Meggie
335dc8423a
Fixing some typos ( #11195 )
2021-03-25 10:51:31 -04:00
Baljeet Singh
646bddd89a
update transform.mdx ( #11105 )
...
Typo on path of creating/updating transformation in api docs.
Fixed by updating `transform/transformation` to `transform/transformations`
2021-03-24 20:10:27 -05:00
Meggie
11f9c4156f
Update website for 1.7.0 ( #11193 )
...
* Stub upgrade guide and version update
* Finalizing upgrade notes
* Fixing clobbered barrier notes
2021-03-24 17:32:23 -04:00
Darshana Sivakumar
5f2995f66b
Create 1.7.0.mdx ( #11185 )
...
* Create 1.7.0.mdx
Release notes for Vault 1.7
* Added sidebar, headings
We needed the sidebar and I thought the headings looked better than the
bold text.
* Updated per a note from Darshana
Co-authored-by: Meggie Ladlow <meggie@hashicorp.com>
2021-03-24 17:13:28 -04:00
Alex Milowski
ffad2c6eb2
Added Redis Enterprise database plugin ( #11111 )
...
Added the link to the Redis Enterprise database plugin GitHub repository.
2021-03-24 12:17:37 -07:00
Nick Cabatoff
dbce98c1bb
Client controlled consistency docs ( #10990 )
2021-03-24 15:09:01 -04:00
Vishal Nayak
2c161a6f6b
Autopilot Docs ( #11167 )
2021-03-24 10:29:10 -04:00
Austin Gebauer
1eee383ecf
Updates documentation for key management secrets engine ( #11172 )
2021-03-23 14:14:25 -07:00
Mike Wickett
f9b13ac0b7
website: update alert banner for webinar ( #11176 )
2021-03-23 10:36:21 -04:00
Jim Kalafut
a9dfaeb765
Update AWS Auth docs for deprecated terms and endpoints ( #11146 )
2021-03-22 14:15:19 -07:00
Nick Cabatoff
e2aadfc157
Update docs for agent's new vault.retry stanza. ( #11151 )
2021-03-22 12:50:59 -04:00
Vishal Nayak
04876c05fe
Update raft api docs ( #10893 )
...
* Update raft api docs
* Update website/content/api-docs/system/storage/raft.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Update website/content/api-docs/system/storage/raft.mdx
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
* Update website/content/api-docs/system/storage/raft.mdx
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-03-20 00:46:08 -04:00
Jason O'Donnell
921979a40f
docs: update vault-k8s to 0.9.0 ( #11138 )
...
* docs: update vault-k8s to 0.9.0
* Fix typos
* Update website/content/docs/platform/k8s/injector/examples.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/injector/annotations.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Add links for auto-auth
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-03-19 11:34:58 -04:00
Scott Miller
689dd3722f
Document mysql ( #11112 )
...
* Document MySQL
* Document snapshot, restore, and export-decoded (#11110 )
* Update website/content/api-docs/secret/transform.mdx
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
* Add parseTime note
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-03-19 10:34:41 -05:00
Josh Black
5fcc629847
Add log shipper configuration docs ( #11014 )
...
* Add log shipper configuration docs
* Fix indentation issue
* Add telemetry
* Updates to logshipper docs
* Add CCC related replication config docs. (#11087 )
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
* Correct formatting
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-03-18 16:41:13 -07:00
Scott Miller
535bcf289e
Fix handling of minimum operations, and forward rotate/config requests to Primary ( #11116 )
...
* Boost max_operations to the greater of that specified or absoluteMinOperations
* Forward rotation config requests to the primary
* Reject rotation configs outside the min/max range
* Minor wording fix
2021-03-18 15:08:47 -05:00
Clint
5353279e75
Add command to look up a lease by ID ( #11129 )
...
* snapshot
* basic test
* update command and add documentation
* update help text
* typo
* add changelog for lease lookup command
* run go mod vendor
* remove tabs from help output
2021-03-18 11:11:09 -05:00
aphorise
eb36b68710
Corrected links for Consul Consistency Modes ( #10862 )
2021-03-17 16:05:30 -07:00
aphorise
5b6e2bb77a
Docs - Plugin register operator & example add ( #10864 )
2021-03-17 16:04:51 -07:00
Hridoy Roy
261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] ( #10921 )
...
* first docs pass
* filled in read output
* transform docs changes
* transform docs changes
* transform docs changes
* transform docs changes
* transform docs changes
* transform docs changes
* transform docs changes
2021-03-17 14:29:13 -07:00
Brad
266582628a
Add missing option to raft storage docs ( #11041 )
2021-03-17 17:25:28 -04:00
Andy Assareh
4ce8896b29
Add note that static role is rotated upon creation ( #11126 )
...
It does not appear to be documented that Vault must rotate the password upon static role creation in order to know the password, as it is not provided.
2021-03-17 11:27:04 -05:00
Austin Gebauer
f5e7c2d9a8
Updates docs for jwt_supported_algs in JWT/OIDC auth method ( #11115 )
2021-03-16 14:17:53 -07:00
Hridoy Roy
e9e83ff864
Add FF3-1 Tweak Guidance Docs [VAULT-1036] ( #10978 )
...
* ff3 guidance docs
* docs upgrade
* address PR comments
2021-03-16 07:57:50 -07:00
Alvaro Miranda Aguilera
3fb284c217
Update oracle.mdx ( #11101 )
2021-03-15 14:13:40 -06:00
Scott Miller
da982c3982
Upgrade notes for the transform engine upgrade bug fix. ( #11098 )
...
* Add upgrade notes for the Transform storage upgrade bug
* sidenav
* Reword to encourage upgrade when available
2021-03-12 19:59:50 -06:00
Mark Gritter
8bbf92ef70
Fix typo in limits.mdx ( #11103 )
2021-03-12 15:46:41 -06:00
Mike Wickett
933aa782bc
Update alert banner ( #11083 )
...
* Update alert banner
* Update website/data/alert-banner.js
Co-authored-by: Zachary Shilton <4624598+zchsh@users.noreply.github.com>
Co-authored-by: Zachary Shilton <4624598+zchsh@users.noreply.github.com>
2021-03-11 15:46:34 -05:00
Scott Miller
c4e8d51c9d
Add upgrade notes for the Transform storage upgrade bug ( #11075 )
...
* Add upgrade notes for the Transform storage upgrade bug
* sidenav
2021-03-11 11:23:19 -06:00
Meggie
39ff8b071f
Make 1.7.0-rc1 the latest version ( #11082 )
2021-03-10 20:03:55 -05:00
Jacob Friedman
5305c439d4
Update init.mdx ( #11044 )
...
* Update init.mdx
Updated operator init documentation to try to avoid steering customers towards running Auto Unseal seals with recovery-shares=1 and recovery-threshold=1. This is a bad security posture, as it can allow a single user with access to that recovery share to create root tokens and do other very sensitive tasks.
Also rewrote parts of the HSM/KMS Options section to indicate that recovery-related options are not solely for HSM-mode Vault but are for ANY Auto Unseal seal.
* Update website/content/docs/commands/operator/init.mdx
Adding an appropriate number of recovery-pgp-keys
Co-authored-by: Yoko <yoko@hashicorp.com>
Co-authored-by: Yoko <yoko@hashicorp.com>
2021-03-04 15:57:47 -08:00
Michele Degges
9741f51bee
Removing broken link ( #11029 )
2021-03-02 12:02:59 -08:00
swayne275
d74f82346b
Add Partial Month Client Count API for Activity Log ( #11022 )
...
* sketch out partial month activity log client API
* unit test partialMonthClientCount
* cleanup api
* add api doc, fix test, update api nomenclature to match existing
* cleanup
* add PR changelog file
* integration test for API
* report entities and tokens separately
2021-03-01 16:15:59 -07:00
Brian Kassouf
1bc410783d
OSS/ENT Drift
2021-03-01 10:51:04 -08:00
Scott Miller
1e1f7eff46
Documentation for barrier autorotation ( #11027 )
...
* Documentation for barrier autorotation
* changelog
* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Brian Kassouf
a112161f60
expiration: Add a few metrics to measure revoke queue lengths ( #10955 )
...
* expiration: Add a few metrics to measure revoke queue lengths
* Update the metric names
* Add appropriate cluster labels
* Add metrics to docs
* Update jobmanager.go
2021-02-26 16:00:39 -08:00
Michael Golowka
302cc4870e
Add Username Templating Concepts page ( #10935 )
2021-02-26 16:04:12 -07:00
Meggie
de8c06eb31
Update latest to 1.6.3 ( #11010 )
2021-02-26 17:08:27 -05:00
Tom Proctor
45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation ( #10967 )
2021-02-26 20:38:27 +00:00
Lauren Voswinkel
075898cf73
Add IAM tagging support for iam_user roles in AWS secret engine ( #10953 )
...
* Added support for iam_tags for AWS secret roles
This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
2021-02-25 16:03:24 -08:00
Jim Kalafut
e60cc11f33
Add configurable exponential backoff to Agent auto-auth ( #10964 )
2021-02-23 12:04:21 -08:00
Clint
b0b121753a
update docs related to OCI alias changes ( #10952 )
...
* update docs related to OCI alias changes
* covert CHANGELOG update to a changelog/ entry
2021-02-23 10:08:15 -06:00
Jim Kalafut
4b1557e6ab
Minor update to Secrets engine overview docs ( #10977 )
...
The reference to API calls and link to code isn't a good fit here.
Reverts eb3e34d
2021-02-23 07:17:44 -08:00
Clint
f998f96451
Add documentation for upcoming Terraform Cloud secret engine ( #10823 )
...
* add side navigation for Terraform Cloud Secret Engine
* terraform cloud engine docs
* add api-docs for terraform cloud secret engine
* fix some typos and improve wording, now with less management
* fix capitalization
* change text->shell-session
* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Jim Kalafut
7e54bc15c2
Add TOTP support to Okta Auth ( #10942 )
2021-02-21 21:18:17 -08:00
Austin Gebauer
0017b78919
Adds API docs for max_age role parameter of JWT/OIDC auth method ( #10916 )
2021-02-19 13:39:58 -08:00
Nick Cabatoff
81105274d1
Add docs for Agent's template_retry option added in #10644 , based on those from consul-template configuration. Also fix some existing config docs that weren't adhering to our conventions. ( #10911 )
2021-02-18 11:24:36 -08:00
Brian Fox
7f6ec265a1
Update KV Secrets Engine index ( #10933 )
...
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.
2021-02-17 14:27:37 -08:00
Nick Cabatoff
1b789f5ae5
Note that all local mounts are impacted, including on primary. ( #10807 )
2021-02-16 10:37:37 -05:00
Rosemary Wang
a48db957ca
docs: Update Azure AD OIDC documentation ( #10853 )
...
Addresses #8191 with clearer external groups configuration.
2021-02-12 17:28:00 -08:00
Mark Gritter
a8d2e6e350
Added a table showing the entity alias name used by each auth method. ( #10908 )
...
* Also corrected the text about token auth method.
2021-02-11 18:34:45 -06:00
Zachary Shilton
e45d81ff47
Use revised BeforeAfterDiagram, VerticalTextBlockList ( #10907 )
...
* Switch BeforeAfterDiagram implementation, pulled from www-next
* Bump vertical-text-block-list, update md to HTML
* Bump to latest case-study-slider
2021-02-11 16:29:38 -05:00
aphorise
17003328ab
Docs - Namespace monitoring corrected examples ( #10863 )
...
Re-doing PR #10305
2021-02-11 11:32:52 -06:00
Tom Proctor
5f9891f992
auth/kubernetes docs: Correct default issuer ( #10900 )
...
As per 207d1b4c1c/path_login.go (L24)
, the default issuer when none is set is `kubernetes/serviceaccount`.
2021-02-11 15:26:34 +00:00
Vishal Nayak
53cb1deb38
Revert "Read-replica instead of non-voter ( #10875 )" ( #10890 )
...
This reverts commit fc745670cf34821f5834357d9caebc3351dbc1e7.
2021-02-10 16:41:58 -05:00
Vishal Nayak
a2394e7353
Read-replica instead of non-voter ( #10875 )
2021-02-10 09:58:18 -05:00
Jim
7cb100e9a7
Update kubernetes.mdx ( #10871 )
...
Add suggestion to validate K8S cluster address and TCP port using cluster-info command and update sample config (line 77) to prompt for validation. Feedback from prospect was that doc is misleading since our sample uses TCP 8443.
2021-02-09 14:50:31 -05:00
jonZlotnik
541079dec3
both serviceaccount and namespace can be splat ( #10829 )
...
Needs to be changed in the docs.
Please see commit 70bc47384bedfc895d08d1df17a45b0c4ea8b6de
2021-02-09 11:14:13 -08:00
Scott Miller
ad1621dd5f
Add documentation about the horizontal cluster scalability of PKI secret engine operations ( #10745 )
...
* Add documentation about the horizontal cluster scalability of PKI secret engine operations
* Mention generate_lease
* cluster terminology
* Discuss generate_lease
* active again
* One more go
2021-02-09 11:00:24 -06:00
Bryce Kalow
1e7b38fc75
website: upgrade nextjs-scripts & next ( #10831 )
2021-02-09 10:54:58 -05:00
Michael Golowka
aaa51e975f
Add docs for OpenLDAP dynamic secrets ( #10817 )
2021-02-05 10:49:29 -07:00
Calvin Leung Huang
b1c4b86d7f
approle: add ttl to the secret ID generation response ( #10826 )
...
* approle: add ttl to the secret ID generation response
* approle: move TTL derivation into helper func
* changelog: add changelog entry
* docs: update approle docs and api-docs pages
2021-02-03 16:32:16 -08:00
Jason O'Donnell
84cb949802
k8s doc: update for 0.9.1 and 0.8.0 releases ( #10825 )
...
* k8s doc: update for 0.9.1 and 0.8.0 releases
* Update website/content/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-02-02 16:37:34 -05:00
Brandon Romano
4a6e00081c
Web Updates for HCP (2/2) ( #10820 )
...
* Web Updates for HCP (2/2)
Adds HCP Vault section to homepage
Updates the Nav
Hack in a third 'try cloud' link
Update banner to point to HCP site
* website: utm params for all hcp links
Co-authored-by: Kyle MacDonald <kmacdonald@hashicorp.com>
2021-02-02 11:41:19 -05:00
Bryce Kalow
1205d23e53
add table styles to the style.css ( #10793 )
2021-02-01 23:24:04 -05:00
Josh Black
449b9ddedb
Clarify docs around using the Vault Agent as a windows service ( #10519 )
2021-02-01 10:03:42 -08:00
Mark Gritter
3ec15c4927
Fix use of identity/group endpoint to edit group by name ( #10812 )
...
* Updates identity/group to allow updating a group by name (#10223 )
* Now that lookup by name is outside handleGroupUpdateCommon, do not
use the second name lookup as the object to update.
* Added changelog.
Co-authored-by: dr-db <25711615+dr-db@users.noreply.github.com>
2021-01-29 16:50:08 -06:00
Mike Green
588ce498d3
clarify space limits in bytes ( #10811 )
2021-01-29 14:43:48 -05:00
Meggie
06e5ec9b53
Updating website to 1.6.2 ( #10810 )
2021-01-29 13:47:54 -05:00
Nick Cabatoff
936ce3ba62
Document identity behaviour on local auth mounts. ( #10805 )
2021-01-28 11:45:53 -05:00
Hridoy Roy
17e20bdaa6
docs change for max request size community PR ( #10723 )
2021-01-27 10:02:00 -08:00
Hridoy Roy
537189cab8
make token create case insensitive [VAULT-1021] ( #10743 )
...
* make token create case insensitive
* changelog
* comment update
2021-01-27 09:56:54 -08:00
Hridoy Roy
d1241b5286
changelog for entropy augmentation PR [VAULT-1179] ( #10755 )
...
* changelog for entropy augmentation
* docs upgrade
* docs upgrade
* docs upgrade
* docs upgrade
2021-01-26 21:06:38 -08:00
Aleksandr Bezobchuk
46c3f1f7bc
docs: update "Policy Syntax" section ( #10590 )
...
Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 22:14:47 -06:00
Aleksandr Bezobchuk
2ec8f9a222
metrics: activity log ( #10514 )
...
* core: add vault.identity.entity.active.monthly log
* Fixed end-of-month metrics and unit test.
* Added metric covering month-to-date (not broken down by namespace.)
* Updated documentation
* Added changelog.
Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 16:37:07 -06:00
Jeff Escalante
3cf16ac1f6
point edit page link to master ( #10778 )
2021-01-26 16:50:58 -05:00
Jim Kalafut
fb049caa7f
Clarify agent lease renewal docs ( #10772 )
2021-01-26 12:07:59 -08:00
John Eikenberry
1ecd3464eb
fix deep links to consul-template docs ( #10768 )
2021-01-25 16:42:19 -08:00
Jeff Escalante
c0c0dd5379
remove netlify config ( #10711 )
2021-01-22 15:16:25 -05:00
Mike Green
b0d5660765
Clarify slash is needed on gcs and azure ( #10710 )
...
Clarify user question, unexpected behavior with no slash on gcs.
2021-01-21 12:32:24 -05:00
Lauren Voswinkel
086e8bbb74
Updates api-docs for static role deletion ( #10736 )
...
We now specify that the user will remain unless cleaned up manually
2021-01-20 12:57:00 -08:00
Nick Cabatoff
b93c5ff304
Spell out how to configure credentials for GCS. ( #10589 )
2021-01-20 09:09:23 -05:00
Jeff Escalante
5e60bd9677
add vercel config ( #10707 )
2021-01-15 15:44:28 -05:00
Jeff Escalante
f48841c6ea
Docs: prepare for vercel hosting move ( #10598 )
...
* prepare for move to vercel hosting
* update readme
* add back netlify files for hosting transition
2021-01-15 15:29:22 -05:00
Mike Wickett
b4d0403ef1
website: update alert banner for HCP Vault public beta ( #10699 )
2021-01-14 14:03:41 -05:00
Brandon Romano
339b8d62c2
Website StackMenu updates for 1/14 ( #10690 )
2021-01-14 09:19:09 -08:00
Lauren Voswinkel
1ec64fd010
Update Snowflake docs ( #10691 )
...
* Update Snowflake docs
Snowflake docs had an issue, `DEFAULT ROLE` should be `DEFAULT_ROLE`
* Update docs to show an actual username
2021-01-13 14:59:16 -08:00
Eugene R
331529fc94
Aerospike storage backend ( #10131 )
...
* add an Aerospike storage backend
* go mod vendor
* add Aerospike storage configuration docs
* review fixes
* bump aerospike client to v3.1.1
* rename the defaultHostname variable
* relocate the docs page
2021-01-12 15:26:07 -08:00
Mike Wickett
d72c4d5235
website: add alert banner to promote webinar ( #10683 )
2021-01-11 11:17:03 -05:00
Scott Miller
77d27cb968
Add NIST guidance on rotating keys used for AES-GCM encryption ( #10612 )
...
* Add NIST guidance on rotating keys used for AES-GCM encryption
* Capture more places barrier encryption is used
* spacing issue
* Probabilistically track an estimated encryption count by key term
* Un-reorder imports
* wip
* get rid of sampling
2021-01-07 15:37:37 -06:00
Theron Voran
c788e98a16
Adding documentation for multiple vault-k8s replicas ( #10659 )
...
Describes the setup and config for using multiple injector replicas
with auto and manual TLS.
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-01-07 12:22:21 -08:00
Zachary Shilton
6ed50b5df9
Move code highlighting to build time ( #10614 )
...
* Bump react-scripts to v14
* Pull in latest dependencies
* Replace text-and-content on home page
* WIP replace text-and-content on use case pages
* Finish removing text-and-content from use-case pages
* Remove text-and-content completely
* Add logo-grid dep, fix style import
* Remove unneeded indirect deps
2021-01-07 14:40:35 -05:00
Mark Gritter
d076d95d37
Feature flags API ( #10613 )
...
* Added sys/internal/ui/feature-flags endpoint.
* Added documentation for new API endpoint.
* Added integration test.
Co-authored-by: swayne275 <swayne@hashicorp.com>
2021-01-06 16:05:00 -06:00
Jim Kalafut
9064097c5d
Make example Okta creds more obviously fake ( #10639 )
2021-01-06 10:05:23 -08:00
Lauren Voswinkel
ce90acd68d
Add Snowflake docs to the website ( #10617 )
...
* Add snowflake docs to the website
* Update navs
* Add Snowflake to the DB Capabilities table
2021-01-05 14:44:28 -08:00
Jason O'Donnell
abfb92173c
docs: update Vault Helm to 0.9.0 ( #10656 )
...
* docs: update vault-helm for 0.9.0
* Fix typo in leaderElector config
* Add default value to ttl
* Update website/content/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Add affinity default for injector
* Update website/content/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-01-05 16:46:20 -05:00
Nick Cabatoff
5c446d9d53
Clarify which seal/recovery config we mean. ( #10634 )
2021-01-04 10:31:36 -05:00
Nick Cabatoff
69e68c4d0d
Document constraints re primary vs secondary clusters. ( #10527 )
2021-01-04 08:35:17 -05:00
Jeff Escalante
ec620a7765
Implement MDX Remote ( #10581 )
...
* implement mdx remote
* fix an unfenced code block
* fix partials path
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-12-17 16:53:33 -05:00
Meggie
210618d2b9
Updating version to 1.6.1 ( #10566 )
...
Will merge this after the release is done.
2020-12-17 12:52:03 -05:00
Alex Cahn
a605f9ddd6
Update to add the newly released Couchbase DB SE ( #10580 )
...
* Update to add the newly released Couchbase DB SE
* Update website/pages/docs/plugin-portal/index.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-12-15 16:55:38 -08:00
Ronen Botzer
c602f9999f
A Database Secrets Engine plugin for Aerospike ( #10522 )
...
* A Database Secrets Engine plugin for Aerospike
* Order the subsections consistently
2020-12-15 15:13:56 -08:00
Michel Vocks
191aa65bc3
Fix UI custom header values ( #10511 )
...
* Fix UI custom header values
* Fix changelog entry
* Introduce param for multi values
* Fix multivalue
* multivalue should be bool
* Sort imports
* Fix conflict
* Remove changelog entry
* Revert entry delete
2020-12-15 15:58:03 +01:00
Tomas Gustavsson
fc9fa540af
Add PrimeKey EJBCA as partner secrets plugin ( #10531 )
...
* Add PrimeKey EJBCA as partner secrets plugin
* Update website/pages/docs/plugin-portal/index.mdx
* Update website/pages/docs/plugin-portal/index.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-12-14 17:37:09 -08:00
acahn
b969a23f84
Update index.mdx ( #10574 )
...
Modernizing the Partner language as part of the evolution of the partner program.
2020-12-14 17:08:44 -08:00
Kyle MacDonald
acd0cd037c
website: redirect raft snapshot url to automated storage snapshots ( #10553 )
2020-12-14 12:48:58 -05:00
Nick Cabatoff
6c5183abda
Fix link to autosnap api docs. ( #10521 )
2020-12-09 16:19:15 -05:00
danielehc
98f516aa58
Add details on Consul token ttl ( #10470 )
...
* Add details on Consul token ttl
* Update website/pages/docs/secrets/consul/index.mdx
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
Co-authored-by: Kent 'picat' Gruber <kent@hashicorp.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-12-09 08:20:21 -05:00
Kyle Rarey
6fec9f68e3
Correct key length in Transit storage limits ( #10422 )
...
The AES256-GCM96 key was mis-labeled as AES128 under Transit storage limits. Corrected the table.
Co-authored-by: Mark Gritter <mgritter@hashicorp.com>
2020-12-07 11:43:24 -06:00
Mike Wickett
6a6f1d67c8
website: fix broken link to api docs ( #10501 )
2020-12-04 11:55:20 -08:00
Jason O'Donnell
8d8b7f287f
docs: fix auth/k8s broken link ( #10495 )
2020-12-03 16:24:37 -05:00
Brian Kassouf
264f12e72a
Telemetry consul transaction ( #10486 )
...
* Update consul.go
* Update telemetry.mdx
2020-12-03 11:19:08 -08:00
Jaskanwal Pawar
8a5a456fdb
Fix typo about environment variable in docs ( #10259 )
...
The CLI appears to read from `VAULT_CACERT` instead of `VAULT_CA_CERT` as the docs currently say. Basing this off code [here](a8566c4f89/api/client.go (L30)
) and personal observation
2020-12-02 16:09:00 -07:00
Mike Green
f6138a98d1
clarify secret revoke during mount disable ( #10483 )
2020-12-02 12:55:47 -05:00
Austin Gebauer
a50cf45b23
corrects a typo in the azure secrets docs ( #10455 )
2020-11-25 12:26:04 -08:00
Mark Gritter
123b30631d
Added documentation for vault operator usage
. ( #10432 )
...
Co-authored-by: swayne275 <swayne@hashicorp.com>
2020-11-23 20:10:48 -06:00
Josh Black
b8ba047b35
Allow Vault Agent to run as a Windows service ( #10231 )
2020-11-23 14:24:32 -08:00
Hridoy Roy
9030ec32ef
Telemetry documentation: Lease Expiry Metrics ( #10377 )
...
* telemetry doc update
* upgraded telemetry configuration docs
* review comments update
2020-11-23 11:06:41 -08:00
Nick Cabatoff
dad10ddabc
Avoid using "KMS seal" since it causes confusion: some people think that excludes HSMs, and it's not obvious that Transit is a KMS. ( #10414 )
...
Highlight that recovery keys can't be used for recovery when an auto seal is broken (unfortunate name, that.)
2020-11-23 08:59:25 -05:00
Meggie
87df286a24
Update to list policy & some raft docs ( #10396 )
...
* Update to list policy docs
It seems
(https://github.com/hashicorp/vault/blob/master/http/logical.go#L137 ) we
do not require the trailing slash any more.
Also added notes about go-discover
* Added additional note on quorum
* Added link to remove-peer command
2020-11-20 17:14:28 -05:00
Roger Berlind
f5973c6dad
Change API token to ACL token ( #10425 )
2020-11-20 11:07:27 -08:00
Dave D'Amico
9ece4acead
remove space which caused formatting weirdness ( #10415 )
2020-11-18 11:08:06 -08:00
Yoko
d926031159
Add Learn links ( #10411 )
...
* Add Learn links
* Update website/pages/docs/secrets/transform/tokenization.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-11-17 16:56:30 -08:00
Michael Golowka
69bbecea78
Clarify JWT in kubernetes auth docs ( #10403 )
2020-11-16 16:45:12 -07:00
Yoko
492ed5b319
Update 'sane' default to say 'reasonable' default ( #10400 )
2020-11-16 14:19:18 -08:00
Michael Golowka
2cbd4a9e00
Add note about Database engine interface ( #10372 )
2020-11-13 10:44:21 -07:00
Scott Miller
ddcb15cef9
Link to transform concepts page in sidebar. ( #10392 )
...
* Link to transform concepts page in sidebar
* ,
2020-11-12 18:04:51 -06:00
Jim Kalafut
17fea5cea9
Add automated raft snapshots to sidebar ( #10387 )
2020-11-12 08:53:23 -08:00
Meggie
d511cef5df
Added upgrade note about go version ( #10385 )
2020-11-11 18:26:11 -05:00
Scott Miller
d17917341c
Transform doc fix ( #10383 )
...
* Add tokenization
* Fixes
2020-11-11 12:54:11 -06:00
Jim Kalafut
3cdad923f4
Add 1.6 Release Notes ( #10378 )
...
* Add 1.6 Release Notes
* Remove usage command
* Apply suggestions from code review
* Website version + CHANGELOG
Co-authored-by: Meggie <meggie@hashicorp.com>
2020-11-11 10:36:23 -05:00
Scott Miller
2db96ae7ac
Add upgrade note for Transform ( #10371 )
...
* Add upgrade note for tokenization
* nav
* Just 1.5
* Clarify relationship to API changes
Co-authored-by: Meggie <meggie@hashicorp.com>
2020-11-11 10:33:51 -05:00
Austin Gebauer
c62582e0de
docs: adds documentation for key management secrets engine ( #10353 )
...
Co-authored-by: Clint <catsby@users.noreply.github.com>
Co-authored-by: Yoko <yoko@hashicorp.com>
2020-11-10 09:28:28 -08:00
Dave D'Amico
1b2a198212
More info on when vm params are not needed ( #10362 )
...
* more info on when vm params are not needed
* more updates
2020-11-09 11:49:03 -08:00
Jim Kalafut
dae4bc5fbc
Update azure.mdx ( #10347 )
2020-11-09 11:20:06 -08:00
Scott Miller
b6b3ec79ca
Land Tokenization docs ( #10357 )
2020-11-09 10:58:54 -06:00
Josh Black
a361d1299b
Add plugin reload docs to the website sidebar ( #10108 )
2020-11-06 14:13:12 -08:00
Nick Cabatoff
48103c71fe
Add autosnapshot docs. ( #10338 )
2020-11-06 15:56:52 -05:00
Tom Proctor
61c5da6911
Update MongoDB Atlas plugin docs ( #10343 )
...
Root credential rotation not supported as the Vault user uses public/private keys instead of passwords to authenticate.
2020-11-06 19:16:48 +00:00
Brian Kassouf
caf65bfae7
Add new metrics to the telemetry page
2020-11-05 15:05:07 -08:00
Georges Jamous
fba851dbe9
Update raft.mdx ( #10329 )
2020-11-05 12:33:50 -08:00
aphorise
e5a6ef2df2
Elipse / triple dots missing in VAULT_TOKEN ( #9929 )
2020-11-05 09:54:26 -08:00
Jimmy Merritello
c087f5885b
Bump HSM version ( #10327 )
2020-11-05 12:53:25 -05:00
Mark Gritter
f742277996
Documentation for client count / activity log API. ( #10315 )
...
* Documentation for client count API.
* New concepts page
Co-authored-by: swayne275 <swayne@hashicorp.com>
2020-11-05 11:47:48 -06:00
Meggie
10a16574a6
Proposed changelog for the 1.6.0 RC ( #10328 )
...
* changelog++
I wasn't entirely sure what the changelog should look like for the release candidate.
* Updating website version
2020-11-04 18:23:15 -05:00
Austin Gebauer
e32e1e17c7
docs: clarify location of service account key file for google-specific OIDC handling ( #10313 )
2020-11-02 17:45:05 -08:00
Brian Kassouf
8af08c3221
Add an env var to enable a permit pool that limits lease expirations ( #10268 )
...
* Add a flag to enable a permit pool to gate lease expiration
* Use the env var to get the size
* Add logs and metris to help debug this
Co-authored-by: Hridoy Roy <roy@hashicorp.com>
2020-10-30 14:45:44 -07:00
Theron Voran
16eb1489d1
Update OIDC namespace_in_state docs ( #10269 )
...
To reflect the default of true for new configs.
2020-10-30 08:15:34 -07:00
Brian Kassouf
81a86f48e8
Backport some OSS changes ( #10267 )
...
* Backport some OSS changes
* go mod vendor
2020-10-29 16:47:34 -07:00
aphorise
f172eb9477
Docs - examples of IPv6 added in listener
section of configurations. ( #9601 )
2020-10-29 15:12:18 -04:00
akosuadenell
ab5b8bc6bf
Update index.mdx ( #10262 )
2020-10-29 12:04:48 -07:00
Hridoy Roy
f8a248ce48
Port: change leader status metric name to active ( #10245 )
...
* change active node metric name
* comment to see if commit is fine
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-10-29 10:30:45 -07:00
Jonas-Taha El Sesiy
b7cf4a05ff
Add support for Managed Identity auth for physical/Azure ( #10189 )
...
* Add support for Managed Identity auth for physical/Azure
Obtain OAuth token from IMDS to allow for access to Azure Blob with
short-lived dynamic credentials
Fix #7322
* add tests & update docs/dependencies
2020-10-28 15:04:26 -07:00
Jason O'Donnell
a4bcbb84e2
docs: fix k8s helm configuration rendering ( #10257 )
2020-10-28 10:51:40 -04:00
Hridoy Roy
0259be04e0
Port: Add metrics to report mount table sizes for auth and logical [Vault 671] ( #10201 )
...
* first commit
* update
* removed some ent features from backport
* final refactor
* backport patch
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MacBook-Pro.local>
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MBP.hitronhub.home>
2020-10-27 08:24:43 -07:00
Tom Proctor
e6807a0645
Docs: Support for scopes in MongoDB Atlas database plugin ( #10241 )
2020-10-27 13:24:51 +00:00
Jason Witkowski
ebfaa551eb
Add ability to specify region for OCI Storage Backend ( #9302 )
...
* Add ability to specify region for OCI Storage Backend
* Fix capitalization in Vault documentation
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-10-26 18:28:32 -04:00
Theron Voran
d8dc45f03f
UI/OIDC: allow passing namespace in state ( #10171 )
...
* UI/OIDC: allow passing namespace in state
Suppport in the UI OIDC callback flow to parse namespace out of the
state parameter instead of a separate query parameter in the
redirect_uri. Includes docs for the option that enables this behavior
in the JWT plugin.
* 1.6 wordsmithing
* pass_namespace_in_state -> namespace_in_state
* re-wording
* use strict equals
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-10-26 18:17:21 -04:00
Michael Golowka
e07fe992ef
DBPW - Add readme to dbplugin package ( #10230 )
2020-10-26 13:57:02 -06:00
Theron Voran
b705d71ae7
Add info about aws timeouts to docs ( #10209 )
...
In auth/aws, seal/awskms, and secrets/aws, storage/s3, and
storage/dynamodb.
One blurb for the docs pages and one for the .0 upgrade pages.
2020-10-26 11:15:59 -07:00
Aleksandr Bezobchuk
95bbd8d920
Merge PR #10192 : Auto-Join: Configurable Scheme & Port (and add k8s provider)
2020-10-23 16:13:09 -04:00
Ryan Treat
d5169bae28
Update Venafi Secrets Engine doc to account for recent enhancements ( #10221 )
2020-10-22 16:25:37 -07:00
Meggie
ecaa561262
Updating latest version to 1.5.5 on website ( #10208 )
2020-10-21 19:27:43 -04:00
Jason O'Donnell
cdcbac013b
docs: update helm to 0.8.0 ( #10190 )
...
* docs: update helm to 0.8.0
* Fix formatting
* Add allowed values to failurePolicy
2020-10-20 15:47:47 -04:00
Jason O'Donnell
2dbd6dd098
Update injector docs for 0.6.0 ( #10186 )
2020-10-20 13:09:37 -04:00
Mike Green
77ea265a0a
Clarify prometheus_retention_time to 0 ( #10187 )
...
zero prometheus_retention_time will disable.
2020-10-20 11:51:08 -04:00
Michael Golowka
ec29078acb
DBPW - Update docs with password policies & new Database interface ( #10138 )
2020-10-19 15:58:09 -06:00
Jeff Escalante
ee6dafcf45
fix press kit ( #10169 )
2020-10-18 22:07:58 -07:00
Julien Rottenberg
6c6dc2bfbb
Fix for broken link ( #10152 )
2020-10-16 16:44:33 -07:00
davidadeleon
ab18a74c08
Updated missing code encoding around two path references ( #10161 )
2020-10-16 16:26:28 -07:00
Aleksandr Bezobchuk
0d6a0ec589
Merge PR #10010 : Rate Limit Quotas: Allow Exempt Paths to be Configurable
2020-10-16 14:58:19 -04:00
Jimmy Merritello
767c3cd29f
Update HSM version w/ waypoint ( #10154 )
2020-10-15 12:55:20 -04:00
Peter Souter
feaafb2c3a
Adds note that it requires a PEM-encoded file ( #10145 )
2020-10-14 16:43:07 -07:00
Jimmy Merritello
4d9a2c44ca
[Website] Bump HSM version ( #10149 )
...
* Bump HSM version
* Updated pkg
2020-10-14 14:32:48 -04:00
Jim Kalafut
a23ed17806
Add GCS storage change to 1.5.0 upgrade guide ( #10139 )
2020-10-14 07:34:47 -07:00
Hridoy Roy
771da35261
upgrade docs for new telemetry [VAULT-672] ( #10137 )
...
* upgrade docs for new telemetry
* Update telemetry.mdx
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-10-14 06:52:23 -07:00
Connor
8b1a3301f0
Add telemetry for LRU cache ( #10079 )
...
Vault creates an LRU cache that is used when interacting with the
physical backend. Add telemetry when the cache is hit, missed, written
to and deleted from. Use the MetricSink from ClusterMetrics
2020-10-13 10:11:54 -05:00
Calvin Leung Huang
95c5f60055
docs/ssh: update algorithm_signer param after #9824 ( #10126 )
2020-10-09 15:42:11 -07:00
Jimmy Merritello
ec133d98a2
Add new HashiStackMenu ( #10105 )
2020-10-09 12:15:38 -04:00
James Connor
86e79f6f26
lease_renewable false on STS AWS credentials ( #10115 )
...
See #1804
2020-10-08 10:25:01 -07:00
Peter Souter
c48ec9cfc3
Adding note about commands that are root only ( #10098 )
...
* We don’t specifically note anywhere that these
have to be run from root, so makes sense to add
2020-10-08 09:46:43 -07:00
Martin Baillie
09aa3dfa6c
Add reference to community GitHub secrets plugin ( #10111 )
2020-10-08 09:45:42 -07:00
Josh Black
088c6c7364
Add API docs for sys/monitor ( #9968 )
2020-10-07 11:53:07 -07:00
Josh Black
3e278b33dc
Clarify docs around audit non-hmac request and response keys ( #10018 )
2020-10-06 10:43:32 -07:00
Michel Vocks
dc5a0da770
Pull latest raft updates ( #10055 )
...
* Implement raft peers metric
* Remove old peers metric
* Update vault raft dependency
* Add peer_id docs
2020-10-05 16:36:48 +02:00
Meggie
da82b2096d
Adding an UG note on primary_cluster_addr behavior ( #10071 )
2020-10-02 13:25:09 -04:00
Troy Fluegge
2b9b41115a
Update index.mdx ( #10064 )
...
Reworded disable_mlock to remove confusion regarding what is acceptable for production deployments. Disabling mlock is alright for production given the additional security recommendations are implemented. Disabling mlock is also recommended for integrated storage
2020-10-01 15:31:03 -07:00
Aleksandr Bezobchuk
a3cfa7c447
Merge PR #10059 : Port OSS changes from #1497
2020-10-01 15:15:20 -04:00
Andy Assareh
ab7cd4f8db
corrected typo in "certificate" ( #9916 )
2020-09-28 17:39:01 -07:00
Andy Assareh
818120b401
corrected a missing noun ( #9917 )
2020-09-28 17:38:39 -07:00
Wacław Schiller
5d419f73c3
Minor fix to audit documentation ( #10047 )
2020-09-28 16:04:45 -07:00
Theron Voran
2ba19c3f16
Update k8s auth docs for new parameter ( #9992 )
...
Adds info about the disable_local_ca_jwt parameter.
Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-09-25 11:17:28 -07:00
Meggie
44b255ab61
Updating version for website to 1.5.4 ( #10040 )
2020-09-25 13:50:09 -04:00
Hridoy Roy
a20fe5c066
moved the documentation to kv2 page ( #10017 )
...
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-22 11:58:00 -07:00
Lauren Voswinkel
15e608c0ed
Update AD secret engine docs for root cred rotation ( #9990 )
2020-09-21 16:21:14 -07:00
Meggie
9190860cc0
docs: Change sidebar labeling to use Integrated Storage ( #10002 )
...
I changed some verbiage in the page as well.
2020-09-21 15:55:36 -04:00
Mike Green
9eb1fb1df4
minor only ha_storage clarification ( #10001 )
2020-09-21 13:06:03 -04:00
Sebin John
9b3e244e40
Fix doc formatting. ( #9994 )
2020-09-21 10:01:43 -07:00
acahn
795b118941
Update index.mdx ( #9950 )
...
MongoDB Atlas Language modernization update
2020-09-16 12:02:34 -07:00
Lauren Voswinkel
5740e1ff9e
5844 AWS Root Credential Rotation ( #9921 )
...
* strip redundant field type declarations
* root credential rotation for aws creds plugin
* Change location of mocks awsutil and update methods that no longer exist
* Update website/pages/docs/auth/aws.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
* Update sdk version to get the awsutil mock file
* Re-vendor modules to pass CI
* Use write lock for the entirety of AWS root cred rotation
* Update docs for AWS root cred rotation for clarity
Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-09-15 15:26:56 -07:00
Scott Miller
4062c8a5c3
Add a note on performance and availability to the HSM behavior docs ( #9923 )
2020-09-14 11:28:23 -05:00
Jason O'Donnell
9a9d886a2d
doc: add VAULT_DISABLE_MLOCK env ( #9933 )
2020-09-11 13:57:09 -04:00
Alexander Bezobchuk
444f2b5469
Merge PR #9922 : Document rate limit list API
2020-09-11 08:54:21 -04:00
Mike Green
8d3b8440e8
Docs: Add that vault deletes IAM user ( #9919 )
2020-09-10 15:23:41 -07:00
Jim Kalafut
51a1ccea1c
Update upgrade guides for latest releases ( #9908 )
2020-09-08 16:53:43 -07:00
Kevin Pruett
7da4317b49
Integrate @hashicorp/react-search into layout ( #9868 )
2020-09-08 14:17:36 -07:00
Jeff Escalante
33cf45440a
improve mobile styling for columns component ( #9899 )
2020-09-04 15:12:01 -07:00
Jason O'Donnell
fe7229028f
docs: add required/optional to kerberos autoauth config ( #9897 )
...
* docs: add required/optional to kerberos autoauth config
* Remove double space
2020-09-04 17:20:21 -04:00
Mark Gritter
f12719fbde
Add upgrade note about the KV metric crash. ( #9882 )
...
Co-authored-by: swayne275 <swayne275@gmail.com>
2020-09-02 22:19:09 -05:00
Calvin Leung Huang
63d484b831
docs: fix URL for plugin portal mdx page ( #9885 )
2020-09-02 17:20:00 -07:00
Calvin Leung Huang
744623746a
docs: add a plugin portal page ( #9590 )
...
* docs: add a plugins directory page
* docs: remove divs on the plugins directory page
* add columns
* tag component
* docs: use tags on plugins directory
* docs: revert tags on plugins directory for now
* fix header for official plugins
* add note on submission for community plugins
* s/plugins directory/plugin portal/
* move portal page into docs section
* tag oracle db as external, fix kerberos misspelling
* include gh issue template as submission form
Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-09-02 16:25:06 -07:00
Theron Voran
4fa8cc422a
Updating the vault injector connectivity docs ( #9783 )
...
Adding more detail about connectivity requirements, noting that
masters sometimes need to connect to workers on :8080, and
considerations when Vault is running outside of Kubernetes.
2020-09-02 14:07:31 -07:00
Jason O'Donnell
d10a000e2f
docs: add injector tls setup ( #9871 )
...
* docs: add injector tls setup
* Add missing prompts
* Grammar
* fix sidebar
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Move note before command
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-09-02 11:36:21 -04:00
Meggie
31a52a7a05
Update version.js ( #9858 )
2020-08-31 13:27:49 -04:00
Jason O'Donnell
b2110a2e87
docs: add ldap ppolicy to enforce password hashing ( #9856 )
...
* docs: add ldap ppolicy to enforce password hashing
* formatting
* grammar
* Clarify password policy doc
2020-08-31 13:05:27 -04:00
Jim Kalafut
b61f080daf
Update docs to add EdDSA to supported algorithms ( #9854 )
2020-08-29 10:30:05 -07:00
Calvin Leung Huang
0d723e54a9
docs: add tls settings on cert auto-auth's config page ( #9848 )
2020-08-27 19:21:32 -07:00
Michael Ethridge
a71798a445
TLS Cert Authentication example updates ( #9735 )
...
* TLS Cert Authentication example updates
- Updated the Cert Auth example description to clarify which CA
should issue the certificate.
- Removed `-ca-cert` parameter from examples as this caused
confusion. Is this the auth CA or the CA of the listener?
* Return CA parameter to examples, add Note
- Returned CA parameter to login examples
- Added note above examples to explain which CA is being used in CLI
- Updated examples in API doc to use httpS
- Added note above login example to explain wich CA is being used
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-08-27 17:47:16 -07:00
Jim Kalafut
ba1adb6d22
Update Known Issues ( #9847 )
...
Provide information about AWS IAM fix versions.
2020-08-27 16:48:44 -07:00
Austin Gebauer
b96f073e23
docs: fixes rollback_statements description and some punctuation ( #9836 )
2020-08-26 16:49:17 -07:00
Scott Miller
4c4fb54806
Aws auth fixes ( #9825 )
...
* Bring over PSIRT-37 changes from ENT
* Add additional allowed headers
* Already had this one
* Change to string slice comma separated parsing
* Add allowed_sts_header_values to read output
* Only validate AWS related request headers
* one per line
* Import ordering
* Update test
* Add X-Amz-Credential
* Reorder imports
2020-08-25 17:37:59 -05:00
Jason O'Donnell
052dea6e57
doc: update vault-helm to 0.7.0 ( #9810 )
...
* doc: update vault-helm to 0.7.0
* Fix typo in agent image
* Remove doc from sidebar
* Update website/pages/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Clint <catsby@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Clint <catsby@users.noreply.github.com>
* Add note about prometheus
Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-08-24 19:03:36 -04:00
Jason O'Donnell
dfd5e2d532
vault-k8s: add new annotations for 0.5.0 ( #9804 )
...
* vault-k8s: add new annotations for 0.5.0
* feedback revision
2020-08-24 13:20:29 -04:00
Jim Kalafut
8815905114
Add Known Issue for AWS IAM logins ( #9798 )
...
* Add Known Issue for AWS IAM logins
* Add note about license issue
2020-08-21 15:21:56 -07:00
Andy Baran
dffd0dfa4b
K8s docs cross reference ( #9795 )
...
* add links to commonly reference Learn site docs
* fixed markdown links
* Moved Deployment Guide to "Guides" subs section
2020-08-21 15:03:01 -04:00
Mark Gritter
6cd00407ad
Add vault.metrics.collection.* metrics to documentation. ( #9796 )
2020-08-21 13:27:30 -05:00
Meggie
275a34476c
Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5 ( #9793 )
...
* Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5
* Recommend against using these versions
* Re-running checks
* Update docs-navigation.js
2020-08-20 18:57:44 -04:00
ncabatoff
7f7ac71746
Document allowed_domains_template. ( #9751 )
2020-08-20 09:54:52 -04:00
ncabatoff
f20f3747c7
New seal migration strategy doesn't work in 1.4. ( #9765 )
2020-08-20 09:54:28 -04:00
Junya Ogasawara
0a13195450
Reduce a required permission for OIDC with AzureAD ( #9785 )
...
`Group.Read.All` is too permissive policy to achieve external groups
feature. `GroupMembers.Read.All` is enough for that purpose.
MicroSoft Graph API Permission reference follows
https://docs.microsoft.com/en-us/graph/permissions-reference#application-permissions-23
2020-08-20 00:00:31 -07:00
Martin Hristov
ac36da333d
Add note for AD domain usernames in MSSQL ( #9743 )
...
Adding a note that `vaultuser` might be part of the AD domain like `DOMAIN\vaultuser`.
2020-08-18 10:35:21 -06:00
Tom Proctor
ba9d1b6fbf
Couchbase database plugin documentation ( #9764 )
2020-08-18 15:57:18 +01:00
Lauren Voswinkel
b2a106a931
Add a section to the MySQL secrets plugin docs about x509 ( #9757 )
2020-08-17 16:29:51 -07:00
arnis
fd6e0eb543
Update documentation for MySQL Secrets Engine ( #9671 )
...
* Update documentation for MySQL Secrets Engine
Update documentation for MySQL Database Secrets Engine to reflect changes introduced with https://github.com/hashicorp/vault/pull/9181
* Empty Commit to re-trigger tests
Co-authored-by: Lauren Voswinkel <lvoswinkel@hashicorp.com>
2020-08-17 15:30:33 -07:00
Michael Golowka
edc40a1767
Correctly mark Cassandra as not supporting static roles ( #9750 )
2020-08-17 14:36:32 -06:00
Theron Voran
f0f576f5bf
Restoring the example policies for blocking sha1 ( #9677 )
...
(In the transit api-docs)
2020-08-17 10:30:06 -07:00
ncabatoff
893e15bdbf
Document the new SSH signing algorithm option. ( #9197 )
2020-08-17 13:03:44 -04:00
Scott Miller
5b003b06f8
Trail of bits 018 ( #9674 )
...
* TOB-018 remediation
* Make key derivation an optional config flag, off by default, for backwards compatibility
* Fix unit tests
* Address some feedback
* Set config on unit test
* Fix another test failure
* One more conf fail
* Switch one of the test cases to not use a derive dkey
* wip
* comments
2020-08-17 11:36:16 -05:00
Alexander Bezobchuk
f873863263
Merge PR #9667 : Rate Limit Backoff
2020-08-16 22:09:18 -04:00
Meggie
ca65131543
Added upgrade guidance on mount -> path filters ( #9712 )
2020-08-12 10:54:56 -04:00
Austin Gebauer
00a0d043be
docs: fix sentence in vault debug command ( #9725 )
2020-08-11 20:24:37 -07:00
Jeff Escalante
a28209ad6d
small change to make github star count display correctly ( #9718 )
2020-08-11 17:06:23 -04:00
Kyle MacDonald
eb923f30b1
website: update favicon refs ( #9713 )
2020-08-11 13:56:25 -04:00
Geoffrey Grosenbach
967d9b85da
Updates URLs to match new paths at Learn ( #9679 )
...
Previous URLs which included a track in the querystring now go to standard paths instead.
2020-08-10 13:40:09 -07:00
Tom Proctor
494cdf5bcb
Add docs for OpenLDAP plugin's new AD schema ( #9619 )
2020-08-10 10:24:38 +01:00
Mark Gritter
3a9619fb05
Add explanation of "keys" field. ( #9676 )
2020-08-07 12:11:11 -05:00
ncabatoff
b01fda0e04
Add docs for CSR signing. ( #8899 )
2020-08-07 10:45:12 -04:00
Austin Gebauer
db9993335c
docs: fixes environment variable in azure secrets config API ( #9678 )
2020-08-06 17:11:18 -07:00
Zalary Young
5100624d5c
Merge PR #9628 : add audit_non_hmac_request_keys to payload example for tune
2020-08-06 15:27:03 -04:00
Scott Miller
6cf859632a
Remove weird TTL special case documentation from cubbyhole ( #9669 )
2020-08-05 16:20:24 -05:00
aphorise
c9fb408b60
Docs - /system/unseal Typo - Resolves : #9659 ( #9660 )
2020-08-05 08:33:47 -04:00
Jim Kalafut
9b3719d9ce
Update OpenLDAP docs ( #9648 )
...
Add link to API docs.
2020-07-31 17:25:27 -07:00
Andy Assareh
76894f7dcb
curl command incorrect: ---header should be --header ( #9643 )
2020-07-30 14:55:42 -07:00
Austin Gebauer
837ec00859
docs: fix gcpkms steps for asymmetric decryption and asymmetric signing ( #9638 )
2020-07-30 10:50:23 -07:00
Mark Gritter
51b6dfb097
Add new page documenting limits. ( #9592 )
...
* Add new page documenting limits.
* Add some identity metrics not previously documented.
* Updated limits based on compression experiments.
* Add Transit key rotation limits, and link to Transform size limit.
2020-07-29 16:18:04 -05:00
Alexander Bezobchuk
1e262e5648
Merge PR #9581 : Rate Limit Quota Headers
2020-07-29 15:15:05 -04:00
Michael Golowka
1bd4502b92
Mark MongoDB Atlas as supporting static creds ( #9624 )
...
Also fixes some links that are not rendering properly with a newline
between the text and the link.
2020-07-29 11:39:53 -06:00
Austin Gebauer
082a034cfa
docs: add missing parameters to the gcpkms key create/update API ( #9612 )
2020-07-28 13:53:27 -07:00
Jeff Escalante
290c6d7187
Fix broken links in website footer ( #9613 )
...
* add security page and press kit
* github link correction
2020-07-28 16:22:35 -04:00
ncabatoff
43d8c304c5
Remove obsolete kms->shamir warning. Add warning about taking a backup. ( #9614 )
2020-07-28 16:13:57 -04:00
Jim Kalafut
70d964d420
Update OIDC docs ( #9599 )
...
Clarify that verbose logging is to the server logs.
2020-07-27 08:51:59 -07:00
ncabatoff
c3c253e76c
Add upgrade note for okta issue. ( #9587 )
2020-07-27 11:36:17 -04:00
Scott Miller
8a5b97198c
Fix navigation for the Sentinel config and clarify module usage ( #9588 )
2020-07-27 09:52:46 -05:00
Austin Gebauer
cca5bb3ba6
docs: fix sentence in gcp secrets by removing unneeded word ( #9585 )
2020-07-24 07:36:06 -07:00
Yoko
39fb31559f
Add cross-referencing links to learn tutorials ( #9562 )
...
* Add cross-referencing link to learn
* Fix grammar
* Update website/pages/docs/concepts/password-policies.mdx
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-07-23 07:56:00 -07:00
Michael Golowka
295b0573c1
Docs: Update MongoDB to support root credential rotation ( #9559 )
...
* Update MongoDB to support root credential rotation
2020-07-22 14:56:11 -06:00
Mark Gritter
5fc28fe65a
Fix links to documentation. ( #9570 )
...
* Fix links to documentation.
* Add 1.5.0 upgrade nodes to navigation.
2020-07-22 15:55:41 -05:00
ncabatoff
645e8b6521
Add upgrade note for #9555 . ( #9569 )
2020-07-22 16:24:06 -04:00
Mark Gritter
5d9a1caba1
Add upgrade note for #9553 . ( #9563 )
...
* Add upgrade note for #9553 .
* Note that these are metrics introduced in 1.5.0.
* Added link to docs.
2020-07-22 14:47:48 -05:00
Alexander Bezobchuk
f3587c341b
Merge PR #9089 : Initial 1.5.0 Upgrade Doc
2020-07-22 15:23:02 -04:00
Austin Gebauer
56bc00bed8
Adds documentation for OIDC provider specific extension for G Suite ( #9454 )
...
* docs: adds documentation for JWT/OIDC google provider specific handling
* use may instead of will for identity group alias association
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* adds missed parentheses
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* adds missed parentheses
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
* reword sentence referring to key file for Google service account
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* add styles to emphasize security step
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-07-22 12:18:58 -07:00
Scott Miller
068e080c27
Add sentinel configuration stanza documentation to OSS ( #9558 )
2020-07-22 13:07:51 -05:00
Alexander Bezobchuk
b642b1ddd7
Merge PR #9544 : docs: add pages to sidebar
2020-07-22 09:28:56 -04:00
Meggie
692200c47b
Link to release notes on downloads page ( #9546 )
...
* Link to release notes on downloads page
* Per Jeff E's comment linking to index
2020-07-21 18:11:32 -04:00
Austin Gebauer
66c8032fb5
docs: specify which JWT/OIDC role params support JSON pointer syntax in API docs ( #9518 )
2020-07-21 11:20:10 -07:00
Austin Gebauer
87172c3fbb
docs: changes the default alias names in the GCP auth API docs to role_id for both IAM and GCE ( #9494 )
2020-07-21 10:22:24 -07:00
Jason O'Donnell
a3e0620cd4
doc: add k8s probe notes to helm doc ( #9543 )
2020-07-21 12:40:43 -04:00
Meggie
259aa74728
docs: add release notes ( #9540 )
...
* Create nav for release notes
* Update 1.5.0.mdx
Initial release notes
* Update 1.5.0.mdx
Minor edits
* Update 1.5.0.mdx
Made a small grammatical edit
* Update 1.5.0.mdx
Changed a period to a colon
* Update 1.5.0.mdx
Some minor formatting changes
* Update 1.5.0.mdx
Changes to the Splunk app description
* Update 1.5.0.mdx
Small change to the vault monitor command description
* Update 1.5.0.mdx
Small change to the description of the vault monitor command
* Update 1.5.0.mdx
Added link to the Splunk app for Monitoring Vault
* Updating version
* Capitalization consistency
Co-authored-by: Andy Manoske <andy@hashicorp.com>
Co-authored-by: Darshana Sivakumar <darshana10@gmail.com>
2020-07-21 12:23:03 -04:00
Jason O'Donnell
13cc4295b5
doc: remove beta warnings for openshift ( #9541 )
2020-07-21 10:43:41 -04:00
Scott Miller
fdb2fc612e
API and upgrade docs for global plugin reload ( #9487 )
2020-07-17 13:39:24 -05:00
Austin Gebauer
6bc9696a51
Replaces storage backend with secrets engine in the gcp secrets docs ( #9511 )
2020-07-16 17:43:47 -07:00
Alexander Bezobchuk
ea13485c7d
Merge PR #9502 : Resource Quotas: Remove 'burst' Param from Rate Limiter
2020-07-16 14:34:43 -04:00
Vishal Nayak
4e4cb5289a
Fetch quota by name before updating it ( #9466 )
...
* Fix quotas update
* Update doc
2020-07-15 13:25:00 -04:00
Mike Jarmy
11b10f21b7
Update the seal migration docs ( #9432 )
...
* update the seal migration docs
* Update website/pages/docs/concepts/seal.mdx
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-07-15 11:55:28 -04:00
Meggie
f5a81882b5
Add RC note on downloads page ( #9473 )
2020-07-13 18:43:30 -04:00
Theron Voran
a7522738b9
docs: Updating vault-helm service_registration docs ( #9417 )
...
* Adding notes about ingress and route requirements
Specifically that they require vault 1.4 with service_registration
enabled. Also removed a stray block about extraVolumes.
2020-07-10 13:02:51 -07:00
Michael Golowka
23a3375f98
Add links to API docs ( #9442 )
2020-07-10 12:55:43 -06:00
Mark Gritter
ca21cb93df
Documentation fixes on metric names ( #9419 )
...
Make the names of WAL metrics exactly match their implementation.
Add `vault` prefix to be consistent everywhere.
Co-authored-by: Alexander Bezobchuk <alexanderbez@users.noreply.github.com>
2020-07-08 13:16:42 -05:00
Larry Eichenbaum
f5fcf04a73
Document OSS->ENT upgrade process ( #9414 )
2020-07-08 09:17:27 -04:00
Michael Golowka
6d86988d0b
Update GCP auth docs with warning about token impersonation ( #9418 )
2020-07-07 17:09:12 -06:00
Alexander Bezobchuk
a282864793
Merge PR #9342 : Resource Quotas Doc
2020-07-07 11:42:01 -04:00
Jeff Escalante
dcc05e8aed
learn -> tutorials in subnav ( #9391 )
2020-07-06 18:47:59 -04:00
Trishank Karthik Kuppusamy
94b4545a69
Merge PR #9388 : Update tokens.mdx
2020-07-06 09:22:50 -04:00
DevOps Rob
230656ccf4
adding a note to the docs to make it clear that the token needs to be unlimited to create child tokens ( #9397 )
2020-07-03 09:00:14 -07:00
Meggie
866576cde8
Changing changelog headers and update version ( #9393 )
2020-07-02 19:46:41 -04:00
Jeff Escalante
a3371f6242
🌷 Website Maintenance ( #9140 )
...
* another round of maintenance
- apply stylelint
- run eslint across all files
- remove unneeded font import
- add jsconfig and import from absolute pahts
- remove unneeded experimental nextjs config
- update all dependencies
* refreshing with the latest dep updates
2020-07-02 14:24:34 -04:00
Geoffrey Grosenbach
93b37de1bc
Mention Linux packages on install page ( #9314 )
...
* Update install docs to mention Linux packages
We now build packages for Debian, Ubuntu, CentOS, etc. This removes language
about "we have no plans to build packages" and adds links to step by step guides
for adding a GPG key and the official repository.
* Fix URL to Learn Vault install page
A Linux section previously existed but now it is in the general install section.
* Fix Markdown for multi-step compile from source
The steps were previously marked up as an ordered list but the numbers didn't
display correctly. This outdents the code so it's a series of paragraphs instead
of an ordered list.
2020-07-02 13:51:02 -04:00
Roger Berlind
15d8ed3f82
request.connection.remote_addr only has IP ( #9326 )
...
* request.connection.remote_addr only has IP
The request.connection.remote_addr property exposed to Sentinel only has an IP.
It does not include a port.
I tested this in a policy with `print("remote address:", request.connection.remote_addr)` and got back 150.10.0.26.
* Update website/pages/docs/enterprise/sentinel/properties.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-07-02 10:47:44 -07:00
Josh Black
44a7e3661d
Update replication status API docs with new fields ( #9215 )
2020-06-29 15:11:17 -07:00
Josh Black
dc2b5c1830
Add docs for vault monitor ( #9218 )
2020-06-29 12:23:31 -07:00