* WIP - Seal Wrap guide
* WIP: Seal Wrap guide
* Added a brief description about the Seal Wrap guide
* Incorporated feedbacks
* Updated FIPS language
Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.
It's a very specific update, but it's an important one for some VE customers.
Looks great - thanks!
* Removed 'Compliance' from title
* typo fix
* WIP: Mount filter guide
* WIP
* Mount filter guide for CLI, API, and UI
* updated the next step
* Updated the verification steps
* Added a note about the unseal key on secondaries
* Added more details
* Added a reference to mount filter guide
* Added a note about generating a new root token
* Added a note about local secret engine
* DB root credential rotation guide
* Fixed typos
* Added a note about creating a dedicated superuser
* Incorporated Chris's feedback
* Added a reference to DB root credential rotation
* Rephrase some of the languages
* Minor re-wording of a sentence
* WIP - Spring Cloud Vault Java demo
* Added 'Reloading the Static Secrets' step
* Fixed a typo
* Minor wording change
Remove redundant "a".
* Typos and grammar
Fixed a few misspellings ("spring") and the odd "a", "the", or "an".
* Update download page to include community resources
+ Added “downloads powered by” text to Fastly icon
+ changed to horizontal grid for download list (vs vertical list)
+ added community resources below page
* Reverting changes from earlier
* Added community links to downloads page
+ added community and getting-started links to sidebar as well
* WIP - Teddy's webinar
* WIP
* Added more details with diagram
* Fixed a typo
* Added a note about terraform bug with 0.11.4 & 0.11.5
* Minor adjustment
* Fixed typos
* Added matching CLI commands
* Added extra speace for readability
* WIP
* Added auto unseal
* Converting to a guide
* Added little more explanations
* Minor fixes
* Fixed a typo
* Fixed a typo
* Changed auto unseal to auto-unseal
* Found more typo... fixed
* Vault HA guide draft
* Fixed node_id to say node_name based on Brian's input
* Fixed the unwanted hyperlink
* Vault HA guide
* Updated the description of the Vault HA guide
* Typo fixes
* Added a reference to Vault HA with Consule guide
* Incorporated Teddy's feedback
* Fixed an env var name
* Vault configuration has been updated: 'api_addr'
* Adding new guides
* Replaced backend with engine
* Grammar for the encryption guide
* Grammar and Markdown style for the Transite Rewrap guide
See
https://github.com/hashicorp/engineering-docs/blob/master/writing/markdown.md
for notes on numbered Markdown lists.
* grammar and wording updates for ref arch guide
* Updating replication diagram
* Removing multi-tenant pattern guide
* Added a note 'Enterprise Only'
* Removing multi-tenant pattern guide
* Modified the topic order
* Grammar and Markdown formatting
* Grammar, Markdown syntax, and phrasing
* Grammar and Markdown syntax
* Replaced 'backend' with appropriate terms
* Added a note clarifying that replication is an enterprise-only feature
* Updated the diagram & added additional resource links
* update some grammar and ordering
* Removed the inaccurate text in index for EaaS
This PR adds a new Storage Backend for Triton's Object Storage - Manta
```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v -timeout 45m
=== RUN TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok github.com/hashicorp/vault/physical/manta 61.210s
```
Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store
Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value
The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`
The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
* website: add note about the 0.9.2+ CLI changes to reduce confusion
* website: fix frontmatter for 0.9.3 guide, add to guides index
* website: add overview title to 0.9.3 guide for spacing
* Doc updates and API refactoring
* fix tests
* change metadata fieldtype to TypeKVPairs
* Give example for TypeKVPairs in CLI for metadata
* Update API docs examples to reflect the native expected value for TypeKVPairs
* Don't mention comma separation in the docs for TypeCommaStringSlice
* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias
* Address review feedback
* Fix formatting
* fix sidebar links
This removes all references I could find to:
- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend
in favor of the unified:
- auth method
@jefferai and I discussed this on Friday. With three fully-documented
SSH backends, the page is lengthy, ungreppable, and intimidating. This
commit separates the SSH backends into their own pages with as little
text changes as possible.
* Add backend plugin changes
* Fix totp backend plugin tests
* Fix logical/plugin InvalidateKey test
* Fix plugin catalog CRUD test, fix NoopBackend
* Clean up commented code block
* Fix system backend mount test
* Set plugin_name to omitempty, fix handleMountTable config parsing
* Clean up comments, keep shim connections alive until cleanup
* Include pluginClient, disallow LookupPlugin call from within a plugin
* Add wrapper around backendPluginClient for proper cleanup
* Add logger shim tests
* Add logger, storage, and system shim tests
* Use pointer receivers for system view shim
* Use plugin name if no path is provided on mount
* Enable plugins for auth backends
* Add backend type attribute, move builtin/plugin/package
* Fix merge conflict
* Fix missing plugin name in mount config
* Add integration tests on enabling auth backend plugins
* Remove dependency cycle on mock-plugin
* Add passthrough backend plugin, use logical.BackendType to determine lease generation
* Remove vault package dependency on passthrough package
* Add basic impl test for passthrough plugin
* Incorporate feedback; set b.backend after shims creation on backendPluginServer
* Fix totp plugin test
* Add plugin backends docs
* Fix tests
* Fix builtin/plugin tests
* Remove flatten from PluginRunner fields
* Move mock plugin to logical/plugin, remove totp and passthrough plugins
* Move pluginMap into newPluginClient
* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck
* Change shim logger's Fatal to no-op
* Change BackendType to uint32, match UX backend types
* Change framework.Backend Setup signature
* Add Setup func to logical.Backend interface
* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments
* Remove commented var in plugin package
* RegisterLicense on logical.Backend interface (#3017)
* Add RegisterLicense to logical.Backend interface
* Update RegisterLicense to use callback func on framework.Backend
* Refactor framework.Backend.RegisterLicense
* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs
* plugin: Revert BackendType to remove TypePassthrough and related references
* Fix typo in plugin backends docs
