luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
4,854 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

4854 Commits

Author SHA1 Message Date
Vishal Nayak 4141b632fa Merge pull request #1957 from hashicorp/website-list-userpass 
Added user listing endpoint to userpass docs
 2016-10-04 14:10:49 -04:00
Jim Weber cc38f3253a fixed an incorrect assignment 2016-10-03 21:51:40 -04:00
vishalnayak 348a09e05f Add only relevant certificates 2016-10-03 20:34:28 -04:00
vishalnayak dbd364453e aws-ec2 config endpoints support type option to distinguish certs 2016-10-03 20:25:07 -04:00
Jim Weber ac78ddc178 More resilient around cases of missing role names and using the default when needed. 2016-10-03 20:20:00 -04:00
vishalnayak b105f8ccf3 Authenticate aws-ec2 instances using identity document and its RSA signature 2016-10-03 18:57:41 -04:00
Vishal Nayak 5fb6758538 Merge pull request #1960 from hashicorp/atlas-listener-docs 
document the atlas listener
 2016-10-03 16:13:32 -04:00
Matthew Irish 61975f4265 add documentation for cluster_name and link atlas listener docs 2016-10-03 15:04:33 -05:00
Jim Weber 0a7f1089ca Refactored logic some to make sure we can always fall back to default revoke statments 
Changed rolename to role
made default sql revoke statments a const
 2016-10-03 15:59:56 -04:00
Jim Weber 704fccaf2e fixed some more issues I had with the tests. 2016-10-03 15:58:09 -04:00
Jim Weber a2d6624a69 renamed rolname to role 2016-10-03 15:57:47 -04:00
Jim Weber 7ab1092c7c Removed file that should not have been added in the first place. 2016-10-03 14:53:22 -04:00
Jim Weber bfb0c2d3ff Reduced duplicated code and fixed comments and simple variable name mistakes 2016-10-03 14:53:05 -04:00
Matthew Irish 34a6abcbb6 document the atlas listener 2016-10-03 10:41:50 -05:00
Jim Weber bb70ecc5a7 Added test for revoking mysql user with wild card host and non-wildcard host 2016-10-02 22:28:54 -04:00
Jim Weber dbb00534d9 saving role name to the Secret Internal data. Default revoke query added 
The rolename is now saved to the secret internal data for fetching
later during the user revocation process. No longer deriving the role
name from request path

Added support for default revoke SQL statements that will provide the
same functionality as before. If not revoke SQL statements are provided
the default statements are used.

Cleaned up personal ignores from the .gitignore file
 2016-10-02 18:53:16 -04:00
Jeff Mitchell 8cfcbd7943 changelog++ 2016-10-02 14:55:48 -04:00
Jeff Mitchell 2c85fdfeb9 Switch default case of disable cluster. (#1959) 2016-10-02 14:54:01 -04:00
Jeff Mitchell 86b9349d2b changelog++ 2016-10-02 13:29:52 -04:00
vishalnayak aef1a88de4 Added docs for reading and deleting username 2016-09-30 16:13:57 -04:00
vishalnayak 2ad698ec0b Added user listing endpoint to userpass docs 2016-09-30 15:47:33 -04:00
Jeff Mitchell 606d717ad9 Update changelog and website for GH-1958 2016-09-30 15:08:38 -04:00
Jeff Mitchell 6d00f0c483 Adds HUP support for audit log files to close and reopen. (#1953) 
Adds HUP support for audit log files to close and reopen. This makes it
much easier to deal with normal log rotation methods.

As part of testing this I noticed that HUP and other items that come out
of command/server.go are going to stderr, which is where our normal log
lines go. This isn't so much problematic with our normal output but as
we officially move to supporting other formats this can cause
interleaving issues, so I moved those to stdout instead.
 2016-09-30 12:04:50 -07:00
Jeff Mitchell 16991d823e Bump deps 2016-09-30 09:50:46 -04:00
Jeff Mitchell 85315ff188 Rejig where the reload functions live 2016-09-30 00:07:22 -04:00
Jeff Mitchell 4a505bfa3e Update text around cubbyhole/response 2016-09-29 17:44:15 -04:00
Vishal Nayak 47796eac7e Merge pull request #1952 from stevenscg/stevenscg-docs-mysql-connection 
Docs/Website: MySQL config parameter should be "verify_connection"
 2016-09-29 15:25:38 -04:00
Chris Stevens 7a8fcfcf55 Docs/Website: MySQL config parameter "verify-connection" should be "verify_connection" 
The only instance of `verify-connection` I can find is on this docs page. The API style for parameters is underscores, so this one stands out.

The code for this and the other backends with similar connection verification features seem to use `verify_connection`.
 2016-09-29 14:05:47 -05:00
Jeff Mitchell 5657789627 Audit unwrapped response (#1950) 2016-09-29 12:03:47 -07:00
vishalnayak eb8f449a61 changelog++ 2016-09-29 11:43:48 -04:00
Vishal Nayak 4c74b646fe Merge pull request #1947 from hashicorp/secret-id-lookup-delete 
Introduce lookup and destroy endpoints for secret IDs and its accessors
 2016-09-29 10:19:54 -04:00
Jeff Mitchell abdfd3f161 changelog++ 2016-09-29 00:03:50 -04:00
Jeff Mitchell b45a481365 Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
vishalnayak 34e76f8b41 Added website docs for lookup and destroy APIs 2016-09-28 22:11:48 -04:00
vishalnayak d20819949c Make secret-id reading and deleting, a POST op instead of GET 2016-09-28 20:22:37 -04:00
Vishal Nayak c474af7d24 Merge pull request #1945 from zendesk/update_iam_documentation 
Update documentation for required AWS API permissions
 2016-09-28 19:53:52 -04:00
Michael S. Fischer 2dd1f584e6 Update documentation for required AWS API permissions 
In order for Vault to map IAM instance profiles to roles, Vault
must query the 'iam:GetInstanceProfile' API, so update the documentation
and help to include the additional permissions needed.
 2016-09-28 16:50:20 -07:00
Jeff Mitchell d432d3378c changelog++ 2016-09-28 19:08:04 -04:00
Jeff Mitchell f0203741ff Change default TTL from 30 to 32 to accommodate monthly operations (#1942) 2016-09-28 18:32:49 -04:00
vishalnayak a9976dca1c Remove a mistyped character 2016-09-28 18:30:49 -04:00
Vishal Nayak 5adfaa0d7d Merge pull request #1939 from hashicorp/secret-id-upgrade 
Respond secret_id_num_uses and deprecate SecretIDNumUses
 2016-09-28 18:16:07 -04:00
vishalnayak e9142f418a Added todo to remind removal of upgrade code 2016-09-28 18:17:13 -04:00
vishalnayak c5258234ca changelog++ 2016-09-28 18:15:01 -04:00
Vishal Nayak 69c57f843d Merge pull request #1943 from hashicorp/iam-bounds-prefix 
Check for prefix match instead of exact match for IAM bound parameters
 2016-09-28 18:11:53 -04:00
vishalnayak e01f99f042 Check for prefix match instead of exact match for IAM bound parameters 2016-09-28 18:08:28 -04:00
vishalnayak 21d9731286 Don't reset the deprecated value yet 2016-09-28 15:48:50 -04:00
Vishal Nayak ba5da65163 Merge pull request #1940 from chrishoffman/consul-doc 
Small consul doc fix
 2016-09-28 15:48:45 -04:00
vishalnayak a9c719b555 changelog++ 2016-09-28 15:41:53 -04:00
Vishal Nayak 4a30a6b4f8 Merge pull request #1913 from hashicorp/bound-iam-instance-profile-arn 
Proper naming for bound_iam_instance_profile_arn
 2016-09-28 15:34:56 -04:00
vishalnayak 31e450a175 Add some validation checks 2016-09-28 15:36:02 -04:00