Commit graph

256 commits

Author SHA1 Message Date
Daniel Spangenberg cf16f3e1a8
Document MSSQL revocation behaviour (#8506)
See #7725
2020-03-09 15:09:15 +01:00
Jason O'Donnell f4fffa8bb8
doc: update openldap with racf schema support (#8491) 2020-03-06 14:46:33 -08:00
Becca Petrin 8da5bb27dd
Docs for Kubernetes Helm with Vault Enterprise (#8283) 2020-03-06 13:36:06 -08:00
Caine Jette 1fa482e20a
Fix wording in help text (#8438)
Add "at" in "the UI is accessible at the following URL"

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-03-06 08:26:18 -08:00
Brian Kassouf 5481ffe13b
Update raft.mdx 2020-03-05 17:02:31 -08:00
Brian Kassouf d71584a64d
Doc: Raft retry join (#8448)
* Doc: Raft retry join

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Address review feedback

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-03-05 16:47:10 -08:00
Jason O'Donnell f9c03dbb71
docs: update vault k8s to 0.3.0 (#8479)
* docs: update vault k8s to 0.3.0

* Update descriptions

* Clarify init-first annotation description

* Update website/pages/docs/platform/k8s/injector/annotations.mdx

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-03-05 11:21:01 -05:00
Brian Kassouf c70310896d
Add some integrated raft storage docs (#8417)
* Add migration docs for raft storage

* Add link to cluster addr config parameter

* Add raft internals page

* Fix page headers

* Add performance_multiplier docs

* Add a few more raft config options

* Add default value

* Add not about join using seals

* Update website/pages/docs/commands/operator/migrate.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Review feedback

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <m.ladlow@gmail.com>
2020-03-04 12:58:51 -08:00
Jim Kalafut 47dd9c0d36
Correct GCP auth permissions list. (#8454)
Remove `listInstances`, which isn't a valid permission.
2020-03-02 21:43:07 -08:00
Calvin Leung Huang 59cd954206
docs: add audit non-hmac-* flags to command docs (#8250) 2020-03-02 11:36:10 -05:00
Mike Green 0e08162cd2
adding prometheus info to make more self-service (#8312) 2020-03-02 11:21:50 -05:00
Stuart Purgavie 5b09fc6c43
Remove unintentional duplicate string (#8430)
Same string noted in documentation twice, updating to expected string based on context.
2020-02-28 14:48:53 -05:00
Jim Kalafut 6e7cd0580c
Add MongoDB API docs (#8389) 2020-02-22 11:39:36 -08:00
Jason O'Donnell d7fbd85fd5
docs: add enterprise note to k8s service discovery (#8410) 2020-02-21 17:12:27 -05:00
Theron Voran 17efdd6336
docs: vault-helm 0.4.0 updates (#8318)
Updated docs for vault-helm 0.4.0 configuration changes, and helm 3
support (dropping helm 2). Also some spelling changes, and shortened
page titles for the k8s helm examples.
2020-02-21 12:10:38 -08:00
Becca Petrin 24ae59b317
correct the okta docs (#8403) 2020-02-21 11:13:42 -08:00
Jim Kalafut 1bc1b45c07
Update identity token docs (#8398)
`client_id` is configurable as of version 1.4.
2020-02-21 10:59:09 -08:00
Jason O'Donnell 587b331d8f
docs: add openldap secret engine (#8388)
* docs: add openldap secret engine

* Update format of types

* Add to sidebars

* Fix formatting
2020-02-21 10:55:15 -05:00
Vishal Nayak 348cf9f52f
Seal Migration doc update (#8405) 2020-02-21 06:57:48 -05:00
Daniel Fanara 2980d06e5a
Docs: Add port paramter to MSSQL docs (#8402) 2020-02-21 08:55:21 +01:00
Becca Petrin 13a44b2e0b
Add docs for Kubernetes service discovery feature (#8374)
* add docs for kube service discovery

* give example with env vars only

* improve doc flow

* strip note about active being sometimes applicable
2020-02-19 13:34:18 -08:00
Markus Nilsson d8ea61f91a
Docs: Fix anchor link to Generating JWTs (#8368) 2020-02-18 13:11:48 +01:00
JulesRenz c54c8c92bd
RSA3072 implementation in transit secrets engine (#8151)
* RSA3072 implementation in transit secrets engine

* moved new KeyType at the end of the list
So already stored keys still work properly

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-15 14:40:50 -08:00
Gerardo Di Giacomo 8573eefe90
enabling TLS 1.3 support for TCP listeners (#8305)
* adding support for TLS 1.3 for TCP listeners

* removed test as CI uses go 1.12

* removed Cassandra support, added deprecation notice

* re-added TestTCPListener_tls13
2020-02-15 11:40:18 -08:00
Clint 39f1d26902
Docs enforce autoauth token (#8270)
* rename UseAutoAuthForce to ForceAutoAuth, because I think it reads better

* Document 'ForceAuthAuthToken' option for Agent Cache

* Update website/pages/docs/agent/caching/index.mdx

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* Add additional tests around use_auto_auth=force and add documentation

* remove note, it's no longer correct

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-14 15:48:12 -06:00
Clint d3cda0fe2c
Guard against using Raft as a seperate HA Storage (#8239)
* Guard against using Raft as a seperate HA Storage

* Document that Raft cannot be used as a seperate ha_storage backend at this time

* remove duplicate imports from updating with master
2020-02-14 14:25:53 -06:00
Michael Golowka 635b957e76
Add x509 Client Auth to MongoDB Database Plugin (#8329)
* Mark deprecated plugins as deprecated

* Add redaction capability to database plugins

* Add x509 client auth

* Update vendored files

* Add integration test for x509 client auth

* Remove redaction logic pending further discussion

* Update vendored files

* Minor updates from code review

* Updated docs with x509 client auth

* Roles are required

* Disable x509 test because it doesn't work in CircleCI

* Add timeouts for container lifetime
2020-02-13 15:54:00 -07:00
Michael Golowka ee2843a3b2
Update Oracle DB secrets docs to reflect support for static roles (#8168)
* Fix typos

* Update Oracle DB secrets docs to show support for Static Roles

* Add warning about username case sensitivity

* Remove warning about casing

* Fix typo

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 15:11:33 -07:00
Jeff Malnick 27ad920399
Add redshift database plugin (#8299)
* feat: add redshift database plugin

* build: update vendored libraries

* docs: add reference doc for redshift variant of the database secrets engine

* feat: set middlewear type name for better metrics naming (#8346)

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 09:42:30 -08:00
Darshana Sivakumar ef687a97a6 Adding a new replication metric (WAL GC counter) (#8241)
* Adding a new replication metric (WAL GC counter)

Adding a new line about the vault.replication.wal.gc metric

* Update website/pages/docs/internals/telemetry.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-02-07 23:04:59 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
Michel Vocks 3a4d330f64
Return error when a standby node receives a metrics request (#8280)
* Return error when a standby node receives a metrics request

* fix test

* Add documentation note
2020-02-07 09:30:25 +01:00
Brian Choy 85877e52a4
Fix typo in vault agent injector example docs (#8302)
Fix mispelling of `annotation`.
2020-02-05 15:57:09 -08:00
ncabatoff cfcb9d2218
Update seal migration docs re limitations and different scenarios (#8298) 2020-02-05 15:30:04 -05:00
Dan Lafeir fe80e136da
Add a specific reference to AWS IAM Unique Identifiers (#8209)
* Add specification about AWS IAM Unique Identifiers

We experienced an issue where IAM roles resources were re-provisioned with the same ARNs and no change had been made to our vault role configuration but users lost access with `-method=aws`. It wasn't immediately clear to us how IAM Unique Identifiers where being used to avoid the same situations outlined in the AWS documentation. We eventually concluded that re-provisioning the roles in our auth/aws/auth would fetch the new IAM Unique Identifiers. 

I hope that this small amendment helps people avoid this problem in the future.
2020-02-04 15:31:48 -08:00
Jamie Finnigan fa2544cf5e
fix <name> entity encoding for Secrets Engines Metrics section (#8290) 2020-02-04 15:06:10 -08:00
glerb 4f25ed2b08
Improve clarity of IAM flow explanation (#8275) 2020-02-03 10:14:09 -08:00
ncabatoff 03b14d8a64
Upgrade okta sdk lib (#8143)
Upgrade to new official Okta sdk lib.  Since it requires an API token, use old unofficial okta lib for no-apitoken case. 

Update test to use newer field names.  Remove obsolete test invalidated by #4798.  Properly handle case where an error was expected and didn't occur.
2020-02-03 12:51:10 -05:00
Jason O'Donnell 8f2347f93a
docs: update vault k8s to 0.2.0 (#8269)
* doc: update vault-k8s to 0.2.0

* Add debugging note
2020-01-31 11:22:39 -05:00
Chris Hoffman 0ebf3c3e40
fixing static pdf compliance letter (#8248) 2020-01-27 15:40:55 -05:00
Theron Voran 890f4b63a6
Show bound_service_accounts in gce example (#8236)
Shows that the GCP auth option `bound_service_accounts` can be used
for gce-type roles as well as iam.
2020-01-27 11:48:21 -08:00
Daniel Spangenberg eea26c6af1
Clarify the k8s helm run docs (#8235) 2020-01-27 14:54:59 +01:00
Chris Hoffman efb2152759
Adding pricing module note for enterprise features (#8217)
* adding pricing module note for enterprise features

* fixing incorrectly committed go.mod
2020-01-24 19:18:22 -05:00
Becca Petrin fc09eb1e6b
Add Kerberos agent docs (#8220)
* add kerberos agent docs

* use relative doc link
2020-01-24 14:40:41 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- 8a8f9029d6
Update Kubernetes docs to include Kubernetes Auth method (#8046)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Split examples into individual pages

* Add Kubernetes Auth Method example

* Remove old examples file

* Fix rebase fail

* Remove global section of yaml files that aren't needed

* Fix minor typos

* Fix typos that didn't get carried over from previous PR

* Re-copy from previous examples file to resolve rebase issues

* update dependencies

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-01-23 13:14:01 -07:00
Jeff Escalante 3511bf8293 [website] fix a couple broken links (#8190)
* fix a couple broken links

* extra redirect

* another shot at redirects
2020-01-22 12:31:42 -08:00
Jeff Escalante 0062ad382d [website] implement postgres/secrets redirect (#8208)
* add secrets/postgresql redirect

* change name of old path

* ensure deprecated pages are not indexed by search engines

* remove deprecated page from navigation
2020-01-22 12:29:37 -08:00
Jeff Escalante 4f87851926 [website] Link Cleaning (#8205)
* update dependencies

* remove hard-coded vaultproject.io on local links

* remove 'index.html' from internal links

* remove '.html' at end of internal links

* manual review cleanup

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-22 12:05:41 -08:00
Calvin Leung Huang ffd90709f3
docs: update entropy augmentation page (#8185)
* docs: update entropy augmentation page

* remove .html extension in links

* remove .html extension in links
2020-01-21 15:05:53 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- d9ed6b845c
Improve Helm chart example for standalone with TLS configuration (#8022)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Fix typos, formatting, and other minor issues

* Use correct header depth for Helm Configuration

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-01-21 15:44:14 -07:00
Clint b7c2acccd9
Website: Fix configuration links from Helm run docs (#8201) 2020-01-21 13:30:35 -06:00
DDd d1b4082fb3 Fix k8s docs for running standalone (#8199)
* instruction for HA was actually for standalone.
2020-01-21 19:46:33 +01:00
Clint 6b16f7521a
update 'learn about the configuration options' link (#8146) 2020-01-21 12:06:42 -06:00
Mikko Ekström 1f034ee380 Fix typo in YAML markup (#8194) 2020-01-20 16:39:51 +01:00
Daniel Spangenberg c64c2bf512
Fix k8s injector examples (#8179) 2020-01-18 14:47:18 +01:00
Jeff Escalante df34412570 New Website! (#8154)
* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes
2020-01-17 16:18:09 -08:00