Commit graph

2509 commits

Author SHA1 Message Date
Juan Fontes cb08ec433b Update aws docs (#6408) 2019-03-13 17:31:22 -07:00
Jeff Mitchell 8c8553b065 Add a bit on testing upgrades in advance 2019-03-09 11:57:51 -05:00
Jeff Mitchell d2beb6e312 Update login command docs 2019-03-08 15:37:38 -05:00
Jeff Escalante 42acb433e6 correct quotes in docs layout (#6368) 2019-03-07 17:00:24 -08:00
Yoko e795a244b3 policy capabilities: write --> update (#6373) 2019-03-07 16:34:47 -05:00
Alessandro De Blasis 4b7f595b4c docs: pki - adding missing ext_key_usage_oids desc (#6367)
Adding missing entries

Just copied over the FieldSchema descriptions
2019-03-07 14:07:10 -05:00
Eero Niemi 1238545276 Fixed typo (#6363)
Fixed typo, rolset -> roleset
2019-03-07 09:50:13 -05:00
Becca Petrin 54c70efd88
update path for mounting plugin (#6351) 2019-03-06 15:57:03 -08:00
Calvin Leung Huang 66734fb03c
docs/agent-caching: update cache-clear endpoint (#6354) 2019-03-06 11:13:43 -08:00
Becca Petrin 1c34a1d21e
update partnership doc (#6352) 2019-03-06 10:27:12 -08:00
Calvin Leung Huang 0ebce62537 docs/agent-caching: add note about compatibility with older server versions 2019-03-05 14:12:04 -08:00
Vishal Nayak d0b9454518
Agent Cache doc updates (#6331)
* Agent Cache doc updates

* doc update

* Add renewal management section

* doc updates

* paraphrase the orphan token case
2019-03-05 15:19:52 -05:00
Vishal Nayak d8f39d54c9
Change agent's port to 8007 (#6348) 2019-03-05 12:57:17 -05:00
Jim Kalafut 1274a8d3d4
Update JWT plugin dependency and docs (#6345) 2019-03-05 09:46:04 -08:00
Becca Petrin 1909b20217 merge master 2019-03-05 09:39:53 -08:00
Chris Hoffman 8a57b90b47
Transit Auto Seal Docs (#6332)
* adding transit seal docs

* add missing backtick
2019-03-05 08:45:44 -05:00
Jim Kalafut a34099b9bb
Use HashTypeMap and remove structs in batch HMAC (#6334) 2019-03-04 14:49:29 -08:00
martinwaite 04c174214c Batch hmac - (#5850) (#5875) 2019-03-04 12:26:20 -08:00
Naoki Ainoya 7b395315dd fix doc to add missing permission to use gcpkms seal (#6327) 2019-03-04 11:46:06 -05:00
Jeff Mitchell d71b0e7b10
Add missing consistency param in docs for Cassandra in combined DB (#6330) 2019-03-04 10:21:33 -05:00
Becca Petrin 5dbd09cf2f
Merge pull request #6250 from chrissphinx/patch-1
fix example that was out-of-date
2019-02-28 10:28:24 -08:00
Becca Petrin 76f42975d6
Merge pull request #6251 from paulftw/patch-1
[Documentation] Update secrets-engines.html.md
2019-02-28 10:09:29 -08:00
Becca Petrin 4ecaa1b597
Merge pull request #6304 from bradjones1/patch-2
RabbitMQ 'vhost' parameter on roles endpoint should be 'vhosts'
2019-02-28 10:03:47 -08:00
Becca Petrin 7b4a184a52
Merge pull request #6224 from hashicorp/dp.fix-consul-storage-doc-6171
Fix example in documentation. Resolves [issue 6171]
2019-02-28 09:55:55 -08:00
Becca Petrin 4cf21cda87
Merge pull request #6221 from emilymye/website
Remove unsupported config delete for GCP auth docs
2019-02-28 09:52:52 -08:00
Becca Petrin 5829774e91
Support env vars for STS region (#6284) 2019-02-28 09:31:06 -08:00
Andrey Kuzmin b496fea4ad Etcd timeouts (#6285)
* Configurable lock and request etcd timeouts.

If etcd cluster placed on slow servers - request timeouts may be much greater, then hardcoded default values.
Also, in etcd setup, like above - may be need to greater lock timeout.

* Configurable lock and request etcd timeouts.

Docs.

* Use user friendly timeout syntax.

To allow specify more readable time values.
2019-02-27 18:34:29 -08:00
Anton R. Yuste 4120aa2da0 Specify the userpass name creating the alias entity (#6289) 2019-02-27 18:28:33 -08:00
Jon Currey e9891013b3 Fix typo on Seal page of concepts docs (#6290) 2019-02-27 18:27:36 -08:00
John O'Sullivan 62f454c972 Documenting -dev-plugin-dir vault server option (#6307)
Based on an answer from Brian Kassouf on the Google Group: https://groups.google.com/d/msg/vault-tool/7Qf9Hn1w3jA/yGUIKZxHGAAJ
2019-02-27 18:24:49 -08:00
Brad Jones da99b6d088
RabbitMQ 'vhost' parameter on roles endpoint should be 'vhosts'
In deploying this, I noted that passing `vhost` was unsuccessful, yet `vhosts` is.
2019-02-27 15:19:54 -07:00
vishalnayak 1d16601b7f Agent caching docs superscript beta 2019-02-26 10:36:24 -05:00
vishalnayak dee2e1797d Add Beta superscript to caching docs 2019-02-26 10:28:55 -05:00
vishalnayak 2ab27e6087 Agent doc update for beta testers 2019-02-26 10:20:55 -05:00
vishalnayak f04b4d1668 Change agent's default port number to 8100 2019-02-26 10:02:12 -05:00
Calvin Leung Huang 5b5ec851c7 Agent caching docs (#6272)
* WIP agent caching docs

* More docs updates

* Add caching/index.html to docs_detailed_categories.yml

* Some more docs updates

* Some more docs updates

* updates

* address review feedback

* fix sample config

* Update website/source/docs/agent/caching/index.html.md

Co-Authored-By: calvn <cleung2010@gmail.com>

* fix config for sidebar display

* Add environment variable to the docs
2019-02-26 09:57:17 -05:00
Jim Kalafut 9bac5158cd
Update JWT docs for OIDC feature (#6270) 2019-02-21 17:06:23 -08:00
Becca Petrin 81cfa79d02 add note about sts region to doc 2019-02-21 16:57:52 -08:00
Chris Hoffman 481c38c7d0
adding 1.1 upgrade docs (#6279) 2019-02-21 17:41:06 -05:00
Becca Petrin 65b8ad9187 allow aws region in cli login 2019-02-20 16:43:21 -08:00
Paul Korzhyk acb97878b4
Update secrets-engines.html.md
That sentence sounds weird to me. I think this way is better.
2019-02-17 12:35:20 +02:00
chrissphinx fda98fdb4a
fix example that was out-of-date
showing how to allow users auth'd with userpass method to modify their own passwords
2019-02-16 14:04:05 -05:00
dp-h e8bc0e7ab2 Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]"
This reverts commit 7726fdd1aaf7848dc5af9d4867e76bd1588f7bac.

Revert to go through proper PR. Apologies.
2019-02-14 13:40:17 -07:00
Dan Brown 8cf24e8551 Docs EA update 1.0 (#6219)
* Confirm RA against Vault 1.0

Change product_version frontmatter to ea_version and increase to 1.0

* Update frontmatter key

Change product_version frontmatter to ea_version
2019-02-13 10:06:54 -05:00
Brian Shumate c7ceffba30 Update configuration/listener documentation (#6228)
- Clarify that PROXY protocol version 1 is currently supported
- Add missing backtick to fix formatting issue
2019-02-13 09:27:05 -05:00
dp-h 72880b965a Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 17:05:31 -07:00
dominic ed6d45eece Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]"
This reverts commit b275f2a1e6d74400bb3cf702d1e03c90d31624cb.

Pushed to master, my apologies. Will do proper PR for this.
2019-02-12 16:49:34 -07:00
dominic f11a29d13c Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 16:47:17 -07:00
Emily Ye 79c8f05dee remove unsupported config delete docs 2019-02-12 13:48:30 -08:00
vishalnayak 8a6cd92f85 Update transit docs 2019-02-12 14:27:17 -05:00
Sean Carolan 58ba07f666 Make this easier for new users (#6211) 2019-02-11 17:34:22 -05:00
Clint 0db43e697b Add signed key constraints to SSH CA [continued] (#6030)
* Adds the ability to enforce particular ssh key types and minimum key
lengths when using Signed SSH Certificates via the SSH Secret Engine.
2019-02-11 13:03:26 -05:00
Andrej van der Zee 604e8dd0f0 Added socket keep alive option to Cassandra plugin. (#6201) 2019-02-10 18:34:50 -05:00
Michel Vocks 1ddd194c28 Added missing backslash in iam identity guide (#6193) 2019-02-08 09:56:36 -08:00
Brian Nuszkowski 707c6d1813 Add SHA1 signing/verification support to transit engine (#6037)
* Add SHA1 signing/verification support to transit engine

* Update signing/verification endpoint documentation to include sha1 hash algorithm
2019-02-07 15:31:31 -08:00
Graham Land 13e60dbb40 Add Vault supported log levels (#6185)
Documentation : Add the supported log level configurations

`Supported log levels: Trace, Debug, Error, Warn, Info.`
2019-02-07 11:27:08 -08:00
Martins Sipenko ea56be1e69 Fix section heading size (#6137) 2019-02-07 11:18:58 -08:00
Eero Niemi f9cb767d9c Fixed typo (newtwork -> network) (#6177) 2019-02-07 13:06:38 -05:00
Jeff Mitchell ea61e8fbec Remove refresh_interval from kvv1 API docs and CLI docs since kv get doesn't use it 2019-02-06 21:51:08 -05:00
Aidan Daniels-Soles 39893a1e15 Fix wrong file name in service definition (#6174) 2019-02-06 15:43:03 -05:00
d 97a73d6bf8 Revert "fixed trailing slash in consul.html.md example"
This reverts commit 4310bb58c83285ebd9cfcb302b70d1db432a11e2.

Accidental push to master, my apologies. See PR https://github.com/hashicorp/vault/pull/6175
2019-02-05 17:42:15 -07:00
Dominic Porreco 778e6add49 fixed trailing slash in consul.html.md example 2019-02-05 17:01:39 -07:00
Jeff Mitchell 5f249d4005
Add allowed_response_headers (#6115) 2019-02-05 16:02:15 -05:00
Aidan Daniels-Soles 86f096449b Replace special hyphen (#6165) 2019-02-05 10:48:26 -08:00
Brian Shumate 18c8f390f9 Update AppRole API docs (#6047)
- Use consistent "Create/Update" heading text style
2019-02-04 11:17:16 -05:00
nickwales e2429522fa Removed typo (#6162) 2019-02-04 11:13:37 -05:00
Matthew Potter 5e374d5cd1 Add libvault to the list of elixir libraries (#6158) 2019-02-04 11:12:29 -05:00
Yoko a9392f9840
Adding a mention for 'kv-v2' as type (#6151) 2019-02-01 11:26:08 -08:00
Jeff Mitchell adccccae69 Update example output for PKI serial -> serial_number
Fixes #6146
2019-02-01 10:29:34 -05:00
Jeff Mitchell b2cc9ebd3a Remove regenerate-key docs as it no longer exists 2019-02-01 09:29:40 -05:00
Jeff Mitchell 47accf8086 Add role_id as an alias name source for AWS and change the defaults 2019-01-30 15:51:45 -05:00
Donald Guy 4363453017 Docs: Azure auth example using metadata service (#6124)
There are probably better ways to massage this but I think it would be helpful to have something like this included
2019-01-30 12:13:39 -08:00
Brian Shumate 2337df4b2b Update documentation for command operator unseal (#6117)
- Add migrate command option
2019-01-28 10:27:51 -05:00
Gordon Shankman cd2f7bbde8 Adding support for SSE in the S3 storage backend. (#5996) 2019-01-26 16:48:08 -05:00
Calvin Leung Huang 34af3daeb0 docs: update agent sample config (#6096) 2019-01-24 07:25:03 -05:00
Jeff Mitchell 3f1a7d4fdd
Update to latest etcd and use the new repository packages (#6087)
This will be necessary for go mod work

Additionally, the srv api has changed. This adapts to it.
2019-01-23 14:35:03 -05:00
Jeff Mitchell 5e126f6de8
Implement JWS-compatible signature marshaling (#6077)
This currently only applies to ECDSA signatures, and is a toggleable
option.
2019-01-23 12:31:34 -05:00
gitirabassi 1aaacda3ec small fixes to docs and indexes 2019-01-18 02:14:57 +01:00
Jim Kalafut 0f2fcfb6f1
Update JWT docs with new jwt_supported_algs parameter (#6069) 2019-01-17 15:27:20 -08:00
Yoko e5c6b421e0 Fixed the broken link (#6052)
* Fixed the broken link

* Fixing the broken link

* Fixes redirect to Tokens guide

The separate redirect within learn.hashicorp.com will be fixed on its own repo.
2019-01-16 17:06:28 -08:00
Yoko e09f058ada
Adding the CLI flag placement info (#6027)
* Adding the CLI flag placement info

* Adding the definition of 'options' and 'args'

* tweaked the wording a little bit

* Added more description in the example

* Added a link to 'Flags' in the doc for options def
2019-01-15 11:24:50 -08:00
Jim Kalafut 960eb45014
Remove unnecessary permission 2019-01-10 16:18:10 -08:00
Seth Vargo e726f13957 Simplify permission requirements for GCP things (#6012) 2019-01-10 10:05:21 -08:00
Dilan Bellinghoven f9dacbf221 Add docker-credential-vault-login to Third-Party Tools (#6003)
* Added Docker credential helper to list of Third-Party tools

* website/source/api/relatedtools.html.md: Fixed a typo
2019-01-10 10:46:18 -05:00
Yoko 9a4de34dce Allowed characters in paths (#6015) 2019-01-10 10:39:20 -05:00
Vishal Nayak 0c30f46587
Add option to configure ec2_alias values (#5846)
* Add option to configure ec2_alias values

* Doc updates

* Fix overwriting of previous config value

* s/configEntry/config

* Fix formatting

* Address review feedback

* Address review feedback
2019-01-09 18:28:29 -05:00
Yoko 0a97f95ff4
Document upper limit on Transit encryption size (#6014) 2019-01-08 17:57:43 -08:00
Giacomo Tirabassi 0d3845c537 Influxdb secret engine built-in plugin (#5924)
* intial work for influxdb secret plugin

* fixed typo

* added comment

* added documentation

* added tests

* fixed tests

* added vendoring

* minor testing issue with hardcoded values

* minor fixes
2019-01-08 17:26:16 -08:00
Julien Blache 91d432fc85 FoundationDB backend TLS support and housekeeping (#5800)
* Fix typo in documentation

* Update fdb-go-install.sh for new release tags

* Exclude FoundationDB bindings from vendoring, delete vendored copy

FoundationDB bindings are tightly coupled to the server version and
client library version used in a specific deployment. Bindings need
to be installed using the fdb-go-install.sh script, as documented in
the foundationdb backend documentation.

* Add TLS support to FoundationDB backend

TLS support appeared in FoundationDB 5.2.4, raising the minimum API version
for TLS-aware FoundationDB code to 520.

* Update documentation for FoundationDB TLS support
2019-01-08 09:01:44 -08:00
Seth Vargo 46cbfb0e4b Fix formatting (#6009)
The new markdown parser is less forgiving
2019-01-08 08:51:37 -08:00
Thomas Kula 4265579aaa Fix small typo in azure.html.md (#6004) 2019-01-07 10:03:22 -05:00
Aric Walker c065b46f42 Remove duplicate "Users can" from policy md (#6002) 2019-01-07 07:02:28 -08:00
Seth Vargo c3f1043c24 Reduce required permissions for the GCPCKMS auto-unsealer (#5999)
This changes the behavior of the GCPCKMS auto-unsealer setup to attempt
encryption instead of a key lookup. Key lookups are a different API
method not covered by roles/cloudkms.cryptoKeyEncrypterDecrypter. This
means users must grant an extended scope to their service account
(granting the ability to read key data) which only seems to be used to
validate the existence of the key.

Worse, the only roles that include this permission are overly verbose
(e.g. roles/viewer which gives readonly access to everything in the
project and roles/cloudkms.admin which gives full control over all key
operations). This leaves the user stuck between choosing to create a
custom IAM role (which isn't fun) or grant overly broad permissions.

By changing to an encrypt call, we get better verification of the unseal
permissions and users can reduce scope to a single role.
2019-01-04 16:29:31 -05:00
Seth Vargo 1917bb406d Fix audit docs (#6000)
These appear to have been converted to (bad) HTML. This returns them to
their original markdown format.
2019-01-04 13:45:50 -06:00
Iain Gray ecdacbb90a Update DG to Vault 1.0 (#5855)
* Update DG to Vault 1.0

* as per comments  - chrishoffman

* Removed stray bracket and added quotes

* updated as per conversations with Dan
2019-01-03 10:10:37 -05:00
Graham Land 2e92372710 Docs: Add Auto Unseal Rekey example (#5952)
* Add KMS Rekey example

I've had customers looking for AWS KMS rekeying examples today - when using pgp keys.
This example would have clarified what they needed to do.

* Replaced KMS reference with Auto Unseal

``` bash
Rekey an Auto Unseal vault and encrypt the resulting recovery keys with PGP:
```
2019-01-03 09:23:43 -05:00
Becca Petrin d7f31fe5e4
Merge pull request #5892 from jen20/jen20/dynamodb-capacity-doc
docs: Clarify the utility of DynamoDB capacities
2018-12-20 11:54:26 -08:00
Becca Petrin d108843a0a
Merge pull request #5947 from hmalphettes/master
Docs: JWT API - List Roles: fix the path
2018-12-20 09:15:57 -08:00
R.B. Boyer 0ebb30938c website: fix simple typo (#5979) 2018-12-19 14:46:54 -08:00
Clint 004ca032e8
add MSSQL storage docs to sidebar (#5978) 2018-12-19 14:06:42 -06:00