Armon Dadgar
|
0877160754
|
vault: minor rekey cleanups
|
2015-05-28 12:07:52 -07:00 |
|
Armon Dadgar
|
c5352d14a4
|
vault: testing rekey
|
2015-05-28 12:02:30 -07:00 |
|
Armon Dadgar
|
361c722c5c
|
vault: first pass at rekey
|
2015-05-28 11:40:01 -07:00 |
|
Armon Dadgar
|
5aed043ea5
|
vault: ensure master key is copied to avoid memzero issues
|
2015-05-28 11:38:59 -07:00 |
|
Armon Dadgar
|
4e3f0cddcf
|
vault: Adding VerifyMaster to Barrier
|
2015-05-28 11:28:33 -07:00 |
|
Armon Dadgar
|
9f399eb9ff
|
vault: prevent raw access to protected paths
|
2015-05-28 10:24:41 -07:00 |
|
Armon Dadgar
|
42b91fe411
|
command/rotate: Adding new rotate command
|
2015-05-28 10:16:33 -07:00 |
|
Armon Dadgar
|
e72ed2fa87
|
Merge pull request #269 from sheldonh/getting_started_deploy_consul
Use local Consul instance in deploy walkthrough
|
2015-05-28 10:06:36 -07:00 |
|
Armon Dadgar
|
6ca11ecd35
|
Merge pull request #268 from sheldonh/howto_mlock
Document unprivileged mlock on Linux
|
2015-05-28 10:03:10 -07:00 |
|
Sheldon Hearn
|
6cda28f9e7
|
Don't recommend exporting VAULT_TOKEN
It's not needed by the dev server (which writes ~/.vault-token),
and breaks the Getting Started guide (e.g. #267).
|
2015-05-28 14:39:35 +02:00 |
|
Sheldon Hearn
|
9126cf576f
|
Use local Consul instance in deploy walkthrough
As per hashicorp/vault#217, demo.consul.io prevents sessions from being
created, which means you can't use it as a backend for Vault.
|
2015-05-28 14:11:34 +02:00 |
|
Sheldon Hearn
|
85fbdae5f5
|
Mention disable_mlock in deploy walkthrough
|
2015-05-28 13:24:28 +02:00 |
|
Sheldon Hearn
|
71c462b3b2
|
Clarify the disable_mlock option
|
2015-05-28 12:40:56 +02:00 |
|
Ken Breeman
|
c72dd5a38c
|
Cleaned up error handling and HA lock monitoring for zookeeper physical backend based on PR feedback.
|
2015-05-28 00:39:12 -04:00 |
|
Armon Dadgar
|
388022bac1
|
command/key-status: Adding new key-status command
|
2015-05-27 18:17:02 -07:00 |
|
Armon Dadgar
|
efcdfd0066
|
api: Adding Rotate and KeyStatus
|
2015-05-27 18:05:23 -07:00 |
|
Armon Dadgar
|
af47c72639
|
http: adding key-status and rotate handlers
|
2015-05-27 18:02:50 -07:00 |
|
Armon Dadgar
|
1a4256c20c
|
vault: more logging around rotate
|
2015-05-27 17:56:55 -07:00 |
|
Armon Dadgar
|
d0b93a6164
|
vault: adding sys/key-status and sys/rotate
|
2015-05-27 17:53:42 -07:00 |
|
Armon Dadgar
|
26cff2f42f
|
vault: expose information about keys
|
2015-05-27 17:25:36 -07:00 |
|
Armon Dadgar
|
3e717907cd
|
vault: testing barrier rekey
|
2015-05-27 17:17:03 -07:00 |
|
Armon Dadgar
|
b93feb8a6b
|
vault: first pass at rekey
|
2015-05-27 17:13:40 -07:00 |
|
Armon Dadgar
|
9e39fec4a5
|
vault: testing key rotation
|
2015-05-27 17:10:08 -07:00 |
|
Armon Dadgar
|
ead96e8c99
|
vault: first pass at key rotation
|
2015-05-27 17:05:02 -07:00 |
|
Armon Dadgar
|
3d800fe7be
|
vault: keyring api changes
|
2015-05-27 17:04:46 -07:00 |
|
Armon Dadgar
|
490bece0a0
|
vault: make keyring immutable
|
2015-05-27 16:58:55 -07:00 |
|
Armon Dadgar
|
28560a612f
|
vault: test for backwards compatability
|
2015-05-27 16:42:42 -07:00 |
|
Jonathan Sokolowski
|
348924eaab
|
logical/consul: Combine policy and lease into single storage struct
|
2015-05-28 09:36:23 +10:00 |
|
Armon Dadgar
|
e8e9103300
|
vault: share keyring persistence code
|
2015-05-27 16:29:59 -07:00 |
|
Armon Dadgar
|
0e9136d14c
|
vault: first pass at keyring integration
|
2015-05-27 16:01:25 -07:00 |
|
Armon Dadgar
|
50dc6a471e
|
vault: adding path for keyring
|
2015-05-27 15:23:43 -07:00 |
|
Armon Dadgar
|
8c2a767f4f
|
vault: Adding version to key entry
|
2015-05-27 15:23:31 -07:00 |
|
Armon Dadgar
|
1903518202
|
vault: Ensure we always set a key InstallTime
|
2015-05-27 14:37:40 -07:00 |
|
Armon Dadgar
|
ef2f71e17f
|
vault: Adding InstallTime to key in keyring
|
2015-05-27 14:37:40 -07:00 |
|
Armon Dadgar
|
57c763a3fa
|
vault: Adding keyring
|
2015-05-27 14:37:40 -07:00 |
|
Armon Dadgar
|
70b3b37ffb
|
vault: rename key epoch to term for clarity
|
2015-05-27 14:37:39 -07:00 |
|
Armon Dadgar
|
daa5b9c1b5
|
vault: physical -> storage for clarity
|
2015-05-27 14:33:58 -07:00 |
|
Armon Dadgar
|
42672e0cc6
|
Merge pull request #265 from certifiedloud/master
replaced confusing term 'physical' with 'storage'. Fix for #262
|
2015-05-27 14:33:00 -07:00 |
|
Armon Dadgar
|
4946a66e30
|
Merge pull request #266 from hashicorp/f-http
Support for HTTP Response overwriting
|
2015-05-27 14:21:09 -07:00 |
|
Armon Dadgar
|
8ee5aebb3c
|
vault: testing raw responses
|
2015-05-27 14:19:12 -07:00 |
|
Armon Dadgar
|
11c625fea2
|
http: support raw HTTP output
|
2015-05-27 14:10:00 -07:00 |
|
Armon Dadgar
|
784f17a0a8
|
logical: Adding special fields to do raw HTTP
|
2015-05-27 14:09:47 -07:00 |
|
certifiedloud
|
ac4763027b
|
replaced confusing term 'physical' with 'storage'.
|
2015-05-27 14:44:17 -06:00 |
|
Armon Dadgar
|
ba7bfed1af
|
vault: Expose MountPoint to secret backend. Fixes #248
|
2015-05-27 11:46:42 -07:00 |
|
Armon Dadgar
|
11b6abe886
|
Merge pull request #251 from DavidWittman/auth-prompt-without-args
Prompt for auth token when no args provided
|
2015-05-27 11:24:33 -07:00 |
|
Armon Dadgar
|
98c60f2a18
|
Merge pull request #250 from DavidWittman/233-auth-stdin
Read from stdin with auth command
|
2015-05-27 11:24:14 -07:00 |
|
Armon Dadgar
|
7131f12fee
|
logical/testing: Fixing revoke in acceptance tests. Fixes #236
|
2015-05-27 11:19:15 -07:00 |
|
Sheldon Hearn
|
89e7bb2569
|
Missed a few IAM permissions
|
2015-05-27 16:42:12 +02:00 |
|
Sheldon Hearn
|
3d2005ea56
|
List IAM permissions required by root credentials
|
2015-05-27 16:28:24 +02:00 |
|
Jonathan Sokolowski
|
2b1926f262
|
website: Update /consul/roles/ parameters
|
2015-05-27 09:54:15 +10:00 |
|