Jeff Mitchell
890c19312f
Update path help for approle secret id TTL
2016-11-15 11:50:51 -05:00
Daniel Somerfield
637414a623
Added support for individual user policy mapping in github auth backend. ( #2079 )
2016-11-10 16:21:14 -05:00
vascop
ba3dc07bb3
Fix typo and remove trailing whitespace. ( #2074 )
2016-11-08 09:32:23 -05:00
Jeff Mitchell
aa68041231
Fix GitHub tests
2016-11-08 07:13:42 -05:00
Glenn McAllister
50c8af0515
Add ldap tls_max_version config ( #2060 )
2016-11-07 13:43:39 -05:00
Jeff Mitchell
26fa2655b1
Add listing to Consul secret roles ( #2065 )
2016-11-04 12:35:16 -04:00
vishalnayak
65f0ce8ca3
Remove the sanity check which is not proving to be useful
2016-10-27 19:11:26 -04:00
vishalnayak
dc93e57cf1
Return the revocation_sql from role read all the time
2016-10-27 12:24:31 -04:00
vishalnayak
e0fb8c17ce
Added revocation_sql to the website docs
2016-10-27 12:15:08 -04:00
vishalnayak
c14a6c8666
Move policy test to keysutil package
2016-10-26 19:57:28 -04:00
vishalnayak
6d1e1a3ba5
Pulled out transit's lock manager and policy structs into a helper
2016-10-26 19:52:31 -04:00
Vishal Nayak
79d45355c8
Merge pull request #2004 from hashicorp/role-id-update
...
Fix regression caused by not creating a role_id secondary index
2016-10-26 16:29:46 -04:00
vishalnayak
931c96d1ba
ssh: Use temporary file to store the identity file
2016-10-18 12:50:12 -04:00
Vishal Nayak
6dd560d9c6
Merge pull request #2005 from hashicorp/dedup-ldap-policies
...
Deduplicate the policies in ldap backend
2016-10-18 10:42:11 -04:00
Chris Hoffman
4b6e82afcb
Add ability to list keys in transit backend ( #1987 )
2016-10-18 10:13:01 -04:00
vishalnayak
2ce8bc95eb
Deduplicate the policies in ldap backend
2016-10-14 17:20:50 -04:00
vishalnayak
1487dce475
Fix regression caused by not creating a role_id secondary index
2016-10-14 12:56:29 -04:00
Laura Bennett
dcf44a8fc7
Merge pull request #1980 from hashicorp/audit-update
...
Audit file update
2016-10-10 14:34:53 -04:00
Laura Bennett
0da9d1ac0c
test updates to address feedback
2016-10-10 12:58:30 -04:00
Laura Bennett
5ce9737eb4
address feedback
2016-10-10 12:16:55 -04:00
Laura Bennett
962a383bfb
address latest feedback
2016-10-10 11:58:26 -04:00
Laura Bennett
290ccee990
minor fix
2016-10-10 10:05:36 -04:00
Laura Bennett
9fc5a37e84
address feedback
2016-10-09 22:23:30 -04:00
Laura Bennett
05519a1267
adding unit tests for file mode
2016-10-09 00:33:24 -04:00
Laura Bennett
e5a7e3d6cb
initial commit to fix empty consistency option issue
2016-10-08 20:22:26 -04:00
Laura Bennett
1b8d12fe82
changes for 'mode'
2016-10-08 19:52:49 -04:00
Laura Bennett
60ceea5532
initial commit for adding audit file permission changes
2016-10-07 15:09:32 -04:00
Michael S. Fischer
c45ab41b39
Update aws-ec2 configuration help
...
Updated to reflect enhanced functionality and clarify necessary
permissions.
2016-10-05 12:40:58 -07:00
Jeff Mitchell
70a9fc47b4
Don't use quoted identifier for the username
2016-10-05 14:31:19 -04:00
Jeff Mitchell
7f9a88d8db
Postgres revocation sql, beta mode ( #1972 )
2016-10-05 13:52:59 -04:00
vishalnayak
de5dec6b15
Refactor mysql's revoke SQL
2016-10-04 19:30:25 -04:00
Vishal Nayak
1ab7023483
Merge pull request #1914 from jpweber/mysql-revoke
...
Mysql revoke with non-wildcard hosts
2016-10-04 17:44:15 -04:00
Jim Weber
87f206b536
removed an unused ok variable. Added warning and force use for default queries if role is nil
2016-10-04 17:15:29 -04:00
vishalnayak
0f8c132ede
Minor doc updates
2016-10-04 15:46:09 -04:00
vishalnayak
2e1aa80f31
Address review feedback 2
2016-10-04 15:30:42 -04:00
vishalnayak
59475d7f14
Address review feedback
2016-10-04 15:05:44 -04:00
Jim Weber
cc38f3253a
fixed an incorrect assignment
2016-10-03 21:51:40 -04:00
vishalnayak
348a09e05f
Add only relevant certificates
2016-10-03 20:34:28 -04:00
vishalnayak
dbd364453e
aws-ec2 config endpoints support type option to distinguish certs
2016-10-03 20:25:07 -04:00
Jim Weber
ac78ddc178
More resilient around cases of missing role names and using the default when needed.
2016-10-03 20:20:00 -04:00
vishalnayak
b105f8ccf3
Authenticate aws-ec2 instances using identity document and its RSA signature
2016-10-03 18:57:41 -04:00
Jim Weber
0a7f1089ca
Refactored logic some to make sure we can always fall back to default revoke statments
...
Changed rolename to role
made default sql revoke statments a const
2016-10-03 15:59:56 -04:00
Jim Weber
704fccaf2e
fixed some more issues I had with the tests.
2016-10-03 15:58:09 -04:00
Jim Weber
a2d6624a69
renamed rolname to role
2016-10-03 15:57:47 -04:00
Jim Weber
bfb0c2d3ff
Reduced duplicated code and fixed comments and simple variable name mistakes
2016-10-03 14:53:05 -04:00
Jim Weber
bb70ecc5a7
Added test for revoking mysql user with wild card host and non-wildcard host
2016-10-02 22:28:54 -04:00
Jim Weber
dbb00534d9
saving role name to the Secret Internal data. Default revoke query added
...
The rolename is now saved to the secret internal data for fetching
later during the user revocation process. No longer deriving the role
name from request path
Added support for default revoke SQL statements that will provide the
same functionality as before. If not revoke SQL statements are provided
the default statements are used.
Cleaned up personal ignores from the .gitignore file
2016-10-02 18:53:16 -04:00
Jeff Mitchell
6d00f0c483
Adds HUP support for audit log files to close and reopen. ( #1953 )
...
Adds HUP support for audit log files to close and reopen. This makes it
much easier to deal with normal log rotation methods.
As part of testing this I noticed that HUP and other items that come out
of command/server.go are going to stderr, which is where our normal log
lines go. This isn't so much problematic with our normal output but as
we officially move to supporting other formats this can cause
interleaving issues, so I moved those to stdout instead.
2016-09-30 12:04:50 -07:00
Vishal Nayak
4c74b646fe
Merge pull request #1947 from hashicorp/secret-id-lookup-delete
...
Introduce lookup and destroy endpoints for secret IDs and its accessors
2016-09-29 10:19:54 -04:00
vishalnayak
34e76f8b41
Added website docs for lookup and destroy APIs
2016-09-28 22:11:48 -04:00