Commit graph

207 commits

Author SHA1 Message Date
Joel Thompson e06a78a474 Create unified aws auth backend (#2441)
* Rename builtin/credential/aws-ec2 to aws

The aws-ec2 authentication backend is being expanded and will become the
generic aws backend. This is a small rename commit to keep the commit
history clean.

* Expand aws-ec2 backend to more generic aws

This adds the ability to authenticate arbitrary AWS IAM principals using
AWS's sts:GetCallerIdentity method. The AWS-EC2 auth backend is being to
just AWS with the expansion.

* Add missing aws auth handler to CLI

This was omitted from the previous commit

* aws auth backend general variable name cleanup

Also fixed a bug where allowed auth types weren't being checked upon
login, and added tests for it.

* Update docs for the aws auth backend

* Refactor aws bind validation

* Fix env var override in aws backend test

Intent is to override the AWS environment variables with the TEST_*
versions if they are set, but the reverse was happening.

* Update docs on use of IAM authentication profile

AWS now allows you to change the instance profile of a running instance,
so the use case of "a long-lived instance that's not in an instance
profile" no longer means you have to use the the EC2 auth method. You
can now just change the instance profile on the fly.

* Fix typo in aws auth cli help

* Respond to PR feedback

* More PR feedback

* Respond to additional PR feedback

* Address more feedback on aws auth PR

* Make aws auth_type immutable per role

* Address more aws auth PR feedback

* Address more iam auth PR feedback

* Rename aws-ec2.html.md to aws.html.md

Per PR feedback, to go along with new backend name.

* Add MountType to logical.Request

* Make default aws auth_type dependent upon MountType

When MountType is aws-ec2, default to ec2 auth_type for backwards
compatibility with legacy roles. Otherwise, default to iam.

* Pass MountPoint and MountType back up to the core

Previously the request router reset the MountPoint and MountType back to
the empty string before returning to the core. This ensures they get set
back to the correct values.
2017-04-24 15:15:50 -04:00
Seth Vargo 490b98ee93
Update logos 2017-04-18 14:17:56 -04:00
Seth Vargo 6883eebbd9
Add press kit, hashicorp logo 2017-04-06 18:28:26 -04:00
Seth Vargo c600a426d8
Add new colored header styles 2017-03-29 19:04:39 -04:00
Seth Vargo 5b0acbfeba
Cleanup CSS 2017-03-26 16:04:21 -04:00
Seth Vargo d3da5b231b
Link to index.html pages 2017-03-20 01:37:22 -04:00
Seth Vargo 166e0b4ef4
Use inline svgs 2017-03-20 01:27:23 -04:00
Seth Vargo cb1a2cb361
Migrate to middleman-hashicorp sidebar 2017-03-20 01:27:23 -04:00
Matthew Irish b5e49af2d8 website: turbolinks + ember = ❤ (#2504)
* move application.js to head

* move ember app to separate file and exclude from turbolinks
2017-03-17 16:05:59 -05:00
Seth Vargo 6d83640c85
Add API to sidebar 2017-03-17 15:44:09 -04:00
Seth Vargo d4390d103e
/docs/http -> /api 2017-03-17 14:06:03 -04:00
Jeff Mitchell d2e9e0b873 Merge branch 'master-oss' into pr-2495 2017-03-17 13:40:58 -04:00
Jeff Mitchell a38b55385a Update replication guide and add to sidebar 2017-03-17 12:38:19 -04:00
Seth Vargo 05e8b1861f
Formatting 2017-03-16 12:06:15 -07:00
Seth Vargo 5c1f017274
Reformat replication API 2017-03-16 11:57:06 -07:00
Seth Vargo b078963ab2
Hide auth backends for now
The migration is getting too large, so we'll tackle this move in another
PR
2017-03-16 09:47:08 -07:00
Seth Vargo 3fd0bd36cc
Break out API documentation for secret backends 2017-03-16 09:47:06 -07:00
Seth Vargo 849f57e73a
Update layouts and assets for consistency 2017-03-16 09:46:47 -07:00
Jeff Mitchell 2b98f004ac Fix layout for replication 2017-03-16 06:50:33 -04:00
Andy Manoske 8aa7f120b0 Vault_Enterprise_WWW (#2327) 2017-03-15 14:31:14 -04:00
Jeff Mitchell 584aedad04 Add upgrade to 0.7 page 2017-03-15 12:34:11 -04:00
Jason Costello 012c8f6c2f remove offset from footer 2017-03-08 17:36:59 -08:00
Jason Costello 52b3d7beb5 Re apply offset change after rebase 2017-03-08 17:34:57 -08:00
Jack Pearkes 2c3736bbe2 website: add squashed mega-nav work 2017-03-08 17:27:31 -08:00
Seth Vargo f18318f6dd Move upgrade into guides (#2460)
* Move upgrades to guides

* Make root token copy-pastable
2017-03-08 17:33:58 -05:00
Seth Vargo aa6346a8f6
Use htmlcompat in middleman-hashicorp 2017-03-08 14:14:52 -08:00
Seth Vargo 23c0c47ff5
Update favicons, container, turbolinks 2017-03-08 11:07:20 -08:00
Seth Vargo 624c6eab20 Separate backend configurations into their own pages (#2454)
* Clean vertical lines

* Make sidebar slightly larger on bigger displays

* Separate backend configurations into their own pages
2017-03-07 21:47:23 -05:00
Seth Vargo f0ad367b8c
Do not print header or footer 2017-03-06 16:11:06 -05:00
Seth Vargo 1f7bdbf966
Fix http layout 2017-03-06 16:11:05 -05:00
Seth Vargo 93357d7519
Move install guides into docs layout 2017-03-06 16:11:05 -05:00
Seth Vargo 2b371e1189
Tabs to spaces 2017-03-06 16:11:04 -05:00
Seth Vargo 8706a16800
Do not show "Edit this Page" in dev either 2017-03-06 16:11:04 -05:00
Seth Vargo a7f6b3b7f1
Unify layout partials 2017-03-06 16:11:02 -05:00
Jason Costello 5ea7b4436c Website update typography (#2429) 2017-03-02 17:10:33 -05:00
Jeff Mitchell c81582fea0 More porting from rep (#2388)
* More porting from rep

* Address review feedback
2017-02-16 16:29:30 -05:00
Jeff Mitchell 0c39b613c8 Port some replication bits to OSS (#2386) 2017-02-16 15:15:02 -05:00
Jeff Mitchell f9c67273f3 Add audited headers to sidebar 2017-02-07 17:02:14 -05:00
Jeff Mitchell 6612744576 Add Okta docs to sidebar 2017-02-07 16:57:28 -05:00
Matteo Sessa 29d9d5676e RADIUS Authentication Backend (#2268) 2017-02-07 16:04:27 -05:00
Harrison Harnisch b09077c2d8 add socket audit backend 2017-02-02 14:21:48 -08:00
Jeff Mitchell 715732502d Update docs.erb 2017-01-25 15:33:20 -05:00
Cameron Stokes c19e7ce793 undo inadvertant tabs to spaces on docs.erb 2017-01-23 17:02:06 -08:00
Cameron Stokes a307328f04 Additional changes to @rfay's PR from https://github.com/hashicorp/vault/pull/2217.
- Renamed Cookbook to Guides
- Made Guides index page
- Moved Guides link on sidebar
- Minor formatting changes to generate-root guide
2017-01-23 16:41:25 -08:00
Randy Fay 787b6aa93c Add cookbook section, with root token generation technique 2016-12-30 09:19:55 -07:00
Jeff Mitchell f6044764c0 Fix revocation of leases when num_uses goes to 0 (#2190) 2016-12-16 13:11:55 -05:00
Jeff Mitchell a81d18b437 Add 0.6.3 upgrade page to sidebar 2016-12-06 16:37:28 -05:00
rjhornsby 5e89fc4997 Fix typo
Fix typo in sidebar layout that prevented sidebar item 'getting started apis' from correctly rendering when that page was active.
2016-10-17 10:59:16 -05:00
Jeff Mitchell b45a481365 Wrapping enhancements (#1927) 2016-09-28 21:01:28 -07:00
Jeff Mitchell bc3cce7d2d Add 0.6.2 page to sidebar 2016-09-13 16:49:54 -04:00
Raja Nadar 5172cdab3f doc: remove duplicate aws-ec2 menu item
the auth backends menu had a duplicate entry for aws-ec2 auth.
removed the dup one.
2016-08-30 00:59:44 -07:00
vishalnayak a6907769b0 AppRole authentication backend 2016-07-26 09:32:41 -04:00
Jeff Mitchell 49194847da Add mongodb to sidebar 2016-07-19 14:00:47 -04:00
Jeff Mitchell 04f0471a9f Update documentation around dynamodb changes 2016-07-18 14:10:55 -04:00
Jeff Mitchell 4a597c3a7a Fix upgrade to 0.6 docs 2016-07-06 19:00:23 -04:00
Jeff Mitchell 2c0e677fe5 Fix website upgrade menu for 0.6.0 2016-07-06 09:28:21 -04:00
Vishal Nayak ab543414f6 Merge pull request #788 from doubledutch/master
RabbitMQ Secret Backend
2016-06-08 10:02:24 -04:00
Jeff Mitchell 33764e85b1 Merge pull request #1324 from hashicorp/sethvargo/doc_gpg
Add a page for step-by-step gpg/keybase
2016-06-03 13:24:57 -04:00
vishalnayak 5c25265fce rename aws.html.md as aws-ec2.html.md 2016-05-30 14:11:15 -04:00
vishalnayak a072f2807d Rename aws as aws-ec2 2016-05-30 14:11:15 -04:00
Jeff Mitchell caf77109ba Add cubbyhole wrapping documentation 2016-05-19 13:33:51 -04:00
Jeff Mitchell 3e71221839 Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
Seth Vargo 45ac1bc151
Track enhanced links 2016-05-02 15:57:23 -04:00
vishalnayak 9d4a7c5901 Docs update 2016-04-26 10:22:29 -04:00
Seth Vargo 2926be9ca7 Add a page for step-by-step gpg/keybase 2016-04-12 21:44:07 +01:00
Kevin Pike 525b82544c Update docs layout with RabbitMQ 2016-04-08 09:26:16 -07:00
Vishal Nayak 343e6f1671 Merge pull request #998 from chrishoffman/mssql
Sql Server (mssql) secret backend
2016-03-10 22:30:24 -05:00
Chris Hoffman 5af33afd90 Adding verify_connection to config, docs updates, misc cleanup 2016-03-09 23:08:05 -05:00
Jeff Mitchell 6df72e6efd Merge pull request #1168 from hashicorp/revoke-force
Add forced revocation.
2016-03-09 16:59:52 -05:00
Jeff Mitchell d571a1e85d Add website docs 2016-03-09 12:49:12 -05:00
vishalnayak 926e7513d7 Added docs for /sys/capabilities-accessor 2016-03-09 09:48:32 -05:00
vishalnayak 73943546c3 Documentation for capabilities and capabilities-self APIs 2016-03-07 06:13:56 -05:00
Jeff Mitchell 11ddd2290b Provide 'sys/step-down' and 'vault step-down'
This endpoint causes the node it's hit to step down from active duty.
It's a noop if the node isn't active or not running in HA mode. The node
will wait one second before attempting to reacquire the lock, to give
other nodes a chance to grab it.

Fixes #1093
2016-02-26 19:43:55 -05:00
captainill a83db21a77 website: announcement banner for vault enterprise 2016-02-24 10:59:31 -08:00
Jeff Mitchell be073f8499 Update upgrade website section with information about the 0.5.1 PKI changes 2016-02-19 14:42:59 -05:00
Jeff Mitchell 66494faa3f Add an install/upgrade section. Add general and 0.5 upgrade procedures. 2016-02-01 20:17:06 -05:00
Seth Vargo 64e521a68b Add structured data 2016-01-24 13:37:20 -05:00
Jeff Mitchell d621d7ebe7 Add C# library and do some reorg on the library page 2016-01-22 10:03:02 -05:00
Jeff Mitchell 973c888833 RootGeneration->GenerateRoot 2016-01-19 18:28:10 -05:00
Jeff Mitchell 3b994dbc7f Add the ability to generate root tokens via unseal keys. 2016-01-19 18:28:10 -05:00
captainill 2ec7a2f032 capitol C in by hashicorp lockup 2015-12-19 21:21:18 -08:00
Jeff Mitchell 1c7157e632 Reintroduce the ability to look up obfuscated values in the audit log
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
2015-11-18 20:26:03 -05:00
captainill d931c62d94 sidebar 2015-11-09 21:08:05 -08:00
captainill 2af4092734 redesign header bulk 2015-11-09 20:58:06 -08:00
Jeff Mitchell bc40e652bf Remove revoke-self from sys API documentation as it's in the token-store instead 2015-10-21 10:46:41 -04:00
Sam Handler ad09203343 use github_url to generate edit_this_page link 2015-10-07 17:39:08 -04:00
Sam Handler a0290f69df Add 'edit this page' link to footer 2015-09-24 14:10:32 -07:00
Jeff Mitchell af27a99bb7 Remove JWT for the 0.3 release; it needs a lot of rework. 2015-09-24 16:23:44 -04:00
Jeff Mitchell 8fa7d3bd0b Add revoke-self to docs 2015-09-24 12:05:00 -04:00
Dominic Luechinger 89511e6977 Fixes docs for new JWT secret backend 2015-09-24 16:47:17 +02:00
Jeff Mitchell 538852d6d6 Add documentation for cubbyhole 2015-09-15 13:50:37 -04:00
Jeff Mitchell f4239556d2 Merge pull request #508 from mfischer-zd/webdoc_environment
docs: Document environment variables
2015-09-09 11:29:10 -04:00
Michael S. Fischer 24a5127fab docs: Document environment variables 2015-09-08 11:59:58 -07:00
vishalnayak 0abf07cb91 Vault SSH: Website doc v1. Removed path_echo 2015-08-12 09:25:28 -07:00
Armon Dadgar 03728af495 Merge pull request #464 from bgirardeau/master
Add Multi-factor authentication with Duo
2015-07-30 17:51:31 -07:00
Kevin Fishner 9fe25414aa update analytics 2015-07-28 16:05:27 -07:00
Bradley Girardeau 112f98d86f mfa: cleanup website documentation 2015-07-28 12:25:01 -07:00
Daniel Somerfield 30920dc751 Finished draft of api tutorial and worked it into the flow. 2015-07-19 12:29:06 -07:00
Daniel Somerfield 3f45692500 Added start of page in intro that explains / demos the REST apis 2015-07-15 06:28:04 -07:00
Armon Dadgar 7be012b8b6 website: help command is now path-help 2015-07-13 20:03:29 +10:00