Commit graph

804 commits

Author SHA1 Message Date
Christopher Swenson 9de0dbaef9
Add note about X.509 SHA-1 deprecation to relevant plugins (#15672)
Add note about X.509 SHA-1 deprecation to relevant plugins

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-06-01 12:41:11 -07:00
amcbarnett 413cc2e4c0
Update fips1402.mdx (#15598)
* Update fips1402.mdx

Added Link to new Compliance letter and details on what makes this different from Seal Wrap

* Update website/content/docs/enterprise/fips/fips1402.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/fips/fips1402.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/fips/fips1402.mdx

* Update website/content/docs/enterprise/fips/fips1402.mdx

* Update website/content/docs/enterprise/fips/fips1402.mdx

* Update website/content/docs/enterprise/fips/fips1402.mdx

* Update website/content/docs/enterprise/fips/fips1402.mdx

Co-authored-by: Alexander Scheel <alexander.m.scheel@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-06-01 11:02:11 -04:00
Pratik Khasnabis af5e65e9bd
Update to fix the concept of root key, which is not sharded as written here. (#15726)
This explanation of root key is incorrect. Root key is not sharded and reconstructed. The root key is encrypted by the unseal key which is sharded and reconstructed back in the unsealing process.
The explanation differed from the correct one at https://www.vaultproject.io/docs/concepts/seal
2022-06-01 09:54:26 -04:00
Loann Le 47fc5311e8
updated learn link (#15717) 2022-05-31 14:55:06 -07:00
Tom Proctor 1c2f3c8ddf
docs: Improve sample commands for querying k8s API (#15686) 2022-05-31 21:20:31 +01:00
Steven Clark 2e215975ff
Add integration tests for aliased PKI paths (root/rotate, root/replace) (#15703)
* Add integration tests for aliased PKI paths (root/rotate, root/replace)

 - Add tests for the two api endpoints
 - Also return the issuer_name field within the generate root api response

* Add key_name to generate root api endpoint response and doc updates

 - Since we are now returning issuer_name, we should also return key_name
 - Update the api-docs for the generate root endpoint responses and add
   missing arguments that we accept.
2022-05-31 15:00:20 -04:00
Austin Gebauer 7a88c86db2
auth/gcp: adds documentation for custom endpoint overrides (#15673) 2022-05-31 10:16:24 -07:00
Jim Kalafut c9a0fdb4ff
Fix K8s secrets docs typo (#15695) 2022-05-31 08:10:15 -07:00
Steven Clark 69296e9edf
Add a little more information about PKI and replicated data sets to the PKI docs. (#15683)
* Add a little more information about PKI and replicated data sets.

 - Add a TOC to the PKI considerations page
 - Merge in the existing certificate storage into a new Replicated DataSets
   section
 - Move the existing Cluster Scalability section from the api-docs into the
   considerations page.
2022-05-31 10:04:51 -04:00
Alexander Scheel 1331c2aa12
Add recommendations on key types and PKI performance (#15580)
* Add recommendations on key types and PKI performance

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update website/content/docs/secrets/pki/considerations.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2022-05-31 09:21:16 -04:00
akshya96 4c45c909ee
adding documentaion changes (#15656) 2022-05-27 15:08:19 -07:00
Christopher Swenson 23c135f2a6
docs/k8s: update for latest helm release 0.20.1 (#15647) 2022-05-26 11:59:54 -07:00
Austin Gebauer 4d9f3431b8
secrets/mongodbatlas: adds missing organization_id to API docs (#15624) 2022-05-26 08:08:29 -07:00
Loann Le 21d9ff0d99
added a reference to a note for deprecated features (#15610) 2022-05-25 15:24:34 -07:00
Theron Voran f38f0ee323
docs/database/elasticsearch: use_old_xpack option (#15601)
Also creating/adding a note to the 1.11 upgrade guide
2022-05-25 12:15:42 -07:00
John-Michael Faircloth fc04699f57
Fix plugin reload mounts (#15579)
* fix plugin reload mounts

* do not require sys/ prefix

* update plugin reload docs with examples

* fix unit test credential read path

* update docs to reflect correct cli usage

* allow sys/auth/foo or auth/foo

* append trailing slash if it doesn't exist in request

* add changelog

* use correct changelog number
2022-05-25 13:37:42 -05:00
Tom Proctor 46b1a119dd
Add API docs for Kubernetes secrets engine (#15564)
* Add API docs for Kubernetes secret engine
* alphabetical ordering for K-items in docs sidebar

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Christopher Swenson <swenson@swenson.io>
2022-05-25 18:25:19 +01:00
Christopher Swenson 5f9386abad
Add deprecation note about X.509/SHA-1 (#15581)
Add deprecation note about X.509/SHA-1

In preparation for moving to Go 1.18 in Vault 1.12.

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-05-25 10:11:17 -07:00
Brian Kassouf df8ae055be
Add an API for exporting activity log data (#15586)
* Add an API for exporting activity log data

* Add changelog entry

* Switch to error logs
2022-05-24 17:00:46 -07:00
Peter Wilson bcb30223bf
Added support for VAULT_PROXY_ADDR + Updated docs (#15377)
Updated documentation to describe the behavior when supplying `VAULT_HTTP_PROXY`. Also added support for `VAULT_PROXY_ADDR` as a 'better name' for `VAULT_HTTP_PROXY`.
2022-05-24 13:38:51 -04:00
davidadeleon 0026788d4b
api/monitor: Adding log format to monitor command and debug (#15536)
* Correct handling of "unspecified" log level

* Setting log-format default on monitor path

* Create changelog file

* Update website/content/api-docs/system/monitor.mdx

Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>

Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
2022-05-24 13:10:53 -04:00
Loann Le 9dd1a4ff93
Vault documentation: reorganized docs by moving recovery key description (#15563)
* reorg docs for recovery keys

* fixed a sentence

* Minor format update & removed duplicated notes

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-05-23 15:42:57 -07:00
Austin Gebauer 6fe639eb35
auth/okta: documents API token minimal permissions (#15566) 2022-05-23 14:57:14 -07:00
Alexander Scheel 36c981bfe4
Add more PKI usage best practices to documentation (#15562)
* Add note about cross-cluster CRL URIs

As suggested by Ricardo Oliveira, thanks!

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add note that short TTLs are relative to quantity

As suggested by Ricardo Oliveira, thanks!

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add note to make sure default is configured

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add note about automating certificate renewal

As suggested by Ricardo Oliveira, thanks!

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-23 12:00:24 -04:00
Alexander Scheel 92dbe3b22a
Fix Learn->Tutorial in internal PKI docs (#15531)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-23 11:53:13 -04:00
Chris Capurso 6d62f9a4ed
FAQ doc updates for removal of stored licenses in 1.11 (#15314)
* initial updates for license FAQs for 1.11

* add links, tense fixes

* Update deprecation doc link

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* fix links

* fix a couple missed version-specific links

* change 1 to one

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-05-23 11:42:58 -04:00
Alexander Scheel 464da0ee46
Link FIPS binary sources from the FIPS docs (#15554)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-20 16:18:51 -05:00
Christopher Swenson 644345b1cc
Add usage documentation for new Kubernetes Secrets Engine (#15527)
Add usage documentation for new Kubernetes Secrets Engine

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2022-05-20 13:37:15 -07:00
Alexander Scheel 69b870d675
Add role patching test case (#15545)
* Add tests for role patching

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Prevent bad issuer names on update

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation on PATCH operations

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-20 15:30:22 -04:00
Loann Le 76ec17215e
Vault documentation: updated key share/unseal images (#15526)
* updated images

* added new image files
2022-05-20 10:59:30 -07:00
Jason Peng a331575c01
Update oracle.mdx (#15257)
Added Alpine Linux restrictions as https://github.com/hashicorp/vault-plugin-database-oracle pointed out.
2022-05-20 13:40:05 -04:00
Alexander Scheel 59ccb9cc05
Fix typo in allowed_uri_sans_template doctype (#15537)
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-20 12:23:50 -04:00
Alexander Scheel 2b337b3be9
Clarify KU/EKU parameters on sign-verbatim (#15535)
* Clarify KU/EKU parameters on sign-verbatim

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify default in empty list
2022-05-20 11:56:31 -04:00
Alejandro Medina f969c05772
Update seal.mdx (#15463) 2022-05-20 08:43:05 -04:00
Andy Assareh c559f6e8b7
typo: adding missing word 'may' (#14503) 2022-05-20 08:41:51 -04:00
Andy Assareh d0fb5bd986
typo: embeds -> embedded (#15520) 2022-05-20 08:33:34 -04:00
claudex 226d7c4c59
Fix typo in documentation (#15530) 2022-05-20 08:22:57 -04:00
Loann Le 201ac71da6
Vault documentation: updated all references from Learn to Tutorial (#15514)
* updated learn to tutorial

* correct spelling
2022-05-19 18:04:46 -07:00
Alexander Scheel faea196991
Rebase #14178 / Add not_before_duration API parameter to Root/Intermediate CA generation (#15511)
* PKI - Add not_before_duration API parameter to:
  - Root CA generation
  - Intermediate CA generation
  - Intermediate CA signing

* Move not_before_duration to addCACommonFields

This gets applied on both root generation and intermediate signing,
which is the correct place to apply this.

Co-authored-by: guysv <sviryguy@gmail.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Resolves: #10631

Co-authored-by: guysv <sviryguy@gmail.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add test case for root/generate, sign-intermediate

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update path role description

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add new not_before_duration to relevant docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: guysv <sviryguy@gmail.com>
2022-05-19 12:35:08 -04:00
Alexander Scheel f3d52108b4
Add more CA usage best practices (#15467)
* Add leaf not after best practice

Also suggest concrete recommendations for lifetimes of various issuers.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add advice to use a proper CA hierarchy

Also mention name constraints and HSM backing.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add section on safer usage of Roles

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add initial RBAC example for PKI

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-19 11:43:38 -04:00
Alexander Scheel f31149089f
Update FIPS documentation to clarify mlock (#15502)
This clarifies a limitation of the FIPS based container images,
to note that due to OpenShift requirements, we need to suggest
ways of disabling mlock or allowing Vault to set mlock.
2022-05-19 09:31:47 -04:00
Robert c2f49204d9
Fix small typos, update docs terminology (#15504) 2022-05-18 17:23:46 -05:00
Loann Le 561d8d45f8
updated warning (#15459) 2022-05-18 08:26:25 -07:00
Steven Clark 7bc9cd2867
Protect against key and issuer name re-use (#15481)
* Protect against key and issuer name re-use
 - While importing keys and issuers verify that the provided name if any has not been used by another key that we did not match against.
 - Validate an assumption within the key import api, that we were provided a single key
 - Add additional tests on the new key generation and key import handlers.

* Protect key import api end-users from using "default" as a name
 - Do not allow end-users to provide the value of default as a name for key imports
   as that would lead to weird and wonderful behaviors to the end-user.

* Add missing api-docs for PKI key import
2022-05-18 10:31:39 -04:00
Tom Proctor 1bb40eee16
Update documentation for vault-helm v0.20.0 release (#15450) 2022-05-18 09:50:15 +01:00
Jason O'Donnell d450b7899f
docs: add note about requiring 3.6+ helm (#15480) 2022-05-17 17:02:26 -04:00
Hamid Ghaf 66c6de50a7
Username format login mfa (#15363)
* change username_template to username_format for login MFA

* fixing a test

* Update website/content/docs/auth/login-mfa/faq.mdx

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2022-05-17 16:31:50 -04:00
Alexander Scheel f6ac1be13a
Start documentation for FIPS variants of Vault Enterprise (#15475)
* Begin restructuring FIPS documentation

This creates a new FIPS category under Enterprise and copies the
FIPS-specific seal wrap documentation into it.

We leave the existing Seal Wrap page at the old path, but document that
the FIPS-specific portions of it have moved.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add initial FIPS 140-2 inside documentation

This documents the new FIPS 140-2 Inside binary and how to use and
validate it. This also documents which algorithms are certified for
use in the BoringCrypto distribution.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add notes about FIPS algorithm restrictions

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-17 16:28:20 -04:00
Alexander Scheel a8c0efb487
Add documentation on rotation primitives (#15466)
* Begin PKI rotation primitive documentation

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Finish importing rotation primitive docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update all titles consistently

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add missing links in rotation primitives doc

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add sections documenting execution in Vault

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* typo fixes

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-17 11:44:17 -04:00
Jason O'Donnell 9024b94731
docs: add note about upndomain for AD secret engine (#15445) 2022-05-17 11:42:16 -04:00
Austin Gebauer ec6e362d83
auth/oidc: adds documentation for JSON pointer user claim (#15454) 2022-05-16 15:31:02 -07:00
Austin Gebauer d3b167d029
auth/oidc: documents user claim constraint for optional google workspace config (#15456) 2022-05-16 15:29:58 -07:00
Loann Le bbbb0bfc14
Vault documentation: updated unseal information (#15446)
* updated unseal info

* Update architecture.mdx

fixed spelling error

* updated based on feedback

* added new image

* Update website/content/docs/commands/operator/init.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Updates for accuracy

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-05-16 14:44:23 -07:00
Gabriel Santos 23e67be230
pki/sign-verbatim uses role not before duration (#15429)
* Use "not_before_duration" fiueld from role if above 0

* 'test' and update docs

* changelog file

* Requested changes - improved test and better description to changelog

* changelog description:

* update to ttl and not_before_duration API docs
2022-05-16 16:15:18 -04:00
AnPucel 390310409e
Add note about concurrency to plugin dev docs (#15357)
* Add note about concurrency

* Adding arrow syntax
2022-05-16 11:42:38 -07:00
Alexander Scheel 9b58e88efc
Update considerations for multiple issuers (#15442)
Also adds auditing section about suggested un-HMAC'd request/response
parameters.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-16 13:13:37 -04:00
Scott Miller b282bc4bd6
Plural typo in the Tokenization API docs for stores (#15424) 2022-05-13 14:00:33 -05:00
Tony Wittinger ba2984fa80
docs: updated monitor doc (#15358) 2022-05-13 11:19:51 -07:00
Alexander Scheel d2bc5b5e3d
Restructure PKI Documentation Section (#15413)
* Rename pki.mdx -> pki/index.mdx

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Split off quick-start document

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Split off considerations document

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Split off intermediate CA setup document

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Split off setup and usage document

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Consistent quick-start doc naming

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add table of contents to index

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-05-13 11:22:07 -04:00
Joe Rua 1e0ad4853a
Updated Docs For Specific Call Out (#14383)
The Parameter `cidr_list` is not support for Key_Type CA, customer was confused on this, so I feel we should specifically call this out to ensure there is no confusion
2022-05-13 10:42:20 -04:00
eoinoreilly30 6b82692f67
Fix typo (#15391) 2022-05-12 11:28:22 -07:00
Theron Voran 558e9a364b
docs: update for vault-k8s 0.16.0 (#15379) 2022-05-12 11:04:36 -07:00
Gabriel Santos 469ad6d09a
not_before_duration added to SSH (#15250)
* add-not-before-duration-to-ssh

* Missing field

* Adding tests

* changelog file

* Backend test

* Requested changes

* Update builtin/logical/ssh/path_roles.go

Co-authored-by: Alexander Scheel <alexander.m.scheel@gmail.com>
2022-05-12 08:50:40 -04:00
Calvin Leung Huang ca44b5a3e0
auth/okta: Add support for Okta number challenge (#15361)
* POC of Okta Auth Number Challenge verification

* switch from callbacks to operations, forward validate to primary

* cleanup and nonce description update

* add changelog

* error on empty nonce, no forwarding, return correct_answer instead

* properly clean up verify goroutine

* add docs on new endpoint and parameters

* change polling frequency when WAITING to 1s

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2022-05-11 17:09:29 -07:00
Christopher Swenson 4e4682247c
docs: fix typo in example custom db plugin (#15339) 2022-05-11 10:30:40 -07:00
Alexander Scheel 435450ea6f
Update API docs for PKI multi-issuer functionality (#15238)
* Update API docs for multiple issuer functionality

This substantially restructures the PKI secret engine's docs for two
purposes:

 1. To provide an explicit grouping of APIs by user usage and roles,
 2. To add all of the new APIs, hopefully with as minimal duplication
    as possible.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add section on vault cli with DER/PEM response formats

 - Add [1] links next to the DER/PEM format entries within various PKI
   response tables. These link to a new section explaining that the vault
   cli does not support DER/PEM response formats
 - Remove repetition of vault cli blurb in various description fields.
 - Fix up some typos

* Restructure API docs and add missing sections

Also addresses minor nits in the content.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify some language in the API docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
2022-05-11 12:50:20 -04:00
Chris Capurso ad4523ea34
add license termination time to API and CLI docs (#15349)
* add license termination time to API and CLI docs

* ensure consistent time format
2022-05-11 10:05:38 -04:00
Calvin Leung Huang 15a9b32a58
docs: update dep table to include okta auth changes (#15354) 2022-05-10 13:45:57 -07:00
Scott Miller ff42cb555d
Link to the Learn guide for PKI with Managed Keys (#15340) 2022-05-10 07:24:59 -05:00
Robert 738753b187
secrets/consul: Add support for generating tokens with service and node identities (#15295)
Co-authored-by: Thomas L. Kula <kula@tproa.net>
2022-05-09 20:07:35 -05:00
Loann Le 0dc6728228
capped perf replication (#15338) 2022-05-09 14:38:35 -07:00
Loann Le 6985a39740
added note about parameters (#15334) 2022-05-09 11:05:39 -07:00
Loann Le d336600b77
Vault documentation: added disable parameter to seal stanza-related doc pages (#15329)
* add disable parameter

* modified note
2022-05-09 10:12:30 -07:00
davidadeleon 9e869c52fa
Add DR Metric scraping capability to debug command (#15316)
* Add server information as well as ability to collect metrics from DR secondary

* Update debug docs

Adding additional information around ability to gather metrics from DR secondary

* Fix broken link in updated doc

* Create 15316.txt

Create changelog entry

* Fix Formatting

* Update website/content/docs/commands/debug.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update changelog/15316.txt

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Trigger Build

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2022-05-06 16:04:08 -04:00
TylerGelinas 4be45db85b
Add ForgeRock to OIDC Providers (#15294) 2022-05-06 12:24:36 -07:00
Hamid Ghaf 2ee602cfdd
removing prem/pro references as part of removing some build targets (#15278) 2022-05-06 09:09:42 -04:00
Nick Cabatoff 1a21b00bf1
Fix bogus duration string: "1hr" should be "1h". (#15301) 2022-05-05 10:15:50 -04:00
Loann Le c5cf149f3c
added helm for install--no-verify (#15287) 2022-05-04 13:58:25 -07:00
Nick Cabatoff d90ab7ef87
Add upgrade note for #15108. (#15275) 2022-05-04 09:56:37 -04:00
Chris Capurso 5e6437ab70
Add build_date to CLI and API docs (#15268)
* update version cmd docs

* update status cmd docs

* update version-history cmd docs

* update sys/seal-status docs

* update sys/version-history docs
2022-05-03 16:37:55 -04:00
Scott Miller bef350c916
Allow callers to choose the entropy source for the random endpoints. (#15213)
* Allow callers to choose the entropy source for the random endpoints

* Put source in the URL for sys as well

* changelog

* docs

* Fix unit tests, and add coverage

* refactor to use a single common implementation

* Update documentation

* one more tweak

* more cleanup

* Readd lost test expected code

* fmt
2022-05-02 14:42:07 -05:00
Calvin Leung Huang 888248f9cc
docs: update agent sections around auto-auth, caching, and templating (#15195)
* docs: update agent sections around auto-auth, caching, and templating

* Update website/content/docs/agent/template.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* address review feedback

* Example snippet updates

* review feedback on example note

* address review feedback

* use hcl syntax highlight on code blocks

* simplify exec param description

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-04-29 12:10:48 -07:00
Jason O'Donnell e9535bda2f
agent/auto-auth: Add min_backoff to set first backoff value (#15204)
* Add initial_backoff to auto-auth method

* Disable retries in client

* Fix bug

* Thread initial backoff to CT

* Add comment

* Change to min_backoff

* changelog

* remove initial references, review

* fix test

* Thread max_backoff through

* Add doc note for max_backoff/templating
2022-04-29 12:31:32 -04:00
Chris Capurso 15bad36e83
Fix sentence under Integrated Storage (Raft) Autopilot docs (#15231)
Co-authored-by: Peter Zujko <peter.zujko@klaviyo.com>
2022-04-29 11:26:32 -04:00
Loann Le 48a4c01b97
updated KI for upgrade guides (#15202) 2022-04-27 13:26:45 -07:00
Theron Voran 3d70b41049
docs: update the vault-lambda-extension docs (#15190)
Updates the layer version for the new release, and renames the docs
page from lambda-extension-cache -> lambda-extension, and includes a
redirect.
2022-04-27 08:27:18 -07:00
Loann Le cca8244040
Vault documentation: applied new guidelines to code blocks (#15191)
* applied new guidelines to codeblock

* updated text
2022-04-26 14:12:52 -07:00
Loann Le 5a47db75cc
Vault documentation: updated docs to include a note about seal requirement (#15172)
* add note about seal requirement

* fixed spelling error

* updated notes

* Update website/content/docs/configuration/seal/pkcs11.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/concepts/seal.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-04-26 12:13:03 -07:00
Nick Cabatoff 15ad2dd438
Add upgrade note for #15147. (#15154) 2022-04-25 12:55:58 -04:00
Chris Capurso 762c08833e
remove references to sys/license endpoint in docs (#14913) 2022-04-21 16:27:51 -04:00
Chris Capurso b4a46313b4
remove mount-filter endpoint from replication docs (#14896) 2022-04-21 16:27:00 -04:00
Jason O'Donnell 716430d3e7
docs/agent: merge template and template config (#15117)
* docs/agent: merge template and template config

* Fix example

* Update per review
2022-04-21 16:23:27 -04:00
Nick Cabatoff 5fa60555c5
Correct the unit type for mount_table.size. (#15114) 2022-04-21 12:54:32 -04:00
Yoko Hyakuna e9f18bdad7
Elaborate the correlation between CLI and API (#15056)
* Add command help info

* Explain CLI and API correlation

* Update the heading level

* Updated the command example with more description

* Update website/content/docs/commands/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Incorporate review feedback

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-04-21 09:17:24 -07:00
Peter Wilson fec9fa6841
Modified explanation on >=1 audit devices and successful requests (#15110) 2022-04-21 09:15:05 -04:00
Rémi Lapeyre bf4c4595f3
secrets/consul: Add support to auto-bootstrap Consul ACL system (#10751)
* Automatically bootstraps the Consul ACL system if no management token is given on the access config
2022-04-20 17:16:15 -05:00
Hamid Ghaf 6ff678000e
deprecating Legacy MFA (#14869)
* deprecating Legacy MFA

* removing legacy MFA doc json entry

* CL

* changing the link to legacy MFA in CL

* removing legacy MFA stuff from credentials' cli
2022-04-19 21:19:34 -04:00
Zachary Shilton 4ac57e104b
website: remove /intro content moved to learn (#14972)
* website: rm content moved to learn

* fix: delete intro page file and data

* fix: restore page file so build works, need to make change in dev-dot

* fix: avoid empty sidebar data error

* fix: proper rm now that hashicorp/dev-portal#287 has landed
2022-04-19 10:53:49 -04:00
Calvin Leung Huang 18ed61e93d
docs/secrets/ad: remove case_sensitive_names from API docs (#15084) 2022-04-18 18:10:49 -07:00
Hamid Ghaf a1d73ddfec
VAULT-5422: Add rate limit for TOTP passcode attempts (#14864)
* VAULT-5422: Add rate limit for TOTP passcode attempts

* fixing the docs

* CL

* feedback

* Additional info in doc

* rate limit is done per entity per methodID

* refactoring a test

* rate limit OSS work for policy MFA

* adding max_validation_attempts to TOTP config

* feedback

* checking for non-nil reference
2022-04-14 13:48:24 -04:00