Commit graph

1408 commits

Author SHA1 Message Date
Jeff Mitchell 7068292252 Update/clarify docs on generic backend ttl.
Ping #2697
2017-05-09 09:56:11 -04:00
Jeff Mitchell 7763b15493 Bump versions 2017-05-08 16:19:41 -04:00
Jeff Mitchell f1fb1e50a5 Prep for 0.7.1 2017-05-05 11:46:43 -04:00
Brian Kassouf 61f115ba81 Update postgresql.html.md 2017-05-04 17:56:09 -07:00
Brian Kassouf 20cc43bf18 Update mysql-maria.html.md 2017-05-04 17:55:50 -07:00
Brian Kassouf 913a112681 Update mssql.html.md 2017-05-04 17:55:30 -07:00
Brian Kassouf 16e6f9640d Few docs updates 2017-05-04 14:07:12 -07:00
Calvin Leung Huang c0ce0ae499 Merge branch 'database-refactor' of github.com:hashicorp/vault into database-refactor 2017-05-04 16:46:47 -04:00
Calvin Leung Huang b49993f81f Update mssql docs 2017-05-04 16:46:34 -04:00
Brian Kassouf 3c41bdfa16 update docs 2017-05-04 13:38:49 -07:00
Brian Kassouf 7dcec6e68f Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 12:40:00 -07:00
Brian Kassouf 82b58d5b9c Update docs and return a better error message 2017-05-04 11:45:27 -07:00
mymercurialsky 4c0e3c5d2f Implemented TOTP Secret Backend (#2492)
* Initialized basic outline of TOTP backend using Postgresql backend as template

* Updated TOTP backend.go's structure and help string

* Updated TOTP path_roles.go's structure and help strings

* Updated TOTP path_role_create.go's structure and help strings

* Fixed typo in path_roles.go

* Fixed errors in path_role_create.go and path_roles.go

* Added TOTP secret backend information to cli commands

* Fixed build errors in path_roles.go and path_role_create.go

* Changed field values of period and digits from uint to int, added uint conversion of period when generating passwords

* Initialized TOTP test file based on structure of postgresql test file

* Added enforcement of input values

* Added otp library to vendor folder

* Added test steps and cleaned up errors

* Modified read credential test step, not working yet

* Use of vendored package not allowed - Test error

* Removed vendor files for TOTP library

* Revert "Removed vendor files for TOTP library"

This reverts commit fcd030994bc1741dbf490f3995944e091b11da61.

* Hopefully fixed vendor folder issue with TOTP Library

* Added additional tests for TOTP backend

* Cleaned up comments in TOTP backend_test.go

* Added default values of period, algorithm and digits to field schema

* Changed account_name and issuer fields to optional

* Removed MD5 as a hash algorithm option

* Implemented requested pull request changes

* Added ability to validate TOTP codes

* Added ability to have a key generated

* Added skew, qr size and key size parameters

* Reset vendor.json prior to merge

* Readded otp and barcode libraries to vendor.json

* Modified help strings for path_role_create.go

* Fixed test issue in testAccStepReadRole

* Cleaned up error formatting, variable names and path names. Also added some additional documentation

* Moveed barcode and url output to key creation function and did some additional cleanup based on requested changes

* Added ability to pass in TOTP urls

* Added additional tests for TOTP server functions

* Removed unused QRSize, URL and Generate members of keyEntry struct

* Removed unnecessary urlstring variable from pathKeyCreate

* Added website documentation for TOTP secret backend

* Added errors if generate is true and url or key is passed, removed logger from backend, and revised parameter documentation.

* Updated website documentation and added QR example

* Added exported variable and ability to disable QR generation, cleaned up error reporting, changed default skew value, updated documentation and added additional tests

* Updated API documentation to inlude to exported variable and qr size option

* Cleaned up return statements in path_code, added error handling while validating codes and clarified documentation for generate parameters in path_keys
2017-05-04 10:49:42 -07:00
Brian Kassouf 5ee0d696d4 Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 10:45:18 -07:00
Brian Kassouf 29bfc0a0d4 PR comments 2017-05-04 10:41:59 -07:00
Chris Hoffman 3d9cf89ad6 Add the ability to view and list of leases metadata (#2650) 2017-05-03 22:03:42 -04:00
Brian Kassouf ce391ca425 add new mysql plugin names and fix grammar 2017-05-03 18:41:39 -07:00
Brian Kassouf bf29861d49 Add the plugins catalog API docs 2017-05-03 11:43:24 -07:00
Brian Kassouf e92818e0ae Upate links in docs 2017-05-03 10:25:12 -07:00
Brian Kassouf dbb5b38e0d Add API docs 2017-05-03 02:13:07 -07:00
Brian Kassouf 63de72c10f Add custom plugins docs page 2017-05-03 00:01:28 -07:00
Brian Kassouf 50ac77be51 Update docs for the database backend and it's plugins 2017-05-02 22:24:31 -07:00
Brian Kassouf b60ff2048d Update docs and add cassandra as a builtin plugin 2017-05-02 17:04:49 -07:00
Brian Kassouf 20994c1247 Fix wording in docs 2017-05-02 16:20:07 -07:00
Jeff Mitchell 712cacaf4d Add website skeleton 2017-05-02 16:26:32 -04:00
mhristof df325288ac fix format for secret/pki (#2668) 2017-05-02 07:52:55 -04:00
Brian Kassouf ca7ff89bcb Fix documentation 2017-05-02 02:22:06 -07:00
Brian Kassouf f17c50108f Add plugins interal page to the sidebar: 2017-05-02 02:00:04 -07:00
Brian Kassouf a963097747 Add internals doc for plugins 2017-05-02 01:59:36 -07:00
Seth Vargo 44e1c64cfd Add UI docs (#2664) 2017-05-01 17:36:37 -04:00
Marc Boudreau 5630b0ad4b Changing the ttl value in the Generate IAM with STS sample to a valid value (#2665) 2017-05-01 14:41:49 -04:00
Justin Gerace 403efeb5ae Add globbing support to the PKI backend's allowed_domains list (#2517) 2017-05-01 10:40:18 -04:00
Michael Ansel 30b71cbbac Add constraints on the Common Name for certificate-based authentication (#2595)
* Refactor to consolidate constraints on the matching chain

* Add CN prefix/suffix constraint

* Maintain backwards compatibility (pick a random cert if multiple match)

* Vendor go-glob

* Replace cn_prefix/suffix with required_name/globbing

Move all the new tests to acceptance-capable tests instead of embedding in the CRL test

* Allow authenticating against a single cert

* Add new params to documentation

* Add CLI support for new param

* Refactor for style

* Support multiple (ORed) name patterns

* Rename required_names to allowed_names

* Update docs for parameter rename

* Use the new TypeCommaStringSlice
2017-04-30 11:37:10 -04:00
Cameron Stokes 73867dab92 Add local flag to docs for API endpoints. (#2625) 2017-04-28 14:33:27 -04:00
Ryan Smith-Evans d0d448cfbe Added required header (#2656) 2017-04-28 08:56:14 -04:00
greenbrian 90a442ec92 Fix links on Consul storage backend page (#2652) 2017-04-28 07:48:23 -04:00
Chris Hoffman 1a60fede58 Updating revoke/renew to prefer PUT method (#2646) 2017-04-27 10:47:43 -04:00
Jeff Mitchell d9e639ece2 Fix types of listener options, currently they're all strings 2017-04-25 11:20:48 -04:00
Seth Vargo 7b21562f07 Make sidebar a bit wider on smaller screens (#2638) 2017-04-24 15:39:58 -04:00
Joel Thompson e06a78a474 Create unified aws auth backend (#2441)
* Rename builtin/credential/aws-ec2 to aws

The aws-ec2 authentication backend is being expanded and will become the
generic aws backend. This is a small rename commit to keep the commit
history clean.

* Expand aws-ec2 backend to more generic aws

This adds the ability to authenticate arbitrary AWS IAM principals using
AWS's sts:GetCallerIdentity method. The AWS-EC2 auth backend is being to
just AWS with the expansion.

* Add missing aws auth handler to CLI

This was omitted from the previous commit

* aws auth backend general variable name cleanup

Also fixed a bug where allowed auth types weren't being checked upon
login, and added tests for it.

* Update docs for the aws auth backend

* Refactor aws bind validation

* Fix env var override in aws backend test

Intent is to override the AWS environment variables with the TEST_*
versions if they are set, but the reverse was happening.

* Update docs on use of IAM authentication profile

AWS now allows you to change the instance profile of a running instance,
so the use case of "a long-lived instance that's not in an instance
profile" no longer means you have to use the the EC2 auth method. You
can now just change the instance profile on the fly.

* Fix typo in aws auth cli help

* Respond to PR feedback

* More PR feedback

* Respond to additional PR feedback

* Address more feedback on aws auth PR

* Make aws auth_type immutable per role

* Address more aws auth PR feedback

* Address more iam auth PR feedback

* Rename aws-ec2.html.md to aws.html.md

Per PR feedback, to go along with new backend name.

* Add MountType to logical.Request

* Make default aws auth_type dependent upon MountType

When MountType is aws-ec2, default to ec2 auth_type for backwards
compatibility with legacy roles. Otherwise, default to iam.

* Pass MountPoint and MountType back up to the core

Previously the request router reset the MountPoint and MountType back to
the empty string before returning to the core. This ensures they get set
back to the correct values.
2017-04-24 15:15:50 -04:00
Matthew Gallagher 8c75c2611a Remove mention of Darwin mlock support from docs. (#2624) 2017-04-22 16:56:01 -04:00
Cameron Stokes 82e9b089be [docs] Fix typo in Transit API docs. 2017-04-20 15:18:55 -07:00
Chad Greenburg 960fdb6a8a Added documentation for listing roles in the Consul secret backend (#2619) 2017-04-20 07:44:25 -04:00
Eric Bock f3be8927db Fixing typo in Transit API rewrap section (#2617) 2017-04-19 09:29:33 -07:00
Brian Nuszkowski 74d78f247c Add api documentation for unauthenticated SSH CA public key retrieval (#2616) 2017-04-19 11:30:24 -04:00
Jeff Mitchell 4995c69763 Update sign-verbatim to correctly set generate_lease (#2593) 2017-04-18 15:54:31 -04:00
Mitch Davis a051ec1b59 Use service bind for searching LDAP groups (#2534)
Fixes #2387
2017-04-18 15:52:05 -04:00
Jeff Mitchell f4cd8c5200 Merge pull request #2607 from hashicorp/b-grammar
Fix sentence - remove "and"
2017-04-18 15:50:56 -04:00
Jeff Mitchell 563ad2175f Update index.html.md 2017-04-18 15:50:44 -04:00
Seth Vargo 490b98ee93
Update logos 2017-04-18 14:17:56 -04:00
Jon Benson 73950e8fb1 Fix sentence - remove "and" 2017-04-17 19:35:04 -07:00
Jeff Mitchell d5f5ecf0ab Remove allow_token_displayname from docs as we don't support that any longer 2017-04-17 17:25:44 -04:00
Jeff Mitchell f14fd329fd Add more info to STS TTL to website 2017-04-17 17:19:13 -04:00
Phil Watts c98de70310 Update revoke.html.md (#2604)
Changed param's description verb from renew to revoke, to match the page context.
2017-04-17 12:40:24 -04:00
Jeff Mitchell ce58bfa88f Update SSH docs to indicate deprecation of dynamic key type 2017-04-17 11:11:05 -04:00
James Phillips b6758b7ea9 Update 404.html.md (#2594) 2017-04-14 12:19:15 -04:00
Jeff Mitchell c2407eab5a Add some extra documentation around ssh-keygen -L to see signed cert
info.

Ping #2569
2017-04-13 15:23:27 -04:00
Chris Hoffman 3c7a69b119 minor docs update 2017-04-10 09:46:25 -04:00
Jeff Mitchell 9136952055 Update AES-GCM verification text 2017-04-07 14:35:29 -04:00
Shivaram Lingamneni 2117dfd717 implement a no_store option for pki roles (#2565) 2017-04-07 11:25:47 -07:00
Jeff Mitchell e0d00fdf7b Remove superfluous/misleading comments around some listener options 2017-04-07 14:23:56 -04:00
Jeff Mitchell f805618a2c Update SSH CA documentation
Fixes #2551
Fixes #2569
2017-04-07 11:59:25 -04:00
Seth Vargo 53e1bd02a1
Add press-kit 2017-04-06 18:43:55 -04:00
Seth Vargo 4ac4b92cbb
Import fonts 2017-04-06 18:42:09 -04:00
Seth Vargo 6883eebbd9
Add press kit, hashicorp logo 2017-04-06 18:28:26 -04:00
Jeff Mitchell d39ca0be68 Remove "these are denoted below" w.r.t. SIGHUP
SIGHUP support is denoted in the sections/options that support actions on SIGHUP, so with the new docs layout it's confusing to have the old statement in there. Remove in favor of the inline comments.

Fixes #2572
2017-04-06 16:08:58 -04:00
Sebastian Haba 3322f637ac add mssql physical backend (#2546) 2017-04-06 09:33:49 -04:00
Pavel Timofeev d2afabe4f6 Ldap auth doc fix (#2568)
* Move url parameter to the next line and fix a typo

* Add userdn paramater to the Scenario 1.
Without userdn set Vault can't search with error like

Code: 400. Errors:

* LDAP search failed for detecting user: LDAP Result Code 32 "No Such Object": 0000208D: NameErr: DSID-031001E5, problem 2001 (NO_OBJECT), data 0, best match of:
        ''
2017-04-05 08:29:38 -07:00
Cameron Stokes 76c74a3995 [docs] Add header to fix formatting. 2017-04-05 10:35:59 +10:00
Cameron Stokes 1884845525 [docs] Adding missing guide from index page.
Also, make guide titles consistent with sidebar.
2017-04-05 10:22:20 +10:00
Jeff Mitchell 04bbc50ccb Add back lost Postgres creation sql for storage backend 2017-04-04 12:30:07 -04:00
Emre Erkunt de3d2438b7 Fixed an example on aws backend documentation about an iam profile. (#2522) 2017-04-04 09:03:27 -07:00
Jonathan Sokolowski a4ceaf0035 Etcd DNS discovery (#2521)
* etcd: Add discovery_srv option
2017-04-04 08:50:44 -07:00
Jeff Mitchell 9ec414016d Update SSH docs to note that host key verification is not performed. 2017-04-03 10:43:41 -04:00
Francis Chuang 917158a510 Fix typo (#2558) 2017-04-03 05:46:40 -07:00
Paul Cichonski 75e531e8aa fix typo in pki api doc 2017-04-02 17:02:11 -04:00
Adam Shannon a6156d8e79 Quote dynamodb's ha_enabled property (#2547)
With `ha_enabled = true` vault crashes with the following error: 

```
error parsing 'storage': storage.dynamodb: At 17:16: root.ha_enabled: unknown type for string *ast.LiteralType
```

This seems related to https://github.com/hashicorp/vault/issues/1559
2017-03-30 14:09:47 -07:00
Seth Vargo b5ab4745fc
Update helpers 2017-03-29 21:39:48 -04:00
Seth Vargo 8bcb3bda9c
Remove commented colors 2017-03-29 19:08:09 -04:00
Seth Vargo c600a426d8
Add new colored header styles 2017-03-29 19:04:39 -04:00
vishalnayak 1cfd0e94b3 docs: aws-ec2: link sts configuration from cross account access 2017-03-28 14:34:21 -07:00
Seth Vargo 383a4cacaa
Re-add FOUT 2017-03-26 17:07:29 -04:00
Seth Vargo 4fb3f7f32a
Remove dependency on bootstrap
This greatly reduces our javascript footprint
2017-03-26 16:58:16 -04:00
Seth Vargo dd44ad7b85
Remove pry 2017-03-26 16:08:16 -04:00
Seth Vargo 5b0acbfeba
Cleanup CSS 2017-03-26 16:04:21 -04:00
Dan Everton 4ef8ce1198 Add permitPool support to S3 (#2466) 2017-03-26 14:32:26 -04:00
Paul Nicholson 85acdb7f5e fix typo in ssh api documentation (#2529) 2017-03-23 23:48:26 -07:00
Matthew Irish 9f6dea5ffd remove sidebar include in sass (#2516) 2017-03-21 13:08:27 -05:00
Matthew Irish f6fba9bb3c replication is an enterprise-only feature (#2514) 2017-03-21 13:30:27 -04:00
Jeff Mitchell 04d8f3a34d Fix AWS-EC2 sts/certificate typo
Fixes #2512
2017-03-21 13:29:40 -04:00
Jack Pearkes efa2a280aa website: update docs to clearly link to enterprise version 2017-03-21 08:41:39 -07:00
Jonathan Thomas c41ee12c38 website: latest news section (#2506)
* website: add latest news section which includes vault webinar details

* small padding tweak
2017-03-20 18:23:46 -04:00
Seth Vargo 0f1b9499c0
Nevermind... meganav uses it 2017-03-20 01:51:57 -04:00
Seth Vargo 2357039044
Fix typo 2017-03-20 01:50:45 -04:00
Seth Vargo f30f6f489f
Do not require bootstrap 2017-03-20 01:50:40 -04:00
Seth Vargo d3da5b231b
Link to index.html pages 2017-03-20 01:37:22 -04:00
Seth Vargo 3a4e14cfe6
Remove quotes from meta descriptions
SEO stops at that quote, so many of our pages have a description of
"the".
2017-03-20 01:35:21 -04:00
Seth Vargo 166e0b4ef4
Use inline svgs 2017-03-20 01:27:23 -04:00
Seth Vargo f2355301c3
Upgrade to latest middleman-hashicorp 2017-03-20 01:27:23 -04:00
Seth Vargo cb1a2cb361
Migrate to middleman-hashicorp sidebar 2017-03-20 01:27:23 -04:00