luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
4794 commits 1 branch 0 tags 214 MiB
Commit graph

1045 commits

Author SHA1 Message Date
Jeff Mitchell 7308031e4d Add more entries to the 0.6 upgrade notes 2016-06-06 16:04:02 -04:00
Vinay Hiremath 584c2b9c10 Small grammatical error 
"invaliding" => "invalidating"
 2016-06-03 11:07:54 -07:00
Jeff Mitchell 33764e85b1 Merge pull request #1324 from hashicorp/sethvargo/doc_gpg 
Add a page for step-by-step gpg/keybase
 2016-06-03 13:24:57 -04:00
Jeff Mitchell a147c3346c Make some updates to PGP documentation 2016-06-03 13:23:20 -04:00
Jeff Mitchell 07193b519d Add announcment list to community page 2016-06-01 22:06:21 -04:00
vishalnayak 315f9c868c Provide option to disable host key checking 2016-06-01 11:08:24 -04:00
vishalnayak dbee3cd81b Address review feedback 2016-06-01 10:36:58 -04:00
vishalnayak 5c25265fce rename aws.html.md as aws-ec2.html.md 2016-05-30 14:11:15 -04:00
vishalnayak a072f2807d Rename aws as aws-ec2 2016-05-30 14:11:15 -04:00
vishalnayak 30fa7f304b Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak 971b2cb7b7 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Sami Rageb 2dba9b180b Fixed & clarified grammar around HCL & JSON 
- Fixed the statement that HCL is JSON compatible, it's vice versa
- Added that HCL is a superset of JSON to eliminate any lingering confusion
 2016-05-26 20:14:59 -05:00
Jeff Mitchell 81e14262cd Remove reference to cookies altogether 
Fixes #1437
 2016-05-26 09:29:41 -04:00
vishalnayak 21605ee9d8 Typo fix: s/Vault/Consul 2016-05-24 18:22:20 -04:00
Seth Vargo b1959e1f26
Use updated architecture diagram 
As much as we love @armon's omnigraffle, this new diagram better matches
the Vault branding 😄.
 2016-05-23 20:10:51 -04:00
Kevin Pike 111ef09a18 Update rabbitmq lease docs 2016-05-20 23:28:41 -07:00
Jeff Mitchell caf77109ba Add cubbyhole wrapping documentation 2016-05-19 13:33:51 -04:00
Jeff Mitchell a13807e759 Merge pull request #1318 from steve-jansen/aws-logical-assume-role 
Add sts:AssumeRole support to the AWS secret backend
 2016-05-19 12:17:27 -04:00
Francis Chuang ae1d5a8fea Minor grammar fix. 2016-05-19 17:01:30 +10:00
Stuart Glenn b75eed61ed Add documentation on Swift backend configuration 2016-05-16 17:29:40 -05:00
Seth Vargo 888527f9d4
Add note about paid training 2016-05-16 16:45:02 -04:00
Jeff Mitchell 60975bf76e Revert "Remove a few assumptions regarding bash(1) being located in /bin." 2016-05-15 15:22:21 -04:00
Sean Chittenden f91114fef5
Remove a few assumptions regarding bash(1) being located in /bin. 
Use sh(1) where appropriate.
 2016-05-15 11:41:14 -07:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Vishal Nayak 53fc941761 Merge pull request #1300 from hashicorp/aws-auth-backend 
AWS EC2 instances authentication backend
 2016-05-14 19:42:03 -04:00
vishalnayak 4122ed860b Rename 'role_name' to 'role' 2016-05-13 14:31:13 -04:00
Jeff Mitchell b850f876a7 Merge pull request #1407 from z00m1n/patch-1 
fix PostgreSQL sample code
 2016-05-12 17:07:48 -07:00
cmclaughlin cdf715b94a Document configuring listener to use a CA cert 2016-05-12 15:34:47 -07:00
Steven Samuel Cole e3bb3a4efb fix PostgreSQL sample code 
The current sample configuration line fails with `Error initializing backend of type postgresql: failed to check for native upsert: pq: unsupported sslmode "disabled"; only "require" (default), "verify-full", "verify-ca", and "disable" supported`.
 2016-05-12 23:22:41 +02:00
vishalnayak 7e8a2d55d0 Update docs and path names to the new patterns 2016-05-12 11:45:10 -04:00
Jeff Mitchell aecc3ad824 Add explicit maximum TTLs to token store roles. 2016-05-11 16:51:18 -04:00
vishalnayak ddcaf26396 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
Jeff Mitchell d899f9d411 Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00
Jeff Mitchell d77563994c Merge pull request #1346 from hashicorp/disable-all-caches 
Disable all caches
 2016-05-07 16:33:45 -04:00
Steve Jansen 597d59962c Adds sts:AssumeRole support to the AWS secret backend 
Support use cases where you want to provision STS tokens
using Vault, but, you need to call AWS APIs that are blocked
for federated tokens.  For example, STS federated tokens cannot
invoke IAM APIs, such as  Terraform scripts containing
`aws_iam_*` resources.
 2016-05-05 23:32:41 -04:00
Jeff Mitchell 3e71221839 Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
Chris Jansen ea21dec7b4 Add scala vault library to list of client libs 2016-05-04 18:04:28 +01:00
Jeff Mitchell 3600b2573d Update website docs re token store role period parsing 2016-05-04 02:17:20 -04:00
vishalnayak b7c48ba109 Change image/ to a more flexible /role endpoint 2016-05-03 23:36:59 -04:00
Jeff Mitchell 8572190b64 Plumb disabling caches through the policy store 2016-05-02 22:36:44 -04:00
vishalnayak 9f2a111e85 Allow custom endpoint URLs to be supplied to make EC2 API calls 2016-05-02 17:21:52 -04:00
Seth Vargo 45ac1bc151
Track enhanced links 2016-05-02 15:57:23 -04:00
Jeff Mitchell 4182d711c3 Merge branch 'master-oss' into aws-auth-backend 2016-04-29 14:23:16 +00:00
Jeff Mitchell 81da06de05 Fix fetching parameters in token store when it's optionally in the URL 2016-04-28 15:15:37 -04:00
vishalnayak 2a2dc0befb Added allow_instance_migration to the role tag 2016-04-28 11:43:48 -04:00
vishalnayak b7b1f80a83 Updated docs 2016-04-28 11:25:47 -04:00
vishalnayak 779d73ce2b Removed existence check on blacklist/roletags, docs fixes 2016-04-27 21:29:32 -04:00
vishalnayak de1a1be564 tidy endpoint fixes 2016-04-26 10:22:29 -04:00
vishalnayak 21854776af Added cooldown period for periodic tidying operation 2016-04-26 10:22:29 -04:00
vishalnayak 5a2e1340df Removed redundant AWS public certificate. Docs update. 2016-04-26 10:22:29 -04:00
vishalnayak 58c485f519 Support providing multiple certificates. 
Append all the certificates to the PKCS#7 parser during signature verification.
 2016-04-26 10:22:29 -04:00
Jeff Mitchell fd977bb478 Updating to docs 2016-04-26 10:22:29 -04:00
vishalnayak 9d4a7c5901 Docs update 2016-04-26 10:22:29 -04:00
Sean Chittenden 5a33edb57d Change to the pre-0.6.4 Consul Check API 
Consul is never going to pass in more than 1K of output.  This mitigates the pre-0.6.4 concern.
 2016-04-25 18:01:13 -07:00
Sean Chittenden 3228d25c65 Add a small bit of wording re: disable_registration 
Consul service registration for Vault requires Consul 0.6.4.
 2016-04-25 18:01:13 -07:00
Sean Chittenden dd3219ec56 Provide documentation and example output 2016-04-25 18:01:13 -07:00
Sean Chittenden 60006f550f Various refactoring to clean up code organization 
Brought to you by: Dept of 2nd thoughts before pushing enter on `git push`
 2016-04-25 18:01:13 -07:00
Sean Chittenden 0c23acb818 Comment nits 2016-04-25 18:00:54 -07:00
Jeff Mitchell c12dcba9bc Merge pull request #1266 from sepiroth887/azure_backend 
added Azure Blobstore backend support
 2016-04-25 15:53:09 -04:00
Jeff Mitchell 0f0a6ae368 Merge pull request #1282 from rileytg/patch-1 
change github example team to admins
 2016-04-25 15:45:01 -04:00
Seth Vargo da1735e396
Do not allow referrer to modify the parent 
http://mathiasbynens.github.io/rel-noopener/
 2016-04-22 23:41:09 -04:00
Sean Chittenden f6bec6e017 Wordsmith the docs around the list command. 
Prompted by: feedback from conference attendees at PGConf '16
 2016-04-20 18:13:58 -04:00
Jeff Mitchell 4e53f4b1a4 Use UseNumber() on json.Decoder to have numbers be json.Number objects 
instead of float64. This fixes some display bugs.
 2016-04-20 18:38:20 +00:00
Jeff Mitchell ee8dd1ab6a Add vault-php-sdk to libraries page 2016-04-20 13:59:39 +00:00
Jeff Mitchell d7ba52f86b Backtick "region" in S3 config 2016-04-15 17:03:35 -04:00
vishalnayak 5c336297ad Provide clarity for output statements of idempotent calls. 2016-04-14 15:46:45 +00:00
vishalnayak b7178846c1 Clarify token-revoke operation 2016-04-14 15:34:01 +00:00
Seth Vargo 54c414abb2
Clarify delete operation 
One thing that has been a point of confusion for users is Vault's
response when deleting a key that does not actually exist in the system.
For example, consider:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo'

This message is misleading if the secret does not exist, especially if
the same command is run twice in a row.

Obviously the reason for this is clear - returning an error if a secret
does not exist would reveal the existence of a secret (the same reason
everything on S3 is a 403 or why GitHub repos 404 instead of 403 if you
do not have permission to view them).

I think we can make the UX a little bit better by adding just a few
words to the output:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo' if it existed

This makes it clear that the operation was only performed if the secret
existed, but it does not reveal any more information.
 2016-04-14 10:38:10 +01:00
Jeff Mitchell b90286996f Update cert website docs 2016-04-13 16:28:23 +00:00
Seth Vargo 2e13b1c033 Not strictly required 2016-04-12 21:55:04 +01:00
Seth Vargo 2926be9ca7 Add a page for step-by-step gpg/keybase 2016-04-12 21:44:07 +01:00
Seth Vargo 082b25d6b0 Update website push script to fix metadata 2016-04-12 20:15:51 +01:00
Simon Dick 66f84077d3 Should be renew not revoke 2016-04-12 14:04:26 +01:00
Adam Kunicki 7fb48fd2c8 Add unofficial client library written in Kotlin 
I've been working on a Vault client written in Kotlin. Still a work in progress but will soon be on-par with the official Ruby client.
 2016-04-11 09:37:42 -07:00
Christopher "Chief" Najewicz 67e8328a76 Update github doc with note about slugifying team 2016-04-10 11:11:40 -04:00
Kevin Pike 0bea2498a8 Remove example parameters 2016-04-08 09:49:10 -07:00
Kevin Pike a86e5e3cd9 Support verify_connection flag 2016-04-08 09:44:15 -07:00
Kevin Pike fc61a7695b Fix RabbitMQ documentation 
PostgreSQL -> RabbitMQ
 2016-04-08 09:30:20 -07:00
Kevin Pike 23492e9572 Fix RabbitMQ URLs 2016-04-08 09:29:00 -07:00
Kevin Pike 525b82544c Update docs layout with RabbitMQ 2016-04-08 09:26:16 -07:00
Kevin Pike e3db8c999e Merge branch 'master' of github.com:doubledutch/vault 2016-04-08 09:25:28 -07:00
Paul Hinze c59ce316eb website: force mime-types for some assets on deploy 
Should fix occassional issues with application/octet-stream mime type
assets breaking things on the site.
 2016-04-07 12:54:17 -05:00
Sean Chittenden 09ad6317ea Merge pull request #1297 from hashicorp/f-bsd-mlock 
F bsd mlock
 2016-04-06 13:57:34 -07:00
Jeff Mitchell 0f923d8da5 Merge pull request #1301 from gliptak/patch-3 
Update vault read output
 2016-04-06 11:26:55 -04:00
Gábor Lipták fa08142921 Update token-create/auth output 2016-04-06 11:14:27 -04:00
Gábor Lipták b2f4d95c27 Update toke-create output 2016-04-06 10:24:19 -04:00
Gábor Lipták f0d3f49601 Update vault read output 2016-04-06 09:13:39 -04:00
Sean Chittenden b08b57aba9 Clarify that Darwin and BSD are supported w/ mlock 
Word smith a tad.
 2016-04-05 22:18:44 -07:00
vishalnayak e3a1ee92b5 Utility Enhancements 2016-04-05 20:32:59 -04:00
Jeff Mitchell ebfc8c3fb1 Merge pull request #1293 from gliptak/patch-2 
Correct typo in base64 parameters
 2016-04-05 09:38:00 -04:00
Gábor Lipták ce2dd5d869 Correct typo in base64 parameters 2016-04-05 09:20:43 -04:00
Gábor Lipták a8edba907f Update transit read key output 2016-04-05 09:16:47 -04:00
Jeff Mitchell d72e462686 Merge pull request #1290 from steve-jansen/patch-2 
Adds note on GH-1102 fix to secret/aws doc
 2016-04-05 08:37:39 -04:00
Steve Jansen d2b3d924ca Adds note on GH-1102 fix to secret/aws doc 
Add note related to #1102, which leads to a non-obvious AWS error message on 0.5.0 or earlier.
 2016-04-04 21:30:41 -04:00
Steve Jansen 89c7f312e4 Fix typo in iam permission for STS 2016-04-04 21:20:26 -04:00
Riley Guerin 5620e00f9c fix typo 2016-04-01 07:49:25 -07:00
Riley Guerin 0fac5b906e change github example team to admins 
somewhat recently github has gone away from the previous model of an "owners" team 
https://help.github.com/articles/converting-your-previous-owners-team-to-the-improved-organization-permissions/

you can be an "Owner" of the org still but this does not map to vault as one *might* expect given these docs
 2016-04-01 07:48:54 -07:00
Jeff Mitchell 18c8b6eba8 Update 0.6 upgrade info 2016-04-01 10:11:32 -04:00
Jeff Mitchell 121a5b37f2 Add revoke-prefix changelog/website info 2016-04-01 10:06:29 -04:00
Jeff Mitchell 2efaf5272c Documentation update 2016-03-31 18:07:43 -04:00
Gérard de Vos eadf2faf83 Update index.html.md 
According to the source it is expecting a description. log_raw is one of the options.
 2016-03-31 14:19:03 +02:00
Gérard de Vos 13763203b6 Update index.html.md 
description -> log_raw
 2016-03-31 14:06:19 +02:00
Tobias Haag 175e3cc354 added Azure backend support 
updated Godeps
added website docs
updated vendor
 2016-03-30 19:49:38 -07:00
Jang-Soo "Bruce" Lee 36d22a0c8d Update consul.html.md 2016-03-30 09:57:14 -04:00
Vishal Nayak 9932efea08 Merge pull request #1268 from hashicorp/fix-audit-doc 
Fix audit docs
 2016-03-30 00:55:39 -04:00
vishalnayak 7a34cea28d Fix audit docs 2016-03-30 00:54:40 -04:00
Vishal Nayak 05b4c7102f Revert "Change mysql connection to match new" 2016-03-23 15:18:09 -04:00
Chris Mague e27bcaf9a4 Change mysql connection to match new 
Documentation update to reflect mysql config connection from the old to the newer format
 2016-03-23 12:09:06 -07:00
Amit Khare 218a713293 Update userpass.html.md 2016-03-23 10:47:28 -04:00
Christian Winther ec0af1c71d Update sys-step-down.html.md 2016-03-20 18:02:32 +01:00
Cem Ezberci 7ad97279d5 Fix a typo 2016-03-19 21:24:17 -07:00
Jeff Mitchell 5edad1137a Add some clarification to advertise_addr 2016-03-19 10:21:51 -04:00
Jeff Mitchell b4a4f211da Some generic docs updates 2016-03-18 09:57:21 -04:00
Jeff Mitchell 4211ed2845 Add exclude_cn_from_sans to PKI docs 2016-03-17 16:58:06 -04:00
Jeff Mitchell 2ad2df9cc5 Update middleman-hashicorp 2016-03-16 20:06:17 -04:00
Jeff Mitchell a92fc7988e Put old releases text back 2016-03-16 16:17:56 -04:00
Jeff Mitchell 786bce24b1 Remove us building Solaris binaries for the moment, as they don't build successfully 2016-03-16 15:47:55 -04:00
Vishal Nayak 2c0c901eac Merge pull request #1216 from hashicorp/userpass-update 
Userpass: Update the password and policies associated to user
 2016-03-16 14:58:28 -04:00
Jeff Mitchell 48a312ea9e Bump website ver 2016-03-16 12:37:00 -04:00
vishalnayak 2914ff7502 Use helper for existence check. Avoid panic by fetching default values for field data 2016-03-16 11:26:33 -04:00
vishalnayak 1513ade19a Added API documentation for userpass backend 2016-03-15 22:19:31 -04:00
Vishal Nayak 7db7b47fdd Merge pull request #1210 from hashicorp/audit-id-path 
Rename id to path and path to file_path, print audit backend paths
 2016-03-15 20:13:21 -04:00
Jeff Mitchell 747ab4b4d1 Merge pull request #1215 from hashicorp/issue-1212 
Add list support to certs in cert auth backend.
 2016-03-15 14:58:23 -04:00
Jeff Mitchell 21b2a658e2 Remove name param from docs 2016-03-15 14:58:10 -04:00
Jeff Mitchell 93c60ef707 Merge pull request #1196 from hashicorp/reload-listener-tls 
Add reload capability for Vault listener certs
 2016-03-15 14:09:34 -04:00
Jeff Mitchell 8bf935bc2b Add list support to certs in cert auth backend. 
Fixes #1212
 2016-03-15 14:07:40 -04:00
vishalnayak 65c1040149 Documentation to provide optional parameters to token store API 2016-03-14 19:36:53 -04:00
vishalnayak 1dedf8d0e3 Rename 'name' as 'path' in audit API docs 2016-03-14 18:33:51 -04:00
vishalnayak 71fc07833f Rename id to path and path to file_path, print audit backend paths 2016-03-14 17:15:07 -04:00
Jeff Mitchell a798bdb822 Update app-id docs to use new endpoint 2016-03-14 16:43:02 -04:00
Jeff Mitchell 9bfd24cd69 s/hash_accessor/hmac_accessor/g 2016-03-14 14:52:29 -04:00
Jeff Mitchell 9f5cc38ff7 Merge pull request #1208 from mhurne/aws-secret-backend-docs-fix 
AWS permissions documentation fixes
 2016-03-14 14:36:33 -04:00
Jeff Mitchell 0e3764832a Add test for listener reloading, and update website docs. 2016-03-14 14:05:47 -04:00
Matt Hurne 4ee6b04405 AWS permissions documentation fixes: add missing permissions needed to attach and detach managed policies to IAM users, add missing comma, remove extraneous comma 2016-03-14 09:39:32 -04:00
vishalnayak 0602bb25f1 Remove redundant variables 2016-03-11 21:36:38 -05:00
vishalnayak 3e9bffd84f Doc update for syslog and file backends 2016-03-11 21:14:39 -05:00
Jeff Mitchell 77b90c6745 Add query parameters to /sys/health to specify return codes. 
Fixes #1199
 2016-03-11 00:41:25 -05:00
Vishal Nayak 343e6f1671 Merge pull request #998 from chrishoffman/mssql 
Sql Server (mssql) secret backend
 2016-03-10 22:30:24 -05:00
Chris Hoffman 8c3539df35 Docs updates 2016-03-10 21:15:25 -05:00
Chris Hoffman 5af33afd90 Adding verify_connection to config, docs updates, misc cleanup 2016-03-09 23:08:05 -05:00
Jeff Mitchell fa2ba47a5c Merge branch 'master' into token-roles 2016-03-09 17:23:34 -05:00
Jeff Mitchell 6df72e6efd Merge pull request #1168 from hashicorp/revoke-force 
Add forced revocation.
 2016-03-09 16:59:52 -05:00
Vishal Nayak b2ad836077 Merge pull request #1188 from hashicorp/token-accessors 
Accessor paths for lookup and revocation of tokens
 2016-03-09 15:38:21 -05:00
vishalnayak 007142262f Provide accessor to revove-accessor in the URL itself 2016-03-09 13:08:37 -05:00
Jeff Mitchell d571a1e85d Add website docs 2016-03-09 12:49:12 -05:00
AndrewBrown-JustEat c3a2238037 Minor documentation change 2016-03-09 14:50:23 +00:00
vishalnayak 926e7513d7 Added docs for /sys/capabilities-accessor 2016-03-09 09:48:32 -05:00
vishalnayak 7407c27778 Add docs for new token endpoints 2016-03-09 09:31:09 -05:00
Jeff Mitchell 123d7b71d4 Add a necessary IAM permission to the example 2016-03-08 21:29:34 -05:00
vishalnayak 3b463c2d4e use errwrap to check the type of error message, fix typos 2016-03-07 18:36:26 -05:00
Jeff Mitchell cc1f5207b3 Merge branch 'master' into token-roles 2016-03-07 10:03:54 -05:00
vishalnayak 73943546c3 Documentation for capabilities and capabilities-self APIs 2016-03-07 06:13:56 -05:00
Jeff Mitchell 3e7bca82a1 Merge pull request #1146 from hashicorp/step-down 
Provide 'sys/step-down' and 'vault step-down'
 2016-03-03 12:30:08 -05:00
Jeff Mitchell 5c55c34d6b Update cubbyhole text to be more explicit. 
Fixes #1165
 2016-03-03 10:58:58 -05:00
Chris Hoffman 0b4a8f5b94 Adding mssql secret backend 2016-03-03 09:19:17 -05:00
Jeff Mitchell 7c5f810bc0 Address first round of feedback 2016-03-01 15:30:37 -05:00
Jeff Mitchell 02362a5873 Update token documentation 2016-03-01 14:00:52 -05:00
vishalnayak fd585ecf8a removed datatype and corrected a sentense 2016-03-01 11:21:29 -05:00
vishalnayak 724823b8f7 zeroaddress documentation fix 2016-03-01 10:57:00 -05:00
Jeff Mitchell 3cc35a554b Update doc, it's now 10 seconds 2016-02-29 10:09:11 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down' 
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
 2016-02-26 19:43:55 -05:00
Jeff Mitchell 6207377f32 Update Vishal's info on the community page 2016-02-25 15:17:53 -05:00
Jeff Mitchell b61f43d34c Update documentation around VAULT_TLS_SERVER_NAME 2016-02-25 12:29:05 -05:00
Jeff Mitchell db4450d3f3 Bump website version number 2016-02-25 10:44:18 -05:00
Jeff Mitchell 8ca847c9b3 Be more explicit about buffer type 2016-02-24 22:05:39 -05:00
Jeff Mitchell 151eaf9ec0 Add documentation for pki/tidy 2016-02-24 21:31:29 -05:00
Jeff Mitchell 36672bbf1f Add information about the cert renewal enhancements to the upgrade guide 2016-02-24 21:24:20 -05:00
Jeff Mitchell 842f6670d1 Add upgrade information 2016-02-24 21:13:44 -05:00
vishalnayak 69bcbb28aa rename verify_cert as disable_binding and invert the logic 2016-02-24 21:01:21 -05:00
vishalnayak cf0156e5b4 documentation for the config endpoint 2016-02-24 17:13:24 -05:00
Jack Pearkes d065425f44 website: fix hover state for annc banner 2016-02-24 11:18:10 -08:00
Jack Pearkes c3fd1f8853 Merge pull request #1119 from hashicorp/jt-enterprise-bnr 
Vault Enterprise Banner and Nav
 2016-02-24 11:03:09 -08:00
captainill a83db21a77 website: announcement banner for vault enterprise 2016-02-24 10:59:31 -08:00
Matt Hurne f4d8852259 Add note that STS credentials can only be generated for user inline policies in AWS secret backend documentation 2016-02-23 09:06:52 -05:00
vishalnayak c9899a5300 postgres: connection_url fix 2016-02-22 11:22:49 -05:00
Kevin Pike 264c9cc40e Merge branch 'master' into rabbitmq 2016-02-21 14:55:06 -08:00
Kevin Pike c755065415 Add RabbitMQ secret backend 2016-02-21 14:52:57 -08:00
vishalnayak a43bd9131b changelog++ 2016-02-19 16:52:19 -05:00
vishalnayak 38b55bd8b1 Don't deprecate value field yet 2016-02-19 16:07:06 -05:00
vishalnayak 380b662c3d mysql: provide allow_verification option to disable connection_url check 2016-02-19 16:07:05 -05:00
Jeff Mitchell fef282f078 Some website config updates 2016-02-19 15:27:02 -05:00
Jeff Mitchell 50d3b68c8d Merge pull request #1078 from eyal-lupu/master 
ZooKeeper Backend: Authnetication and Authorization support
 2016-02-19 15:13:09 -05:00
Jeff Mitchell be073f8499 Update upgrade website section with information about the 0.5.1 PKI changes 2016-02-19 14:42:59 -05:00
Jeff Mitchell 7fc4ee1ed7 Disallow 1024-bit RSA keys. 
Existing certificates are kept but roles with key bits < 2048 will need
to be updated as the signing/issuing functions now enforce this.
 2016-02-19 14:33:02 -05:00
Jeff Mitchell 05b5ff69ed Address some feedback on ldap escaping help text 2016-02-19 13:47:26 -05:00
Jeff Mitchell c67871c36e Update LDAP documentation with a note on escaping 2016-02-19 13:16:18 -05:00
Jeff Mitchell 9f4273589f Remove root-protected references from transit docs 2016-02-18 12:45:18 -05:00
Jeff Mitchell 695a822545 Merge pull request #1075 from rajanadar/patch-14 
adding full response for intermediate/generate
 2016-02-18 10:16:53 -05:00
Jeff Mitchell c431c2204d Merge pull request #1074 from rajanadar/patch-13 
added missing fields to read role
 2016-02-18 10:16:14 -05:00
Eyal Lupu dd2c7a6bc8 Update index.html.md 
typo in docs
 2016-02-15 16:52:43 +00:00
Eyal Lupu c04b8ab287 Update index.html.md 
Documentation: Zookeeper authentication and ACLs
 2016-02-15 16:38:14 +00:00
Eyal Lupu 35074dff51 Update index.html.md 
Zookeeper authentication and authorization documentations
 2016-02-15 16:20:32 +00:00
Raja Nadar e7d20c0ef3 adding full response for intermediate/generate 
1. adding superset of fields in response, so that folks can see all possible response fields.
2. also added the less important "warnings" field
 2016-02-14 14:42:37 -08:00
Raja Nadar 2d918196ca added missing fields to read role 
added the lease and token type field to the read role response.
 2016-02-14 13:00:42 -08:00
Raja Nadar b0d05ebcb3 fixing response fields of /pki/issue 
1. added the private_key_type field
2. changed "serial" to "serial_number"
3. added the warnings field
 2016-02-14 12:41:43 -08:00
Jeff Minard 1985fa3313 Minor spelling fix 2016-02-13 08:41:16 -08:00
techraf 812736b475 Fixes typo 2016-02-12 22:34:07 +09:00
Jeff Mitchell aaed354aca Add note about client libraries to 0.5 upgrade page 2016-02-10 12:10:51 -05:00
Jeff Mitchell 4fb603906f Bump website download links to 0.5.0 2016-02-10 12:08:29 -05:00
Jeff Mitchell 69f7aca258 Add change of exit code for status to upgrade page 2016-02-10 08:01:54 -05:00
Vishal Nayak fff201014d Merge pull request #1021 from hashicorp/vault-seal-1006 
Sealing vault in standby mode
 2016-02-03 15:22:16 -05:00
Mukhtar Haji f27e691c6c Correct a small typo 2016-02-03 20:08:33 +00:00
vishalnayak eeea9710b6 Generalized the error message and updated doc 2016-02-03 15:06:18 -05:00
merri-j 3a996e11fd Add postgresql to bullet list of backends 2016-02-03 14:04:55 -05:00
Seth Vargo 4ca9d72f3a Link to blog post on using with CM 2016-02-02 18:00:39 -05:00
Jeff Mitchell 159754acf2 Use capabilities to determine upsert-ability in transit. 2016-02-02 10:03:14 -05:00
Jeff Mitchell 5ef8839e48 Revert "Re-add upsert into transit. Defaults to off and a new endpoint /config" 
This reverts commit dc27d012c0357f93bfd5bd8d480f3e229166307a.
 2016-02-02 09:26:25 -05:00
Jeff Mitchell 6e6382d410 Some rewording based on feedback 2016-02-01 20:24:28 -05:00
Jeff Mitchell f9bced579b +list of 2016-02-01 20:17:06 -05:00
Jeff Mitchell 66494faa3f Add an install/upgrade section. Add general and 0.5 upgrade procedures. 2016-02-01 20:17:06 -05:00
Jeff Mitchell 1d385b4de3 Re-add upsert into transit. Defaults to off and a new endpoint /config 
can be used to turn it on for a given mount.
 2016-02-01 20:13:57 -05:00
Jeff Mitchell ca5e4dd955 Merge pull request #980 from rajanadar/patch-8 
fixing the return type of verify otp
 2016-02-01 14:10:14 -05:00
Jeff Mitchell fc6d23a54e Allow the format to be specified as pem_bundle, which creates a 
concatenated PEM file.

Fixes #992
 2016-02-01 13:19:41 -05:00
Jeff Mitchell af73d965a4 Cassandra: 
* Add ability to change protocol version
* Remove config as a root path, use normal ACLs
* Update docs
 2016-02-01 10:27:26 -05:00
Jeff Mitchell 9a21d03689 Update documentation around default_lease_ttl and max_lease_ttl. 
Fixes #1004
 2016-02-01 09:44:42 -05:00
Jeff Mitchell d0eb0813b1 Add vault-java-drver to libraries 2016-01-29 21:02:54 -05:00
Jeff Mitchell df536a8f0a Fix token backend doc bug 
Fixes #990
 2016-01-29 21:01:08 -05:00
Devin Christensen 4112809fb5 Make the PostgreSQL backend more performant 2016-01-29 13:47:10 -07:00
Jeff Mitchell 5f178e1927 Update transit docs to no longer claim upsert functionality 2016-01-29 14:43:52 -05:00
Jeff Mitchell 68dc0e2dd3 Merge pull request #945 from quixoten/postgres_physical 
Add support for PostgreSQL as a physical backend
 2016-01-29 10:35:38 -05:00
Jeff Mitchell 2015118958 Add listing of roles to PKI 2016-01-28 15:18:07 -05:00
Jeff Mitchell 63c6172c17 Add list documentationf for mysql 2016-01-28 15:06:52 -05:00
Jeff Mitchell 62e3ac83f8 Add list support for postgres roles 2016-01-28 14:41:50 -05:00
Jeff Mitchell 904e2b36b6 Update SSH documentation with list 2016-01-28 14:41:43 -05:00
Raja Nadar e4438d9705 fixed the return type of /ssh/lookup api 2016-01-28 01:04:35 -08:00
Raja Nadar b8fa5c6fd4 fix return type of post /ssh/creds 
added sample json for both otp and dynamic credentials
 2016-01-28 00:56:59 -08:00
Raja Nadar 7aabad7808 better description 2016-01-27 21:58:54 -08:00
Raja Nadar 67da86eeab fixing the return type of verify otp 
it seems to be 200 on valid OTP and 204 on invalid OTP. (i think it should be an error.. 400 or 404)
but for the moment, fixing the docs to match the existing behavior.
 2016-01-27 20:04:11 -08:00
Devin Christensen 737df30939 Improve naming 
Hopefully this naming scheme will be more straightforward.
 2016-01-27 17:15:48 -07:00
Jeff Mitchell b7a49922a9 Update etcd sync option to be a string. 
Ping #921
 2016-01-27 17:15:52 -05:00
Jeff Mitchell b0bd06f5a4 Merge pull request #921 from faradayio/hosted-etcd-support 
Load-balanced etcd support
 2016-01-27 17:09:43 -05:00
Hanno Hecker 0db33274b7 discover bind dn with anonymous binds 2016-01-27 17:06:27 +01:00
Hanno Hecker 22c22095d2 samaccountname as login example 2016-01-27 09:25:05 +01:00
Hanno Hecker c6acb340a8 docs for binddn/bindpass 2016-01-27 07:51:10 +01:00
Jeff Mitchell 1107a068b7 Merge pull request #972 from rajanadar/patch-7 
added the delete api details to generic backend
 2016-01-26 09:49:06 -05:00
Jeff Mitchell bc04e4eec2 Merge pull request #971 from rajanadar/patch-6 
added the delete api details to cubbyhole
 2016-01-26 09:48:47 -05:00
Jeff Mitchell 92d42aa6c7 Merge pull request #969 from rajanadar/patch-4 
fixing the description of the /lookup/<token> api
 2016-01-26 09:48:22 -05:00
Raja Nadar 741c23cb4a added the delete api details to generic backend 
documentation was missing this api description
 2016-01-25 23:56:33 -08:00
Raja Nadar 64c9eb969d added the delete api details to cubbyhole 
cubbyhole delete api details were missing. added them.
 2016-01-25 23:47:33 -08:00
Raja Nadar f02aa2c2c0 fixing an incorrect json response field name 
changed a read-role api response field from 'revocation_cql' to 'rollback_cql'
didn't verify it using a real cassandra server test, but looked at the source code json schema definition here: 

https://github.com/hashicorp/vault/blob/master/builtin/logical/cassandra/path_roles.go
func pathRoles(b *backend) *framework.Path 

please feel free to discard the PR, if i am looking at the wrong source location or something.
 2016-01-25 23:42:20 -08:00
Raja Nadar cf9b3c7c66 fixing the description of the /lookup/<token> api 2016-01-25 23:26:29 -08:00
Nicki Watt c57072d39a AWS secret backend - docs when using existing policy 2016-01-26 01:43:14 +00:00
Nicki Watt 35a0d28620 Docs for AWS backend when using an existing policy 2016-01-26 01:39:24 +00:00
Devin Christensen 93c64375e9 Merge 'upstream/master' into postgres_physical 2016-01-25 13:43:16 -07:00
Jeff Mitchell 05e337727f Document changes 2016-01-25 14:47:16 -05:00
Seth Vargo 64e521a68b Add structured data 2016-01-24 13:37:20 -05:00
Jeff Mitchell abd9fe1b73 Merge pull request #961 from rajanadar/patch-3 
fixed login link,request params,add json response
 2016-01-23 14:45:27 -05:00
Raja Nadar d3434f8f03 clarify default mountpoint 2016-01-23 11:02:00 -08:00
Devin Christensen 9d776351a3 Merge 'upstream/master' into postgres_physical 2016-01-22 20:56:07 -07:00
Raja Nadar 9b82736b9a fixed login link,request params,add json response 
1. fix login link
2. added personal access token to request message
3. added a sample json response
 2016-01-22 17:38:32 -08:00
Raja Nadar b0f33d4d19 mention that this is an unauthenticated endpoint 2016-01-22 17:10:16 -08:00
Raja Nadar dac5997e14 update sys-init.html.md 
change response field from 'initialize' to 'initialized'
 2016-01-22 16:45:59 -08:00
Devin Christensen c226b0be7d Update naming and pull DDL for upsert back out 2016-01-22 17:15:10 -07:00
Devin Christensen 32b712ddb1 Move the upsert definition back into the code 2016-01-22 09:47:02 -07:00
Devin Christensen bfbdc72e03 Remove options for column configuration 2016-01-22 08:41:31 -07:00
Jeff Mitchell 7b2407093b 0.7 -> 1.0 2016-01-22 10:07:32 -05:00
Jeff Mitchell 3955604d3e Address more list feedback 2016-01-22 10:07:32 -05:00
Jeff Mitchell 7d1d003ba0 Update documentation and use ParseBool for list query param checking 2016-01-22 10:07:32 -05:00
Jeff Mitchell be1b4c8a46 Only allow listing on folders and enforce this. Also remove string sorting from Consul backend as it's not a requirement and other backends don't do it. 2016-01-22 10:07:32 -05:00
Jeff Mitchell 5341cb69cc Updates and documentation 2016-01-22 10:07:32 -05:00
Jeff Mitchell d621d7ebe7 Add C# library and do some reorg on the library page 2016-01-22 10:03:02 -05:00
Devin Christensen 512b1ddf6c Merge 'upstream/master' into postgres_physical 2016-01-21 13:04:27 -07:00
Dmitriy Gromov 4abca91d66 Renamed sts duration to ttl and added STS permissions note. 2016-01-21 14:28:34 -05:00
Dmitriy Gromov 0b5e35c8cd documenting the new aws/sts endpoint 2016-01-21 14:05:10 -05:00
Devin Christensen 06641570c7 Remove DDL statements from the code 2016-01-20 18:52:49 -07:00
Devin Christensen fc94487f55 Add support for PostgreSQL as a physical backend 2016-01-19 17:00:09 -07:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
Jorge Ferreira 306c63b1be /encryption key/master key/ 2016-01-19 15:42:50 +00:00
Seth Vargo 6d655d75fe Do not use compressed javascripts 
Minifier gets really confused when you give it already-compressed
javascript.
 2016-01-14 15:00:41 -05:00
Jeff Mitchell 1001566a26 Keep ordering consistent in config doc, and put HA backends first 2016-01-14 13:55:53 -05:00
Seth Vargo 94f590581a Add scripts to deploy via Atlas 2016-01-14 13:42:53 -05:00
Seth Vargo e40c77ff27 Use HTTPS + www where appropriate 2016-01-14 13:42:47 -05:00
Seth Vargo d210b561a2 ImageOptim 2016-01-14 13:42:34 -05:00
Seth Vargo 13b1e8f9df Fix image asset URLs 2016-01-14 13:42:28 -05:00
Seth Vargo 2d7555f442 Remove Heroku stuff 2016-01-14 13:42:13 -05:00
Jeff Mitchell 5873824ee2 Version 0.4.1 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJWls/HAAoJEFGFLYc0j/xMarQH/i6rW+wLm9DadkFV23jwjttt
 TRumTPDoBxHQDoB0wkC4CmA8UiZnzc68o5OlxisC8KAz/89HWZf8sUDxkOSY1vUX
 BGDkiv+KF6LiDRAdDyIqK6PYUkKHaJgue9Vnwu5+1iRv1sjK5PyPb992Wmt/DtOM
 nRn8Hn5qmmDCUm79TKXpZNMs/CRx21VM7q2Sm139kLzTr0Qg2Oyxcp3mB8TR7LtV
 ATdMQ//HzL/tGJ6Yw7zkgZzdf7EMFFO1SSVqAzqag6kqNqwjvmDGrQaTzkdl7anv
 72zMXqVcryeSL6DRZuR+OrHs63aaoTwIXcqO56nBrZ1NAEqkI0oCcvDZNLt7yi4=
 =YCXl
 -----END PGP SIGNATURE-----

Merge tag 'v0.4.1'

Version 0.4.1
 2016-01-14 09:57:21 -05:00
Jeff Mitchell eeac69939c Bump values to 0.4.1 2016-01-13 17:28:17 -05:00
Jeff Mitchell d949043cac Merge pull request #914 from hashicorp/acl-rework 
More granular ACL capabilities
 2016-01-12 21:11:52 -05:00
Ziyi, LIU 5204da4edd Fix typo 
Change "...implements is own login endpoint..." to "...implements its own login endpoint..."
 2016-01-12 22:22:13 +08:00
Jeff Mitchell e815db8756 Update audit sys docs 2016-01-11 19:08:23 -05:00
Eric Kidd 69434fd13e etcd: Allow disabling sync for load balanced etcd 
Some etcd configurations (such as that provided by compose.io) place the
etcd cluster behind multiple load balancers or proxies.  In this
configuration, calling Sync (or AutoSync) on the etcd client will
replace the load balancer addresses with the underlying etcd server
address.

This will cause the etcd client to bypass the load balancers, and may
cause the connection to fail completely if the etcd servers are
protected by a firewall.

This patch provides a "sync" option for the etcd backend, which defaults
to the current behavior, but which can be used to turn off of sync.
This corresponds to etcdctl's --no-sync option.
 2016-01-11 13:56:58 -05:00
Eric Kidd ebabcd857a etcd: Document existing username and password options 
These options were present in the source code, but not in the
documentation.  They're needed to connect to some hosted etcd services.
 2016-01-11 11:30:51 -05:00
Jeff Mitchell 4f4ddbf017 Create more granular ACL capabilities. 
This commit splits ACL policies into more fine-grained capabilities.
This both drastically simplifies the checking code and makes it possible
to support needed workflows that are not possible with the previous
method. It is backwards compatible; policies containing a "policy"
string are simply converted to a set of capabilities matching previous
behavior.

Fixes #724 (and others).
 2016-01-08 13:05:14 -05:00
Paul Seiffert 3a0ea3bcaa Add documentation for the DynamoDB backend 2016-01-08 17:34:31 +01:00
Jeff Mitchell a094eedce2 Add rekey nonce/backup. 2016-01-06 09:54:35 -05:00
Jeff Mitchell d4bc51751e Fix typo in docs 2016-01-05 11:45:23 -05:00
Jeff Mitchell e54edd54ac Update documentation with policy fetching information. 2016-01-05 11:26:19 -05:00
Jonathan Thomas df5f5d68bd Merge pull request #888 from aedotj/patch-1 
Fixed "edit this page" not clickable
 2016-01-04 11:29:21 -08:00
kenjones-cisco 496e9962d0 Fixes mis-placed html tag 2015-12-31 10:37:01 -05:00
Jeff Mitchell a7a02b3043 Cert documentation fix. 
Fixes #899
 2015-12-30 16:44:24 -05:00
Jeff Mitchell 6cdb8aeb4f Merge branch 'master' into f-disable-tls 2015-12-29 12:59:02 -05:00
Jeff Mitchell 41d6e0e085 Merge pull request #882 from hashicorp/clarify-physical-support 
Clarify stance on physical backend support
 2015-12-29 11:40:23 -06:00
Greg G 911431ac27 Fixed "edit this page" not clickable 
The link in .edit-page-link is moved using top and right properties, which makes it "under" the layer of the rest of the page (at least in the docs). Changing the z-index fixes it.
 2015-12-28 17:51:27 +01:00
bashtoni 8248d15a5b Doc grammar fix 2015-12-22 21:27:08 +00:00
Jeff Mitchell dca0e72f10 Clarify stance on physical backend support 2015-12-22 10:50:31 -05:00
Jeff Mitchell 8cfc45e0eb Merge pull request #879 from hashicorp/header 
fixes 'by HashiCorp' in the header
 2015-12-21 12:39:54 -05:00
captainill a8b013a4f3 cleanup footer 2015-12-20 11:56:28 -08:00
kenjones c02013f631 add missing html tag 2015-12-20 14:20:30 -05:00
captainill 2ec7a2f032 capitol C in by hashicorp lockup 2015-12-19 21:21:18 -08:00