:37 -07:00 |
Mitchell Hashimoto
|
2a8dfd85f4
|
logical/aws: fix build
|
2015-04-18 22:22:35 -07:00 |
Mitchell Hashimoto
|
208dd1e8be
|
logical/aws: move root creds config to config/root
|
2015-04-18 22:21:31 -07:00 |
Mitchell Hashimoto
|
f61626f7a6
|
logical/aws: support read/delete policies
|
2015-04-18 22:13:12 -07:00 |
Mitchell Hashimoto
|
79ccb2f412
|
logical/postgresql: support deleting roles and reading them
|
2015-04-18 21:59:59 -07:00 |
Mitchell Hashimoto
|
84bca3ef28
|
logical/postgresql: renew for secret
|
2015-04-18 21:47:19 -07:00 |
Mitchell Hashimoto
|
e1e5c47362
|
logical/postgresql: leasing
|
2015-04-18 21:45:05 -07:00 |
Mitchell Hashimoto
|
8edc4d1241
|
logical/postgres: no session limit
|
2015-04-18 18:42:57 -07:00 |
Mitchell Hashimoto
|
39b8ae1b31
|
logical/postgers: update docs properly
|
2015-04-18 18:42:26 -07:00 |
Mitchell Hashimoto
|
6e10c415ef
|
logical/postgresql: leases
|
2015-04-18 18:40:03 -07:00 |
Mitchell Hashimoto
|
2120235a2e
|
logical/postgresql: create DB credentials
|
2015-04-18 18:37:27 -07:00 |
Mitchell Hashimoto
|
d0eb1b9a74
|
logical/postgresql: creating roles
|
2015-04-18 18:09:33 -07:00 |
Mitchell Hashimoto
|
d96b64286a
|
logical/postgresql: connection
|
2015-04-18 17:34:36 -07:00 |
Mitchell Hashimoto
|
20324a0c9c
|
website: more auth
|
2015-04-18 13:45:50 -07:00 |
Mitchell Hashimoto
|
f7a1b2ced9
|
credential/app-id: allow restriction by CIDR block [GH-10]
|
2015-04-17 10:14:39 -07:00 |
Mitchell Hashimoto
|
e643b48235
|
credential/app-id: support associating a name with app ID [GH-9]
|
2015-04-17 10:01:03 -07:00 |
Mitchell Hashimoto
|
37af1683c6
|
credential/*: adhere to new API
|
2015-04-17 09:40:28 -07:00 |
Armon Dadgar
|
07bffafbbd
|
Adding transit logical backend
|
2015-04-15 17:08:12 -07:00 |
Armon Dadgar
|
381aa0f7af
|
logical/aws: Use display name for IAM username
|
2015-04-15 15:05:00 -07:00 |
Armon Dadgar
|
489e79ffd3
|
logical/consul: Use the DisplayName for the ACL token name
|
2015-04-15 15:03:05 -07:00 |
Armon Dadgar
|
cf2faa06ae
|
credential/github: Set the github username as the display name
|
2015-04-15 14:30:46 -07:00 |
Mitchell Hashimoto
|
ef95d9a10e
|
audit/file: use JSON formatter to write output
|
2015-04-13 14:12:14 -07:00 |
Mitchell Hashimoto
|
48205d166b
|
rename vault id to lease id all over
|
2015-04-10 20:35:14 -07:00 |
Mitchell Hashimoto
|
62f4d1dd0e
|
credential/github: CLI handler
|
2015-04-06 09:53:43 -07:00 |
Mitchell Hashimoto
|
569991fcc5
|
credential/app-id
|
2015-04-04 18:41:49 -07:00 |
Mitchell Hashimoto
|
8bfa12297d
|
builtin/audit: add file audit
|
2015-04-04 18:10:25 -07:00 |
Mitchell Hashimoto
|
606b3dbff9
|
credential/github: improve help
|
2015-04-04 12:18:33 -07:00 |
Mitchell Hashimoto
|
8dc9e0e0d5
|
logical/framework: better string values for types
|
2015-04-03 21:15:59 -07:00 |
Mitchell Hashimoto
|
ec9df0439b
|
logical/aws: help
|
2015-04-03 21:10:54 -07:00 |
Mitchell Hashimoto
|
0bbad03c70
|
logical/framework: support root help
|
2015-04-03 20:36:47 -07:00 |
Mitchell Hashimoto
|
12a75dd304
|
credential/github: auth with github
|
2015-04-01 15:46:37 -07:00 |
Mitchell Hashimoto
|
486c3d7f30
|
logical/aws: policy doesn't need to be base64
|
2015-03-31 17:26:41 -07:00 |
Mitchell Hashimoto
|
712d144ec7
|
token/disk: fix args parsing
|
2015-03-30 23:21:17 -07:00 |
Mitchell Hashimoto
|
b12feccf38
|
logical/*: fix compilation errors
|
2015-03-30 20:30:07 -07:00 |
Mitchell Hashimoto
|
e40d0874e1
|
command/auth: tests work wihtout vault installed
|
2015-03-30 11:07:31 -07:00 |
Mitchell Hashimoto
|
27bc188758
|
token/disk: implement unencrypted disk store
|
2015-03-30 09:21:59 -07:00 |
Mitchell Hashimoto
|
db65fd7b95
|
command: unit tests pass
|
2015-03-29 16:20:34 -07:00 |
Mitchell Hashimoto
|
3270349456
|
logical/consul: actual test that the token works
|
2015-03-21 17:23:44 +01:00 |
Mitchell Hashimoto
|
55a3423c60
|
logical/consul
|
2015-03-21 17:19:37 +01:00 |
Mitchell Hashimoto
|
05246433bb
|
logical/aws: refactor access key create to the secret file
|
2015-03-21 11:49:56 +01:00 |
Mitchell Hashimoto
|
665cbaa3e4
|
logical/aws: remove debug I was using to test rollback :)
|
2015-03-21 11:20:22 +01:00 |
Mitchell Hashimoto
|
9e4b9d593b
|
logical/aws: WAL entry for users, rollback
|
2015-03-21 11:18:46 +01:00 |
Mitchell Hashimoto
|
86a6062ba2
|
main: enable AWS backend
|
2015-03-20 19:32:18 +01:00 |
Mitchell Hashimoto
|
62d9bec8be
|
logical/aws
|
2015-03-20 19:03:20 +01:00 |