Commit graph

154 commits

Author SHA1 Message Date
Pratyoy Mukhopadhyay 0819eac6a8
Update token renew docs (#12572)
* Update docs for token renew api and cli

* Clarify api docs for renew/renew-self

* Update wording around periodic tokens
2021-09-16 16:54:46 -07:00
divyapola5 30563097ea
Enforce minimum cache size for transit backend (#12418)
* Enforce Minimum cache size for transit backend

* enfore minimum cache size and log a warning during backend construction

* Update documentation for transit backend cache configuration

* Added changelog

* Addressed review feedback and added unit test

* Modify code in pathCacheConfigWrite to make use of the updated cache size

* Updated code to refresh cache size on transit backend without restart

* Update code to acquire read and write locks appropriately
2021-09-13 16:44:56 -05:00
John-Michael Faircloth 22c9be3835
identity: fix identity token introspect doc (#12531) 2021-09-10 11:41:32 -05:00
Mike Green d4656971b1
Add link to integrated storage docs page for learn tutorial (#12501)
* Help find the learn tutorial

* Add common API path header and move learn link

@ncabatoff suggestion
2021-09-09 09:51:45 -07:00
Theron Voran ed1088d81c
docs: k8s auth issuer lookup (#12506)
Moved the issuer discovery details to from the CSI docs to the K8s
auth docs.
2021-09-09 08:39:21 -07:00
Yoko Hyakuna 7c9b06da99
Fix isues 12397 (#12484) 2021-09-02 17:03:55 -07:00
Mike Green c04518044a
Clarify on overview page that audit is default replicated (#12298)
* Note that audit is replicated

* tweak

* clarify local is to the cluster, not only the node

* tweaking. i think this makes more sense
2021-09-01 13:53:01 -07:00
Nick Cabatoff 5f4f59f19c
Document some missing http status codes. (#12472) 2021-09-01 09:51:26 -04:00
Nick Cabatoff 8154cd2e4a
Add notes re dangers of identity write endpoints. (#12365) 2021-08-30 10:23:33 -04:00
Pratyoy Mukhopadhyay 8314a6a5f7
Update lease revocation api docs (#12453)
* Update lease revocation api docs

* Update lease_id description for lease renew endpoint
2021-08-27 14:44:16 -07:00
Chris Capurso 3f4a381f1b
Add kv custom key metadata (#12218)
* add custom-metdata flag to "kv metadata put" command

* add kv metadata put command test for custom-metadata flag

* add custom_metadata to kv-v2 api docs

* add custom_metadata to kv-v2 cli docs

* update go.mod

* Add custom metadata limits to docs

* add changelog entry

* update vault-plugin-secrets-kv to @master
2021-08-23 15:49:09 -04:00
Scott Miller 7fd2bdfa52
Fix a tokenization docs link fix (#12296)
* docs link typo

* Off by one relative dir
2021-08-18 13:44:25 -04:00
vinay-gopalan cf6932f5d5
[Docs] Add documentation for username_template feature in AWS Secrets Engine (#12310)
* add username_template docs

* remove backticks

* update default template to be readable

* undo markdown block

* add md block to render indents
2021-08-11 14:51:00 -07:00
hghaf099 f885d97774
VAULT-2285 adding capability to accept comma separated entries for au… (#12126)
* VAULT-2285 adding capability to accept comma separated entries for auth enable/tune

* Adding changelog

* Adding logic to detect invalid input parameter for auth enable config

* Updating tune.mdx

* Updating secret enable/tune for comma separated parameters

* Adding further parameter checks for auth/secret tests
Fixing changelog
using builtin type for a switch statement
Fixing a possible panic scenario

* Changing a function name, using deep.Equal instead of what reflect package provides

* Fixing auth/secret enable/tune mdx files

* One more mdx file fix

* Only when users provide a single comma separated string in a curl command, split the entries by commas

* Fixing API docs for auth/mount enable/tune for comma separated entries

* updating docs, removing an unnecessary switch case
2021-08-09 15:37:03 -04:00
Mike Green 46e327de4e
add visible note about being enterprise (#12216) 2021-07-30 13:00:33 -04:00
Pratyoy Mukhopadhyay 113b6885c3
[VAULT-2852] deprecate req counters in oss (#12197) 2021-07-29 10:21:40 -07:00
Mike Green 94689c9fe5
Update license.mdx (#10841)
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-07-28 11:50:30 -07:00
Mike Green ac37d0e5a9
Clarify sudo req'd for remount (#12139) 2021-07-22 16:09:26 -04:00
Nick Cabatoff 9a26209a9d
Fix a couple of broken links to api docs. (#12143)
* Fix a couple of broken links to api docs.

* Qualify deprecation.
2021-07-21 13:09:32 -07:00
Meggie 892545e41d
Document timeout setting for raft snapshots (#12140)
* Document timeout setting for raft snapshots

We don't usually put this kind of information in the documentation, but
we are aware that snapshots can be slow and I could see this message
saving someone a lot of time. Open to closing this PR though if we
definitely don't want this kind of documentation.

* Fixing link
2021-07-21 15:14:08 -04:00
Nick Cabatoff 9db6e16a2a
Document bootstrap API. (#12132) 2021-07-20 18:24:49 -04:00
Calvin Leung Huang 185905d110
docs: remove username_template until after Vault 1.8 (#12129) 2021-07-20 11:46:09 -07:00
vinay-gopalan 859b60cafc
[VAULT-1969] Add support for custom IAM usernames based on templates (#12066)
* add ability to customize IAM usernames based on templates

* add changelog

* remove unnecessary logs

* patch: add test for readConfig

* patch: add default STS Template

* patch: remove unnecessary if cases

* patch: add regex checks in username test

* patch: update genUsername to return an error instead of warnings

* patch: separate tests for default and custom templates

* patch: return truncate warning from genUsername and trigger a 400 response on errors

* patch: truncate midString to 42 chars in default template

* docs: add new username_template field to aws docs
2021-07-20 09:48:29 -07:00
Mike Green 53759228b0
Clarify token create policies behavior (#12106) 2021-07-15 18:13:58 -04:00
Yahya 476b293a85
docs: fix heading number in SSH (#12029) 2021-07-15 14:25:45 -07:00
Angel Garbarino 288bc28127
Clarify KV 2 API docs (#12086)
* initial draft of changes

* address pr comments and add changelog

* remove changelog
2021-07-15 13:09:12 -06:00
MilenaHC 7c6f775798
updating API docs for InfluxDB (#12063) 2021-07-13 16:08:52 -05:00
Yong Wen Chua 7ea650bc06
Update Documentation for GCP Static Account (#12027)
* Update API Docs for Static Account

* Update CHANGELOGs

* Update guide

* Clarify IAM

* More refinement

* Fix missing replace of roleset while copy/pasting

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Remove CHANGELOG

* Fix some double ticks

* Apply suggestions from code review

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Update examples

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2021-07-13 09:36:05 -07:00
MilenaHC 3c3b6529fd
Redshift - Add username customization (#12016)
* username customization for redshift

* adding changelog and updating api-docs
2021-07-08 10:29:12 -05:00
MilenaHC 4430a11bc5
Update SnowflakeDB plugin to v0.2.0 (#11997)
* update snowflake database plugin to v0.2.0

* add changelog

* update api-docs
2021-07-06 13:23:03 -05:00
John-Michael Faircloth 1da8bb0a25
MongoDB Atlas: Add username customization docs (#11943)
* MongoDB Atlas: Add username customization docs

* add changelog

* remove changelog; it was added to the relevant go.mod update PR
2021-07-06 08:24:23 -05:00
Austin Gebauer b34e24fa64
docs: AWS KMS updates for key management secrets engine (#11958) 2021-06-29 10:31:25 -07:00
MilenaHC 02d45f3a66
Update ElasticSearch DB plugin to v0.8.0 (#11957)
* update elasticsearch database plugin to v0.8.0

* add changelog

* update api-docs
2021-06-29 08:07:00 -05:00
Jason O'Donnell b2c9b3c344
plugins/ad: Add rotate-role endpoint (#11942)
* plugins/ad: add rotate-role

* Add doc

* changelog

* Add note about rotate-role in overview
2021-06-25 14:00:03 -04:00
mr-miles 9e031b5766
Mongo doesnt allow periods in usernames (#11872)
* mongo doesnt allow periods in usernames

* Update mongodb.mdx

Update template in docs

* Move replace to the end

* Adding a test for dot replacement

* Create 11872.txt
2021-06-24 13:26:31 -04:00
Austin Gebauer 920b75540e
docs: corrects json and issuer for identity tokens (#11924) 2021-06-23 09:04:23 -07:00
MilenaHC 5483eba5fc
RabbitMQ - Add username customization (#11899)
* add username customization for rabbitmq

* add changelog for rabbitmq

* Update builtin/logical/rabbitmq/path_config_connection.go

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* updating API docs

* moved to changelog folder

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-06-22 14:50:46 -05:00
Michael Golowka 7f6a1739a3
Cassandra: Refactor PEM parsing logic (#11861)
* Refactor TLS parsing

The ParsePEMBundle and ParsePKIJSON functions in the certutil package assumes
both a client certificate and a custom CA are specified. Cassandra needs to
allow for either a client certificate, a custom CA, or both. This revamps the
parsing of pem_json and pem_bundle to accomodate for any of these configurations
2021-06-21 11:38:08 -06:00
Nick Cabatoff 515f41558d
Docs for license autoloading. (#11886) 2021-06-18 12:19:18 -04:00
Marco Rieger 41d0b57498
Docs: Add Mittwald Vault Libraries (#9402) 2021-06-11 11:11:01 -07:00
pjaudiomv 34a28d592e
sts is PUT/POST request (#11681)
* sts is PUT/POST request

add changelog

* rebase, rm uneeded changelog
2021-06-11 12:58:39 -04:00
Jason O'Donnell 36cc4d8e87
db/cassandra: Adding changelog and documentation (#11822)
* db/cassandra: add tls_server_name

* Remove changes from deprecated engine

* Add changelog and doc
2021-06-10 19:06:40 -04:00
Michael Golowka 38ad0a4ac9
database/cassandra: Docs: Add known issue warning to pem_bundle field (#11823) 2021-06-10 17:04:12 -06:00
Maha Sharabinth 57cf0a8a4e
Password policies: Fix link from API docs to password policy syntax (#11755)
Fixed the issue with the URL link for the Password Policy Syntax.
2021-06-08 11:50:15 -06:00
Jason O'Donnell f1d88b8c58
Docs: clarify purposes in KMS for aws (#11782) 2021-06-07 13:45:14 -04:00
Josh Black c6c0424a8e
OSS parts of sys/config/reload/license (#11695) 2021-06-03 10:30:30 -07:00
Anand Capur 9c0c0eb7e5
Update index.mdx (#11753) 2021-06-02 16:20:32 -07:00
Kendall Strautman a9c9bb3cde
chore: upgrades text-split-with-logo-grid (#11750)
* chore: upgrades `text-split-with-logo-grid` and implementations

* fix: formatting docs page
2021-06-02 14:01:05 -04:00
swayne275 9724f59180
Vault 1979: Query API for Irrevocable Leases (#11607)
* build out lease count (not fully working), start lease list

* build out irrevocable lease list

* bookkeeping

* test irrevocable lease counts for API/CLI

* fix listIrrevocableLeases, test listIrrevocableLeases, cleanup

* test expiration API limit

* namespace tweaks, test force flag on lease list

* integration test leases/count API, plenty of fixes and improvements

* test lease list API, fixes and improvements

* test force flag for irrevocable lease list API

* i guess this wasn't saved on the last refactor...

* fixes and improvements found during my review

* better test error msg

* Update vault/logical_system_paths.go

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update vault/logical_system_paths.go

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* return warning with data if more than default leases to list without force flag

* make api doc more generalized

* list leases in general, not by mount point

* change force flag to include_large_results

* sort leases by LeaseID for consistent API response

* switch from bool flag for API limit to string value

* sort first by leaseID, then stable sort by expiration

* move some utils to be in oss and ent

* improve sort efficiency for API response

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-06-02 10:11:30 -06:00
Baljeet Singh daaec9bdee
Fixing issue with FPE read and delete api docs (#11735)
Read and Delete FPE api-docs point to path `/transform/transformations/:name` instead it should be `/transform/transformation/:name`
2021-06-01 17:56:26 -05:00
Scott Miller cff7a2c589
Clarify the accuracy of estimated encryption counts wrt cluster nodes (#11561) 2021-05-27 12:30:47 -05:00
Vishal Nayak 549f1c7917
Minor fix to the docs (#11489) 2021-05-17 16:35:52 -04:00
Ricardo Cardenas d02a20bd2b
feat(aws): add ability to provide a role session name when generating STS credentials (#11345)
* feat(aws): add ability to provide a sessionName to sts credentials

Co-authored-by: Brad Vernon <bvernon@nvidia.com>
Co-authored-by: Jim Kalafut <jim@kalafut.net>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-05-17 11:03:09 -07:00
Josh Black 641a81b74b
Provide a new API endpoint for retrieving signed licenses (#11543) 2021-05-12 12:19:25 -07:00
Austin Gebauer 872a4bd25f
Update GCP auth docs for signJwt transition to Service Account Credentials API (#11568) 2021-05-11 16:57:12 -07:00
Daniela Lavric 48ce69057e
Docs - auth username characters (#11558)
Document acceptable chars for usernames.
2021-05-07 08:17:51 -04:00
Nick Cabatoff 67374ba14d
Document the sync option for revoke/revoke-prefix. (#11538) 2021-05-06 10:18:46 -04:00
Michael Golowka 29d91d09ff
Add note about root_rotation_statements workaround for special chars (#11378) 2021-04-21 12:58:48 -07:00
Nick Cabatoff a62202eb87
Document unauth pprof and the new pprof endpoints. (#11413) 2021-04-21 15:21:59 -04:00
Austin Gebauer 81744c4094
Updates docs for G Suite config in JWT/OIDC auth method (#11418) 2021-04-21 10:59:37 -07:00
claire bontempo 1f6633fd56
Grammar typo fix (#11357)
* fixes are/is typo

* reverts change - need to checkout to new branch

* fixes is/are typo
2021-04-20 10:11:35 -05:00
Calvin Leung Huang a8cafab083
pki: fix tidy removal on revoked entries (#11367)
* pki: fix tidy removal on revoked entries

* add CL entry
2021-04-19 09:40:40 -07:00
Nick Cabatoff 50a471a5e1
Add config docs for leader_tls_servername. (#11369) 2021-04-16 09:40:42 -04:00
Nick Cabatoff 4312c2381e
Clarify non-explicit cloud auth for autosnapshots. (#11370) 2021-04-16 09:14:52 -04:00
Andreas Gruhler 5c35d55b2f
replace reference to version 1.6.4 with 1.7 (#11223)
Co-authored-by: Scott Miller <smiller@hashicorp.com>
2021-04-07 16:39:59 -05:00
Bryce Kalow b76a56d40c
feat(website): migrates nav data format and updates docs pages (#11242)
* migrates nav data format and updates docs pages

* removes sidebar_title from content files
2021-04-06 13:49:04 -04:00
Meggie 8898f84a1e
No version reference here (#11237) 2021-03-30 11:44:47 -04:00
Baljeet Singh 646bddd89a
update transform.mdx (#11105)
Typo on path of creating/updating transformation in api docs. 
Fixed by updating `transform/transformation` to `transform/transformations`
2021-03-24 20:10:27 -05:00
Vishal Nayak 2c161a6f6b
Autopilot Docs (#11167) 2021-03-24 10:29:10 -04:00
Austin Gebauer 1eee383ecf
Updates documentation for key management secrets engine (#11172) 2021-03-23 14:14:25 -07:00
Jim Kalafut a9dfaeb765
Update AWS Auth docs for deprecated terms and endpoints (#11146) 2021-03-22 14:15:19 -07:00
Vishal Nayak 04876c05fe
Update raft api docs (#10893)
* Update raft api docs

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-03-20 00:46:08 -04:00
Scott Miller 689dd3722f
Document mysql (#11112)
* Document MySQL

* Document snapshot, restore, and export-decoded (#11110)

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Add parseTime note

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-03-19 10:34:41 -05:00
Scott Miller 535bcf289e
Fix handling of minimum operations, and forward rotate/config requests to Primary (#11116)
* Boost max_operations to the greater of that specified or absoluteMinOperations

* Forward rotation config requests to the primary

* Reject rotation configs outside the min/max range

* Minor wording fix
2021-03-18 15:08:47 -05:00
Hridoy Roy 261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] (#10921)
* first docs pass

* filled in read output

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes
2021-03-17 14:29:13 -07:00
Brad 266582628a
Add missing option to raft storage docs (#11041) 2021-03-17 17:25:28 -04:00
Andy Assareh 4ce8896b29
Add note that static role is rotated upon creation (#11126)
It does not appear to be documented that Vault must rotate the password upon static role creation in order to know the password, as it is not provided.
2021-03-17 11:27:04 -05:00
Austin Gebauer f5e7c2d9a8
Updates docs for jwt_supported_algs in JWT/OIDC auth method (#11115) 2021-03-16 14:17:53 -07:00
swayne275 d74f82346b
Add Partial Month Client Count API for Activity Log (#11022)
* sketch out partial month activity log client API

* unit test partialMonthClientCount

* cleanup api

* add api doc, fix test, update api nomenclature to match existing

* cleanup

* add PR changelog file

* integration test for API

* report entities and tokens separately
2021-03-01 16:15:59 -07:00
Brian Kassouf 1bc410783d OSS/ENT Drift 2021-03-01 10:51:04 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027)
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Lauren Voswinkel 075898cf73
Add IAM tagging support for iam_user roles in AWS secret engine (#10953)
* Added support for iam_tags for AWS secret roles

This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
2021-02-25 16:03:24 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823)
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Austin Gebauer 0017b78919
Adds API docs for max_age role parameter of JWT/OIDC auth method (#10916) 2021-02-19 13:39:58 -08:00
Tom Proctor 5f9891f992
auth/kubernetes docs: Correct default issuer (#10900)
As per 207d1b4c1c/path_login.go (L24), the default issuer when none is set is `kubernetes/serviceaccount`.
2021-02-11 15:26:34 +00:00
Vishal Nayak 53cb1deb38
Revert "Read-replica instead of non-voter (#10875)" (#10890)
This reverts commit fc745670cf34821f5834357d9caebc3351dbc1e7.
2021-02-10 16:41:58 -05:00
Vishal Nayak a2394e7353
Read-replica instead of non-voter (#10875) 2021-02-10 09:58:18 -05:00
jonZlotnik 541079dec3
both serviceaccount and namespace can be splat (#10829)
Needs to be changed in the docs.
Please see commit 70bc47384bedfc895d08d1df17a45b0c4ea8b6de
2021-02-09 11:14:13 -08:00
Scott Miller ad1621dd5f
Add documentation about the horizontal cluster scalability of PKI secret engine operations (#10745)
* Add documentation about the horizontal cluster scalability of PKI secret engine operations

* Mention generate_lease

* cluster terminology

* Discuss generate_lease

* active again

* One more go
2021-02-09 11:00:24 -06:00
Michael Golowka aaa51e975f
Add docs for OpenLDAP dynamic secrets (#10817) 2021-02-05 10:49:29 -07:00
Calvin Leung Huang b1c4b86d7f
approle: add ttl to the secret ID generation response (#10826)
* approle: add ttl to the secret ID generation response

* approle: move TTL derivation into helper func

* changelog: add changelog entry

* docs: update approle docs and api-docs pages
2021-02-03 16:32:16 -08:00
Mark Gritter 3ec15c4927
Fix use of identity/group endpoint to edit group by name (#10812)
* Updates identity/group to allow updating a group by name (#10223)
* Now that lookup by name is outside handleGroupUpdateCommon, do not
use the second name lookup as the object to update.
* Added changelog.

Co-authored-by: dr-db <25711615+dr-db@users.noreply.github.com>
2021-01-29 16:50:08 -06:00
Mike Green 588ce498d3
clarify space limits in bytes (#10811) 2021-01-29 14:43:48 -05:00
Nick Cabatoff 936ce3ba62
Document identity behaviour on local auth mounts. (#10805) 2021-01-28 11:45:53 -05:00
Hridoy Roy 537189cab8
make token create case insensitive [VAULT-1021] (#10743)
* make token create case insensitive

* changelog

* comment update
2021-01-27 09:56:54 -08:00
Hridoy Roy d1241b5286
changelog for entropy augmentation PR [VAULT-1179] (#10755)
* changelog for entropy augmentation

* docs upgrade

* docs upgrade

* docs upgrade

* docs upgrade
2021-01-26 21:06:38 -08:00
Mike Green b0d5660765
Clarify slash is needed on gcs and azure (#10710)
Clarify user question, unexpected behavior with no slash on gcs.
2021-01-21 12:32:24 -05:00
Lauren Voswinkel 086e8bbb74
Updates api-docs for static role deletion (#10736)
We now specify that the user will remain unless cleaned up manually
2021-01-20 12:57:00 -08:00