Michael Schuett
63e7ac034f
MySQL HA Backend Support ( #4686 )
2018-08-13 17:02:31 -04:00
Jim Kalafut
92f0e1a39e
Revert "Add ttl parameter to pki api docs ( #5063 )"
...
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
2018-08-13 09:34:05 -07:00
Yoko
140e3d5402
[Guide] Vault Cluster Monitoring Guide ( #5084 )
...
* Vault cluster monitoring guide
* Updated the download link
* Fixed broken link
2018-08-10 13:52:02 -07:00
Jim Kalafut
aa8dac9bd2
Add RDS notes to MSSQL docs ( #5062 )
2018-08-10 08:52:21 -07:00
Jeff Mitchell
65d2cc768c
Website typo fix
2018-08-08 15:53:40 -04:00
Jim Kalafut
7b7f1cc7ff
Add ttl parameter to pki api docs ( #5063 )
2018-08-08 09:12:14 -07:00
Conor Mongey
5454c15a7e
Fix typo: Consult Template -> Consul Template ( #5066 )
2018-08-08 09:01:45 -07:00
Ian Grayson
931c289b95
Update policies.html.md ( #5007 )
...
Allow admins to run CLI: `vault secrets list`
2018-08-07 10:35:23 -07:00
Jeff Escalante
2a21e85580
html syntax corrections ( #5009 )
2018-08-07 10:34:35 -07:00
Rob
ca3aa1f36b
Update dev-server.html.md ( #5035 )
...
The instructions were in backwards order. #3591
2018-08-07 10:33:30 -07:00
Yoko
3ae63b06d7
Typo fix ( #5052 )
2018-08-06 15:50:39 -07:00
Yoko
ef6579fed5
[Guide] Sentinel Policies ( #5049 )
...
* Sentinel policies guide
* Typo fix
2018-08-06 15:39:32 -07:00
Yoko
06491fa6a6
[Guide] SSH Secrets Engine ( #5022 )
...
* OTP SSH guide
* Fixed the required policy
* Added the step to restart the SSH server
* Update ssh-otp.html.md
Just a few edits to highlight its cloud context. Looks great otherwise!
2018-08-06 15:04:24 -07:00
Yoko
fee3c2072d
[Guide] Build Your Own CA Guide ( #4995 )
...
* WIP
* WIP
* WIP - Jake's PKI demo
* WIP
* PKI secret engine guide
* Added little more description about role
* Added tidy step
* Fixed a broken link
2018-08-06 14:42:46 -07:00
Joshua Ogle
3975a2cddc
Better OS highlighting
2018-08-06 12:30:31 -06:00
Joshua Ogle
f0f4097470
Javascript refactor for configuration builder
2018-08-06 11:55:36 -06:00
Joshua Ogle
c7bd0145c0
Better JavaScript line wrapping in configuration
2018-08-03 23:37:58 -06:00
Joshua Ogle
c4ef5fdece
JS Feedback fixes, make UI default on click
2018-08-03 22:57:17 -06:00
Joshua Ogle
e7bd3efc04
Merge branch 'master' into oss-download-config-path
2018-08-03 16:53:45 -06:00
Chris Hoffman
59a0099f89
Add Configuration Builder and Better Download page
...
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
Olivier Lemasle
fcb82c2444
Fix two errors in docs ( #5042 )
...
Two small errors in documentation
2018-08-03 14:26:46 -07:00
Jim Kalafut
8e91555807
Fix docs sidebar layout
2018-08-03 09:15:45 -07:00
Jason Martin
df3e3ba43d
Fix typo in the AWS STS AssumeRole docs. ( #5032 )
2018-08-02 22:57:24 -07:00
Gerald
43183af2c8
Fix gcp auth method link ( #5030 )
2018-08-02 22:55:59 -07:00
Jiang Yong
4841309cdf
correct Jenkins policy and mysql secret path when kv put in authentication guide ( #5023 )
...
* correct Jenkins policy and mysql secret path when kv put
* add a note for kv-v2 secret
2018-08-02 08:38:51 -07:00
Jeff Mitchell
62bcbd3dfe
Fix website typo
2018-08-01 16:52:11 -04:00
Yoko
9c6a14ba6b
[Guide] Identity: Entities & Groups ( #4968 )
...
* Entities & Groups tutorial
* Re-wordig the persona section
* Incorporated the feedback
* Updated the policy requirements
* Incorporate the feedback
* Fixed grammar
* Made the final small adjustments
2018-08-01 11:07:09 -07:00
Raja Nadar
56fcd2e7b3
.net 2.0 standard leap ( #5019 )
...
2.0 is more conducive for consumers
2018-08-01 08:57:49 -04:00
Yoko
aadfccaa6b
[Guide] Direct App Integration guide ( #4948 )
...
* Direct App Integration guide
* Added a tag for step3
2018-07-31 09:19:23 -07:00
Sean Malloy
7e9ec5afb4
Fix GCP auth docs typo ( #5017 )
...
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
2018-07-31 10:57:34 -04:00
Jeff Mitchell
a6d0ae5890
Add exit-after-auth functionality to agent ( #5013 )
...
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.
Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
Pat Downey
0ad44a7ac5
Expand TOFU acronym in AWS auto-auth docs ( #5011 )
2018-07-29 18:05:49 -07:00
Yoko
3d8bf1441b
[Guide] Transit Secrets Engine beginner guide ( #4943 )
...
* Intro to Transit Secrets Engine guide
* Added the Katacoda scenario link in the Reference Materials section
* Referencig this guide in the existing encryption guides
2018-07-27 16:08:52 -07:00
Michael Herman
05f944c580
Update index.html.md ( #5005 )
2018-07-27 15:30:59 -04:00
Chris Hoffman
083157cb24
adding environment to azure auth docs ( #5004 )
2018-07-27 08:33:20 -04:00
Chris Hoffman
d02284657e
adding missing properties ( #5003 )
2018-07-27 08:19:12 -04:00
Chris Hoffman
c13ef667d3
adding upgrade guide for 0.10.4 ( #4992 )
2018-07-25 12:54:48 -04:00
Jeff Mitchell
6e1e326199
Prep for 0.10.4
2018-07-25 09:52:09 -04:00
Jeff Mitchell
e72890e83f
VSI ( #4985 )
2018-07-24 22:02:27 -04:00
Chris Hoffman
b37c05cf64
updating azure auth plugin and docs ( #4975 )
2018-07-23 10:00:44 -04:00
Jim Kalafut
a16300e593
Add FoundationDB link to sidebar
2018-07-20 20:10:52 -07:00
Yoko
3cd55dc26d
Git repo folder name changed ( #4969 )
2018-07-20 11:46:12 -07:00
Olivier Lemasle
4604c00018
State in docs that FoundationDB backend is community supported ( #4964 )
2018-07-20 09:59:13 -04:00
Peter Vandenabeele
db2970623d
Fix small typo in Vault website documentation ( #4962 )
2018-07-20 09:57:16 -04:00
Brian Shumate
e2dd0864c4
Add missing telemetry metrics ( #4785 )
...
* Add missing telemetry metrics
- Add merkle related telemetry
- Add WAL related telemetry
* additional wal metrics
* Use correct metrics naming
2018-07-19 18:36:55 -04:00
Chris Hoffman
712652c318
Fixing formatting
2018-07-19 10:36:09 -04:00
Chris Hoffman
6a169ab00d
Adding information on required azure permissions ( #4956 )
2018-07-19 10:24:55 -04:00
John Naulty Jr
498a8d9456
fix Issue #4952 static-secrets small typo ( #4953 )
2018-07-18 22:36:47 -07:00
Tomohisa Oda
9ff2081e8b
add sequelize-vault to third-party tools ( #4945 )
2018-07-17 21:45:37 -07:00
Yoko
b41a1c6134
Updated - Secure Introduction to Vault Clients guide ( #4944 )
...
* Incorporated Armon's feedback
* Added a diagram
2018-07-17 15:54:48 -07:00
Yoko
67b349a107
Secure Introduction to Vault Clients Guide ( #4871 )
...
* WIP
* WIP - Secure Intro Guide
* WIP secure intro guide
* WIP Secure Intro Guide
* WIP Secure Intro Guide
* WIP Secure Intro Guide
2018-07-16 15:17:52 -07:00
Julien Blache
c8fb9ed6a8
FoundationDB physical backend ( #4900 )
2018-07-16 10:18:09 -04:00
Ram Nadella
493752334a
Fix environment mismatch in MySQL cert step ( #4835 )
2018-07-16 10:13:44 -04:00
Seth Vargo
1259ee6743
Add plugin CLI for interacting with the plugin catalog ( #4911 )
...
* Add 'plugin list' command
* Add 'plugin register' command
* Add 'plugin deregister' command
* Use a shared plugin helper
* Add 'plugin read' command
* Rename to plugin info
* Add base plugin for help text
* Fix arg ordering
* Add docs
* Rearrange to alphabetize
* Fix arg ordering in example
* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
dmicanzerofox
a3d067c00b
PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired ( #4916 )
2018-07-13 09:32:32 -04:00
Seth Vargo
a379989da4
Update GCP docs ( #4898 )
...
* Consistently use "Google Cloud" where appropriate
* Update GCP docs
This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
Jeff Mitchell
2322eabc68
Add jwt auth docs ( #4891 )
2018-07-11 15:08:49 -04:00
Jeff Mitchell
935c045cfa
Fix permitted dns domain handling ( #4905 )
...
It should not require a period to indicate subdomains being allowed
Fixes #4863
2018-07-11 12:44:49 -04:00
Md. Nure Alam Nahid
7b9bedf94d
Add additional config keys for swift ( #4901 )
...
* Add additional config keys for swift
* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
Seth Vargo
408fc1eac0
Properly capitalize H in GitHub ( #4889 )
...
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
Jeff Mitchell
bfb7ba3843
Remove vault.rocks from some that were missed
2018-07-10 10:47:30 -04:00
Jeff Mitchell
4a3fe87a39
Allow max request size to be user-specified ( #4824 )
...
* Allow max request size to be user-specified
This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.
This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.
* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Kawsar Kamal
66f035edc4
Fixed example file extensions from .hcl to .json ( #4810 )
2018-07-06 08:59:09 -04:00
Chris Bednarski
514ffac5e2
Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners ( #4862 )
2018-07-06 08:51:51 -04:00
Calvin Leung Huang
04332f5b3f
Add missing replication props, prettify tables ( #4816 )
...
* Add missing request.replication props, prettify tables
* Fix location of replication prop
2018-07-05 16:11:21 -04:00
Chris Hoffman
32c94b2638
Update docs
2018-07-03 08:28:43 -04:00
Brian Shumate
7b106683f0
Clarify policies note ( #4832 )
...
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
Jeff Mitchell
8f45bc69ba
Fix tuning visibility in CLI ( #4827 )
...
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
2018-07-02 12:13:25 -04:00
Yoko
dcb229d36d
Updates made by Michael Lucas ( #4855 )
...
Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.
2018-07-02 08:56:15 -07:00
Chris Hoffman
6b7d215e7e
Clarify performance replication token handling
2018-06-29 09:32:35 -04:00
Chris Hoffman
6f5b8c0e6f
adding sample request to key status api docs ( #4853 )
2018-06-29 09:17:51 -04:00
Matthew Irish
873c131b71
update lockfile ( #4839 )
2018-06-26 11:29:14 -05:00
Logan Rakai
619dd3c6ed
Typo fix ( #4822 )
2018-06-23 16:34:25 -07:00
Logan Rakai
59b87fae53
Small grammar fix ( #4821 )
2018-06-22 21:59:39 -07:00
Jeff Mitchell
2410a11156
Add a warning to syslog
...
Ping #3617
2018-06-22 09:00:07 -04:00
Kevin Hicks
cda793f5b3
Fix typos ( #4813 )
2018-06-21 12:29:18 -07:00
Yoko
01d50cd3eb
Fixed a typo ( #4812 )
2018-06-21 11:11:30 -07:00
Steven Farage
fadb3eb6fd
Make documentation match API example ( #4809 )
...
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
Yoko
c3b7d1fbb6
Vault DR Replication Setup Guide ( #4790 )
...
* WIP DR setup guide
* Fix typos
* Added the steps to demote & disable primary
* Clarified some of the explanation
2018-06-21 08:42:35 -07:00
Jeff Mitchell
bf33d5d849
Prep for release
2018-06-20 09:27:04 -04:00
Becca Petrin
73cbbe2a9f
Add bound cidrs to tokens in AppRole ( #4680 )
2018-06-19 22:57:11 -04:00
Becca Petrin
d9ac83569b
clarify aws role tag doc ( #4797 )
2018-06-19 15:59:57 -07:00
Becca Petrin
71977637d4
Update Active Directory secret engine docs ( #4788 )
...
* active directory rotate root docs
* update doc
2018-06-19 09:11:46 -07:00
Calvin Leung Huang
418513bbd9
Be explicit about trailing slash on paths for list capability ( #4793 )
2018-06-19 12:10:39 -04:00
Jeff Mitchell
cffb1183a8
Database updates ( #4787 )
...
* Database updates
* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted
Fixes #3544
Fixes #4782
* Add create/update info to docs
2018-06-19 11:24:28 -04:00
Ryan Loomba
c558fc5f3d
fix typo in Vault Encryption as a Service Guide ( #4789 )
2018-06-18 17:32:43 -07:00
Laura Uva
4cae4abbab
Add example of min_wrapping_ttl and max_wrapping_ttl ( #4753 )
2018-06-18 19:59:21 -04:00
Mike Fortuno
dc568f1376
Update policies.html.md ( #4780 )
...
Policy file name was incorrect, causing instructions to be unclear.
2018-06-15 15:49:09 -07:00
Mr Talbot
5551a63221
pki: add ext_key_usage to mirror key_usage and add to sign-verbatim ( #4777 )
...
* pki: add ext_key_usage parameter to role
* pki: add key_usage and ext_key_usage parameter to sign-verbatim
* pki: cleanup code as per comments
2018-06-15 18:20:43 -04:00
Jeff Mitchell
762f08eac2
Mention delegating change password privs in ad docs
2018-06-15 17:01:47 -04:00
Jeff Mitchell
164c7225f1
Remove msa info from AD page
2018-06-15 16:55:28 -04:00
Jeff Mitchell
91ca3d4b7f
Add URI SANs ( #4767 )
2018-06-15 15:32:25 -04:00
Nándor István Krácser
d4303bc53e
docs: kv 2 is used by default in the dev server only ( #4773 )
2018-06-15 09:09:27 -04:00
Jeff Mitchell
43d9ae5c0a
Update index.html.md
...
Fixes #4763
2018-06-14 10:19:38 -04:00
Laura Uva
44e874e06f
Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) ( #4754 )
2018-06-13 16:44:15 -07:00
Brian Kassouf
1b77db5138
Update replication status ( #4761 )
...
* Update replication-performance.html.md
* Update replication-dr.html.md
* Update replication.html.md
* Update replication-dr.html.md
* Update replication-dr.html.md
* Update replication-performance.html.md
* Update replication.html.md
2018-06-13 16:43:39 -07:00
Becca Petrin
aa390e0e7e
add link to api docs ( #4757 )
2018-06-13 09:35:37 -07:00
Yoko
7df8b15451
Vault guides example update ( #4756 )
...
* Typos in the sample payload JSON
* AWS support files were added
* yet another typo
2018-06-13 09:34:07 -07:00
Pavlos Ratis
49834a3a83
Use shell highlighting in the command snippets ( #4736 )
2018-06-11 08:46:35 -04:00
Tom Schlenkhoff
dc7631b994
Fix typo ( #4738 )
2018-06-11 05:38:21 -07:00
Chris Hoffman
ab6547383c
reorder sidebar
2018-06-08 17:22:27 -04:00
Chris Hoffman
611244d337
Update gcpckms.html.md
2018-06-08 17:07:59 -04:00
Chris Hoffman
3a690656ee
fix typo
2018-06-08 17:05:17 -04:00
Chris Hoffman
5d07ff7c7a
Adding Azure Key Vault seal docs ( #4728 )
2018-06-08 17:04:14 -04:00
Jeff Mitchell
165a622d15
Add missing sidebar links for AD
2018-06-07 10:21:22 -04:00
Brian Shumate
d2519da5ad
Tiny formalized edit ( #4715 )
2018-06-07 06:44:57 -07:00
Kevin Hicks
ed7992e8ae
update docs and help text to include 'operator' ( #4712 )
2018-06-06 21:11:21 -07:00
Jeff Mitchell
cfd3672cf3
Update 0.10.2 upgrade guide
2018-06-06 10:45:15 -04:00
Jeff Mitchell
ad27dc1c89
Prep for release
2018-06-05 23:54:54 -04:00
Jeff Mitchell
4b7d2bed01
Transit convergent v3
2018-06-05 18:53:39 -04:00
LeSuisse
809079cac2
Update usage of deprecated commands rekey and rotate in the documentation ( #4703 )
2018-06-05 12:37:26 -04:00
Eli Oxman
68ce3bed34
Add async python client to docs ( #4698 )
2018-06-05 10:23:56 -04:00
Nándor István Krácser
a36f91101a
Fix VAULT_LOG_LEVEL in docs ( #4696 )
2018-06-05 10:23:32 -04:00
Becca Petrin
6cafb12ff4
be more explicit about names ( #4695 )
2018-06-04 21:34:17 -04:00
amcbarnett
55eb4a997d
Update mount-filter.html.md ( #4656 )
2018-05-30 08:28:51 -04:00
emily
192c228931
Add GCP auth helper ( #4654 )
...
* update auth plugin vendoring
* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
Becca Petrin
9228659c5c
add formatter to ad docs ( #4653 )
2018-05-29 16:47:46 -07:00
Eduardo Criado Mascaray
f5c18d58ef
Fix typo in group parameter in Vault systemd file ( #4642 )
2018-05-29 15:04:43 -04:00
Viacheslav Vasilyev
d8d6be423b
Make test-case output a little bit consistent ( #4645 )
...
As well as in some places `-d` were incorrectly replaced with `--data`, sample commands with `accessor` were added
2018-05-29 15:03:33 -04:00
Jeff Mitchell
bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification
...
Rekey verification, allowing new key shares to be confirmed before committing the new key.
2018-05-29 15:00:07 -04:00
Becca Petrin
606889f005
Docs for the upcoming Active Directory secrets engine ( #4612 )
2018-05-29 08:49:09 -07:00
Jeff Mitchell
bd0ac25eb9
Merge branch 'master' into rekey-verification
2018-05-29 10:19:57 -04:00
Chris Hoffman
43c5030eca
pkcs11 docs updates
2018-05-25 15:39:07 -04:00
Becca Petrin
12976bf60e
add userpass note on bound cidrs ( #4610 )
2018-05-25 14:35:09 -04:00
Jeff Mitchell
52cb8234a6
Changelogify and fix some minor website bits
2018-05-25 10:39:23 -04:00
Nicholas Jackson
17460461a0
Breakout parameters for x.509 certificate login ( #4463 )
2018-05-25 10:34:46 -04:00
Yoko
6a2d0e71b6
Vault Interactive Tutorial updates ( #4623 )
...
* Added more tutorial steps
* Updated the step texts
2018-05-24 11:39:02 -07:00
nelson
196d054f70
Update kv-v2.html.md ( #4614 )
...
correct the payload format for "Configure the KV Engine" and "Update Metadata"
2018-05-24 12:44:44 -04:00
Jeff Mitchell
8a9cd42fe9
Interactive server now uses kvv2 so update text
2018-05-23 09:59:52 -04:00
Chris Hoffman
d066c4a2a8
remove incorrect parameter
2018-05-23 08:58:27 -04:00
Jeff Mitchell
635fd18bf6
Minor website doc updates
2018-05-22 15:12:12 -04:00
Yoko
11646db916
Seal Wrap / FIPS 140-2 Compliance guide ( #4558 )
...
* WIP - Seal Wrap guide
* WIP: Seal Wrap guide
* Added a brief description about the Seal Wrap guide
* Incorporated feedbacks
* Updated FIPS language
Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.
It's a very specific update, but it's an important one for some VE customers.
Looks great - thanks!
* Removed 'Compliance' from title
* typo fix
2018-05-22 11:23:11 -07:00
Jeff Mitchell
d60360ddbe
Add instructions for both kvv1 and kvv2 to getting started policies info
2018-05-22 14:07:12 -04:00
Yoko
d88e4d5019
Mount Filters guide ( #4536 )
...
* WIP: Mount filter guide
* WIP
* Mount filter guide for CLI, API, and UI
* updated the next step
* Updated the verification steps
* Added a note about the unseal key on secondaries
* Added more details
* Added a reference to mount filter guide
* Added a note about generating a new root token
* Added a note about local secret engine
2018-05-22 08:57:36 -07:00
Chris Hoffman
3db5a6adaa
updating link
2018-05-22 10:00:20 -04:00
Chris Hoffman
ae43f2c25e
adding options information to mount endpoint ( #4606 )
2018-05-21 16:39:43 -04:00
Jeff Mitchell
3e0dbc5ea7
Remove dupe website text
2018-05-21 16:30:45 -04:00
Jeff Mitchell
8ad0bbbc44
Address feedback
2018-05-21 16:13:38 -04:00
Jeff Mitchell
27ab8d1a20
Add verification documentation
2018-05-21 12:00:36 -04:00
Jeff Mitchell
c737778c8d
Make description of prehashed a bit more friendly
2018-05-21 09:08:22 -04:00
Jeff Mitchell
3a568b6175
Update key_type parameter description
2018-05-19 12:20:37 -04:00
Kevin Paulisse
6d93ea4d77
Docs: Clarify that revoking token revokes dynamic secrets ( #4592 )
2018-05-18 23:27:53 -07:00
Jeff Mitchell
5a35dac726
Add missing drsecondarycode to health API docs
2018-05-18 12:39:13 -04:00
Jeff Mitchell
30dc66221c
Flip documented resolve_aws_unique_id value
...
Fixes #4583
2018-05-18 12:05:52 -04:00
Reid Wiggins
9813794bc2
Add documentation for MySQL 5.6 root rotation ( #4584 )
...
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.
Fixes #4567
2018-05-18 08:56:11 -07:00
Romain Vrignaud
9050bc809b
Rename Google Container Engine to Google Kubernetes Engine ( #4586 )
2018-05-18 08:19:56 -07:00
Jeff Mitchell
124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
...
Update policies.html.md
2018-05-17 09:14:35 -07:00
Jeff Mitchell
38f5f5f783
Updated for new syntax
2018-05-17 09:14:12 -07:00
Jeff Mitchell
4ab7275c95
Merge pull request #4575 from avoidik/patch-2
...
Add more essential notes into production hardening guide
2018-05-17 09:05:34 -07:00
Jeff Mitchell
63963a73a6
Update production.html.md
2018-05-17 09:05:08 -07:00
Jim Kalafut
5dcfc63ee6
Fix GCP API parameter docs
2018-05-17 08:54:25 -07:00
Seth Vargo
21e79035e0
Move UI docs from enterprise to OSS ( #4565 )
2018-05-17 08:48:10 -07:00
Andrew Slattery
3bd38517eb
Update KV response code ( #4568 )
...
Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.
2018-05-17 08:46:19 -07:00
Tavis Wilson
50e05056d3
Update policies.html.md
2018-05-16 14:35:30 -05:00
Jeff Mitchell
ec876c21b3
Update website ldap url text
2018-05-16 11:58:10 -04:00
Viacheslav Vasilyev
cc99d82e8f
Update production.html.md
2018-05-16 11:16:04 +03:00
Jacob Friedman
095baa8263
fixed spelling error in step 1 ( #4572 )
2018-05-15 17:43:35 -07:00
Jeff Mitchell
aa98f33f63
Mention that you can actually rekey when using an HSM
2018-05-13 16:49:42 -04:00
Jeff Mitchell
821d347375
Update HSM documentation and fix GCP docs build
2018-05-13 16:39:22 -04:00
Robbie McKinstry
9765779622
Client side rate limiting ( #4421 )
2018-05-11 10:42:06 -04:00
Seth Vargo
a4fa046730
Update GCP secrets to be example-driven ( #4539 )
...
👍
2018-05-10 16:58:22 -04:00
Tyler Marshall
407550bd89
Fix minor spelling mistake ( #4548 )
2018-05-10 13:42:01 -07:00
Becca Petrin
76c717b081
Restrict cert auth by CIDR ( #4478 )
2018-05-09 15:39:55 -07:00
Jeff Kohrman
ec4b839741
Add link to updated privacy policy in layout.erb ( #4533 )
...
Added link to updated privacy policy in footer of `layout.erb` for the OSS website.
2018-05-09 16:11:57 -04:00
Yoko
fc97fc09ce
[Guide] DB Root Credential Rotation ( #4508 )
...
* DB root credential rotation guide
* Fixed typos
* Added a note about creating a dedicated superuser
* Incorporated Chris's feedback
* Added a reference to DB root credential rotation
* Rephrase some of the languages
* Minor re-wording of a sentence
2018-05-09 11:01:58 -07:00
Jeff VanSickle
a69e8d81b0
Update jq path for "excited" in JSON output example ( #4531 )
2018-05-09 08:41:41 -07:00
Shelby Moore
f8e1f82225
Updated proxy protocol config validation ( #4528 )
2018-05-09 10:53:44 -04:00
Jeff Mitchell
274732733e
Clarify that rotate requires sudo
2018-05-09 10:19:35 -04:00
tdsacilowski
c19e8d0dbc
Clarify HA params, fixed typos ( #4527 )
...
* Clarify HA params, fixed typos
* Additional clarifications to listener parameters
* Updated cluster_address values
2018-05-08 13:36:42 -07:00
Jacob Friedman
64bb0bd58a
Updated link for k8s-tokenreview ( #4523 )
...
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
2018-05-08 13:36:12 -07:00
Jacob Friedman
67b8d3dc40
Changed DR docs page to fix generating secondary DR token ( #4521 )
...
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
2018-05-08 13:35:48 -07:00
vishalnayak
f95a913bd5
docs: s/entity/group-alias
2018-05-08 16:32:35 -04:00
Chris Hoffman
7c0e590f54
docs update
2018-05-07 16:34:39 -04:00
Chris Hoffman
e7bbe6fbed
docs updates
2018-05-07 16:33:38 -04:00
Chris Hoffman
049df3da3e
updating pkcs11 docs ( #4520 )
2018-05-07 13:50:45 -04:00
Anthony Dong
9b06c0fb56
Fix typo in AppRole guide ( #4509 )
2018-05-04 10:10:21 -04:00
Jeff
9b9be9622a
Typo ( #4505 )
2018-05-03 13:37:44 -07:00
Jerome Cheng
d180e45cf5
Fix incorrect file path in Token Helper doc ( #4499 )
...
Vault stores the token in `~/.vault-token` and not `~/.vault_token`.
2018-05-02 21:56:38 -07:00
Laura Uva
cef1b3b75c
Payload key should be dr_operation_token ( #4498 )
2018-05-02 18:35:51 -07:00
Nathan Valentine
608f013bf2
s/aws_region/region/ ( #4497 )
...
The correct key name is 'region' as opposed to 'aws_region'.
2018-05-02 14:25:03 -07:00
Fabrizio Cucci
cef52dae90
Fix role of example in Kubernetes Auth Method ( #4483 )
...
It was `test` but it should be `demo` to be aligned with the example.
2018-05-01 15:04:53 -07:00
Matthew Irish
6bd95c596c
add script defer to the demo app tag as well ( #4489 )
2018-04-29 22:14:54 -05:00
Jeff Escalante
f8c18b11d8
fix fout issue ( #4477 )
2018-04-27 14:34:20 -07:00
Yoko
5bcb5992c9
Spring Cloud Vault Java demo ( #4397 )
...
* WIP - Spring Cloud Vault Java demo
* Added 'Reloading the Static Secrets' step
* Fixed a typo
* Minor wording change
Remove redundant "a".
* Typos and grammar
Fixed a few misspellings ("spring") and the odd "a", "the", or "an".
2018-04-27 09:18:50 -07:00
Pavlos Ratis
cd344bdbb8
[website] fix Markdown formatting on GCP page ( #4471 )
2018-04-27 09:13:07 -07:00
Jim Kalafut
7f69ff0546
Minor updates to Azure auth docs
2018-04-27 08:47:06 -07:00
Jeff Escalante
8deb32fc80
adjust analytics and other js for turbolinks ( #4400 )
2018-04-26 16:02:25 -05:00
emily
8a309e6406
fix docs ( #4466 )
2018-04-26 16:54:19 -04:00
Nathan Dataguake Basanese
1b4406fef5
Make a minor grammar edit for docs ( #4467 )
...
Previous version used `read` in stead of `get` for everything but the code block examples.
It's a minor oversight, and most of us are going to skim to the code blocks anyway. But maybe it'll help.
2018-04-26 16:41:23 -04:00
Jeff Mitchell
0f806d0950
Remove out of date text on HSM rekeying
2018-04-26 10:10:30 -04:00
Jim Kalafut
063c225f97
Fix typo in aws auth docs
2018-04-25 22:57:39 -07:00
Andrew Speed
418be4cb54
Fix authentication example mentioning vault auth but using vault login ( #4458 )
2018-04-25 14:59:38 -07:00
Krish
f8156a4e68
Update authentication.html.md
...
Thanks!
2018-04-25 14:37:59 -07:00
Jeff Mitchell
a6644bff6f
Merge branch 'master' of https://github.com/hashicorp/vault into master-oss
2018-04-25 10:43:10 -04:00
Chris Hoffman
fba759ab97
fix document formatting
2018-04-25 10:16:41 -04:00
Jeff Mitchell
00a577620f
Merge branch 'master' of https://github.com/hashicorp/vault into master-oss
2018-04-25 10:08:41 -04:00
Chris Hoffman
2d05034dd3
Seal Rotation Docs ( #4449 )
...
* wip docs
* adding docs
* removing vendor supported mechanism
2018-04-25 09:59:06 -04:00
Jeff Mitchell
e656420ba6
Merge branch 'master' of https://github.com/hashicorp/vault into master-oss
2018-04-25 09:48:23 -04:00
Nándor István Krácser
9cf56fe0df
Fix mapping read paths ( #4448 )
2018-04-25 09:22:30 -04:00
Jeff Mitchell
e426caf505
Prep for 0.10.1
2018-04-25 00:42:14 -04:00
Chris Kent
e2512d6d30
Website download page update ( #4444 )
...
* Update download page to include community resources
+ Added “downloads powered by” text to Fastly icon
+ changed to horizontal grid for download list (vs vertical list)
+ added community resources below page
* Reverting changes from earlier
* Added community links to downloads page
+ added community and getting-started links to sidebar as well
2018-04-24 20:29:36 -05:00
vishalnayak
94f28e3c24
Merge branch 'master-oss' into approle-local-secretid
2018-04-24 16:17:56 -04:00
Becca Petrin
639dc005ee
uppercase Vault in plugin doc ( #4442 )
2018-04-24 10:41:37 -07:00
Brian Shumate
c35fe4e6f0
Update curl commands / replace invalid '--payload' flag ( #4440 )
2018-04-24 11:20:29 -04:00
vishalnayak
7039f6dccd
Merge branch 'master-oss' into approle-local-secretid
2018-04-24 11:03:39 -04:00
Yoko
48994aee39
Updated the link to the sample app folder which was moved ( #4437 )
...
* Updated the link to the sample app folder which was moved
* Folder name changed from vault-transit-rewrap-example to vault-transit-rewrap
2018-04-23 16:45:10 -07:00
vishalnayak
6b7a042003
error on enable_local_secret_ids update after role creation
2018-04-23 17:05:53 -04:00
vishalnayak
97d146ca69
update docs
2018-04-23 16:54:23 -04:00
Jeff Mitchell
0882e5afb6
Update audit text to make it clear that audit logs are for authenticated interactions
2018-04-23 10:49:32 -04:00
Malhar Vora
45fe086107
Corrects description for mode option in ssh command ( #4420 )
...
Fixes #4375
2018-04-22 13:42:46 -04:00
Malhar Vora
739362b081
Correct typo in Kubernetes auth backend docs
...
Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend
documentation.
Fixes #4417
2018-04-21 19:37:59 -07:00
Jeff Mitchell
6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. ( #4412 )
...
Fixes #815
2018-04-21 10:49:16 -04:00
Chris Kent
b6b521d4db
Mrktfix ( #4411 )
...
* Updated hero with current logo
* Updated logos in these artifact images as well
* Added Branded Logo
with HashiCorp
* Updated logo with branded logo
(HashiCorp in the name)
* typo
* Wrong spot
* Updated logo
2018-04-20 14:43:11 -05:00
Chris Kent
4881a53eb0
Updated hero with current logo ( #4410 )
2018-04-20 12:50:00 -05:00
Alvin Huang
84ffdbb7b5
remove redundant 'Vault' in approle docs ( #4405 )
2018-04-20 09:55:15 -04:00
skiggety
77d59c527f
remove lingering mention of "vault write" command. ( #4388 )
2018-04-18 16:32:37 -04:00
Vishal Nayak
5fa9e4ca5c
phys/consul: Allow tuning of session ttl and lock wait time ( #4352 )
...
* phys/consul: allow tuning of session ttl and lock wait time
* use parseutil
* udpate docs
2018-04-18 13:09:55 -04:00
Jeff Mitchell
805b5e5160
X-Forwarded-For ( #4380 )
2018-04-17 18:52:09 -04:00
Yoko
43cb70c7bf
Versioned KV secret engine (kv-v2) tutorial ( #4367 )
...
* Added versioned kv secret engine tutorial
* Added check-and-set feature
* Fixed archived -> deleted
* Incorporated all suggested changes
2018-04-17 14:42:14 -07:00
Laura Uva
2ae6d614b8
Add mode to the examples under automation steps ( #4374 )
2018-04-17 13:47:41 -04:00
vishalnayak
da1d68969c
docs: update accessor lookup response
2018-04-17 11:52:58 -04:00
vishalnayak
6e827d2b27
docs: update token lookup response
2018-04-17 11:40:00 -04:00
Sohex
efd0023d89
Update index.html.md ( #4372 )
...
Remove duplicate of max_ttl description from end of period description under create role parameters.
2018-04-17 11:05:50 -04:00
George Hartzell
444faec8e6
Touch up getting started doc ( #4373 )
...
The example uses `vault kv put` but the the commentary references `vault write`. Make them consistent (this commit) or explain the equivalence.
2018-04-16 13:57:12 -04:00
Calvin Leung Huang
7ba953b969
Add docs for internal UI mounts endpoint ( #4369 )
...
* Add docs for internal UI mounts endpoint
* Update description section
2018-04-16 12:13:58 -04:00
Jeff Mitchell
530121c655
Add ability to disable an entity ( #4353 )
2018-04-13 21:49:40 -04:00
Jeff Mitchell
99cf5c6054
Fix token store role documentation around explicit max ttl
2018-04-13 09:59:12 -04:00
Jerome Cheng
a82a612e2c
Fix indentation of code block in Consul Secrets Engine docs ( #4350 )
...
The indentation of the code block in the Consul Secrets Engine doc was
removed in #4224 , but the closing backticks remained indented one level,
resulting in the block swallowing all text after it. Removing the
indentation from the closing backticks fixes this.
2018-04-13 09:55:35 -04:00
Jeff Escalante
8d9d64c7cf
switch from GA to segment tracking ( #4109 )
2018-04-12 21:35:38 -05:00
Peter Souter
28f6d65032
Remove Enterprise Only flag ( #4337 )
2018-04-11 14:27:58 -04:00
James Mannion
efea4fb6a7
Fixes a reference to deprecated init command ( #4338 )
...
Replace "vault init" with "vault operator init" in initialising the vault section.
2018-04-11 14:26:53 -04:00
Jeff Mitchell
d4db624671
Remove beta tag from Google Cloud
2018-04-10 13:58:16 -04:00
Jim Kalafut
0f823cfb09
Update news.yml
2018-04-10 09:41:11 -07:00
Matthew Irish
2f43a20ebe
fix broken link ( #4329 )
2018-04-10 11:11:38 -05:00
Jeff Mitchell
c56abb0dd8
Add more info to upgrade guide and changelog
2018-04-10 12:09:54 -04:00
Jeff Mitchell
4de07e436e
Prep for 0.10
2018-04-10 02:34:01 -04:00
Chris Hoffman
30792caa9f
adding 0.10 upgrade guide ( #4321 )
2018-04-09 17:32:15 -04:00
Yoko
966e2b63af
Removed extra '( )' in the link ( #4316 )
2018-04-09 09:57:22 -07:00
Brian Kassouf
a8b8ca136e
KV: Update 'versioned' naming to 'v2' ( #4293 )
...
* Update 'versioned' naming to 'v2'
* Make sure options are set
* Fix description of auth flag
* Review feedback
2018-04-09 09:39:32 -07:00
Yoko
2982199c1f
Fixed a missing 's' ( #4314 )
2018-04-09 09:22:11 -07:00
Chris Hoffman
f6a3a76f25
Docs for configuration UI headers ( #4313 )
...
* adding /sys/config/ui headers
* adding /sys/config/ui headers
2018-04-09 12:21:02 -04:00
Chris Hoffman
19f9f6ee89
Root Credential Rotation Docs ( #4312 )
...
* updating root credential docs
* more docs updates
* more docs updates
2018-04-09 12:20:29 -04:00
Yoko
c30133d415
AppRole with Terraform & Chef ( #4200 )
...
* WIP - Teddy's webinar
* WIP
* Added more details with diagram
* Fixed a typo
* Added a note about terraform bug with 0.11.4 & 0.11.5
* Minor adjustment
* Fixed typos
* Added matching CLI commands
* Added extra speace for readability
2018-04-09 08:50:50 -07:00
Matthew Irish
cff34e983f
UI - pki updates ( #4291 )
...
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
2018-04-08 21:09:29 -05:00
Chris Hoffman
cbcf31c570
remove token from curl request for login paths ( #4303 )
2018-04-06 18:10:59 -04:00
Yoko
f039404a8a
Added in-region DR scenario diagram ( #4292 )
...
This is a replica of the PR 4243 which has already been approved.
2018-04-05 16:08:55 -07:00
Andy Manoske
9c1db25639
Update index.html.md
2018-04-05 15:16:28 -07:00
Yoko
3dd3247006
Auto Unseal with AWS KMS guide ( #4277 )
...
* WIP
* Added auto unseal
* Converting to a guide
* Added little more explanations
* Minor fixes
* Fixed a typo
* Fixed a typo
* Changed auto unseal to auto-unseal
* Found more typo... fixed
2018-04-05 13:28:39 -07:00
Geoffrey Grosenbach
22c1766fc1
Correct the page title to read re-wrapping
( #4274 )
...
The title in the metadata used `re-rapping` instead of `re-wrapping`. This one line change fixes the spelling.
2018-04-04 16:55:46 -04:00
Quinn Stearns
d8dab90113
Rename Example Key from "value" to "foo" ( #4270 )
...
It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.
2018-04-04 16:22:27 -04:00
Yoko
7ef337ad86
Vault HA with Consul guide ( #4187 )
...
* Vault HA guide draft
* Fixed node_id to say node_name based on Brian's input
* Fixed the unwanted hyperlink
* Vault HA guide
* Updated the description of the Vault HA guide
* Typo fixes
* Added a reference to Vault HA with Consule guide
* Incorporated Teddy's feedback
* Fixed an env var name
* Vault configuration has been updated: 'api_addr'
2018-04-04 08:25:06 -07:00
Seth Vargo
a90467289a
Rename Google things to say "Google", update telemetry ( #4267 )
2018-04-04 10:37:44 -04:00
Brian Kassouf
62ce5ec91d
Versioned K/V docs ( #4259 )
...
* Work on kv docs
* Add more kv docs
* Update kv docs
* More docs updates
* address some review coments
2018-04-03 23:22:41 -07:00
Roy Sindre Norangshol
a9c717b44e
project is now project_id ( #4251 )
...
Verified both via vault CLI and direct curl'ing towards API endpoints.
2018-04-03 17:11:47 -04:00
Jeff Mitchell
f5ba4796f5
Case insensitive behavior for LDAP ( #4238 )
2018-04-03 09:52:43 -04:00
Lowe Schmidt
f2c302f920
Grammatical error ( #4246 )
...
As per Franklin Davis suggestion on the mailing list.
2018-04-03 07:53:38 -04:00
Vishal Nayak
96fc0c2509
Update group alias by ID ( #4237 )
...
* update group alias by id
* update docs
2018-04-02 10:42:01 -04:00
Vishal Nayak
032ca979dc
move identity docs from ent docs to oss ( #4235 )
2018-04-01 13:59:43 -04:00
Vishal Nayak
ab3579aeb6
add entity merge API to docs ( #4234 )
2018-04-01 12:59:57 -04:00
LeSuisse
cdd7cc1635
Update usage of the deprecated generated-root command in the documentation ( #4232 )
2018-03-31 11:17:08 -04:00
Seth Vargo
b48a9878e7
Add HA support to the Google Cloud Storage backend ( #4226 )
2018-03-30 12:36:37 -04:00
Brian Shumate
bf1b8709a6
Update Consuls Secrets quick start ( #4224 )
...
- Fix typo in role name
- Drop ordered list formatting on get credential example
2018-03-30 10:46:05 -04:00
Jon Benson
d1b0d6efb3
Update mfa-totp.html.md ( #4220 )
2018-03-29 16:51:13 -04:00
Jeff Mitchell
2f90e0c2e1
Merge branch 'master-oss' into 0.10-beta
2018-03-27 12:40:30 -04:00
Yoko
d03056eed3
Update Github auth method API reference ( #4202 )
...
* Update Github auth method API reference
* Replaced vault.rocks in API
2018-03-26 16:56:14 -07:00
vishalnayak
37153482be
docs: update aws ec2 auth step
2018-03-26 17:26:48 -04:00
Jeff Mitchell
e8fc0a11ce
Remove a few more vault.rocks usages
2018-03-26 15:02:22 -04:00
Wilhelmina Drengwitz
a10f02ef7b
Add general recommendation for the api_addr
config value ( #4198 )
...
We ran into some confusion about what we should be setting the api_addr config value to. I feel this general recommendation should nudge any others into a better understanding of what this value should point to.
2018-03-26 13:46:54 -04:00
Jeff Mitchell
65d8eb0914
Add more docs around list paths in policies.
...
CC #4199
2018-03-26 11:30:58 -04:00
Brian Shumate
0c30145325
Docs: add note about enterprise replication installations section to upgrade guide ( #3631 )
2018-03-26 10:25:09 -04:00
Seth Vargo
0b827774ae
Drop vault.rocks ( #4186 )
2018-03-23 11:41:51 -04:00
Chris Hoffman
b7ef4a3a6f
adding Azure docs ( #4185 )
...
Adding Azure Auth Method docs
2018-03-22 18:28:42 -04:00
Jeff Mitchell
f45a57af7a
Bump versions for beta release
2018-03-22 09:44:03 -04:00
Jim Kalafut
7842557e62
Fix minor docs and help text issues ( #4184 )
2018-03-22 09:29:59 -04:00
Brian Kassouf
ad383e911f
Update kv backend and add some docs ( #4182 )
...
* Add kv backend
* Move kv in apha order
* Update kv backend and add some docs
2018-03-21 23:10:05 -04:00
Brian Kassouf
3324d6dd12
Add kv backend ( #4181 )
2018-03-21 22:56:52 -04:00
Calvin Leung Huang
25792df5a9
Passthrough request headers ( #4172 )
...
* Add passthrough request headers for secret/auth mounts
* Update comments
* Fix SyncCache deletion of passthrough_request_headers
* Remove debug line
* Case-insensitive header comparison
* Remove unnecessary allocation
* Short-circuit filteredPassthroughHeaders if there's nothing to filter
* Add whitelistedHeaders list
* Update router logic after merge
* Add whitelist test
* Add lowercase x-vault-kv-client to whitelist
* Add back const
* Refactor whitelist logic
2018-03-21 19:56:47 -04:00
emily
f9b6f4b1c5
Docs for Vault GCP secrets plugin ( #4159 )
2018-03-21 15:02:38 -04:00
Brian Shumate
1fcf0c6a38
Docs: update formatting / heading ( #4175 )
...
- Correct Generate Disaster Recovery Operation Token heading level
- Tighten up formatting/trailing spaces
2018-03-21 10:14:52 -04:00
Jeff Mitchell
c25c60117a
Fix file location for 0.9.6 upgrade guide
2018-03-20 22:34:41 -04:00
Jeff Mitchell
f1aff69d92
Add 0.9.6 upgrade guide
2018-03-20 22:27:01 -04:00
Josh Soref
73b1fde82f
Spelling ( #4119 )
2018-03-20 14:54:10 -04:00
Jeff Mitchell
396ccd8699
Push up changes to prep for release
2018-03-20 14:10:53 -04:00
Jason Martin
b3e5ec865d
README Spelling error ( #4165 )
2018-03-20 11:45:56 -04:00
Jeff Mitchell
9e46f0f84a
Explicitly call out that we use aes-256 gcm-96 for the barrier.
...
Fixes #2913
2018-03-19 19:53:12 -04:00
Jeff Mitchell
9d030aaf37
Note that you can set a CA chain when using set-signed.
...
Fixes #2246
2018-03-19 19:44:07 -04:00
Yoko
4a25c18134
Transit rewrap ( #4091 )
...
* Adding new guides
* Replaced backend with engine
* Grammar for the encryption guide
* Grammar and Markdown style for the Transite Rewrap guide
See
https://github.com/hashicorp/engineering-docs/blob/master/writing/markdown.md
for notes on numbered Markdown lists.
* grammar and wording updates for ref arch guide
* Updating replication diagram
* Removing multi-tenant pattern guide
* Added a note 'Enterprise Only'
* Removing multi-tenant pattern guide
* Modified the topic order
* Grammar and Markdown formatting
* Grammar, Markdown syntax, and phrasing
* Grammar and Markdown syntax
* Replaced 'backend' with appropriate terms
* Added a note clarifying that replication is an enterprise-only feature
* Updated the diagram & added additional resource links
* update some grammar and ordering
* Removed the inaccurate text in index for EaaS
2018-03-19 14:56:45 -07:00
Jacob Crowther
35ccbe504c
Add Cryptr to related tools ( #4126 )
2018-03-19 14:46:54 -04:00
Jeff Mitchell
3a5e1792c0
Update path-help to make clear you shouldn't put things in the URL.
...
Remove from website docs as those have been long deprecated.
2018-03-19 11:50:16 -04:00
vishalnayak
fe0a077e17
s/Methods/Method
2018-03-18 15:46:57 -04:00
Joel Thompson
3e2006eb13
Allow non-prefix-matched IAM role and instance profile ARNs in AWS auth backend ( #4071 )
...
* Update aws auth docs with new semantics
Moving away from implicitly globbed bound_iam_role_arn and
bound_iam_instance_profile_arn variables to make them explicit
* Refactor tests to reduce duplication
auth/aws EC2 login tests had the same flow duplicated a few times, so
refactoring to reduce duplication
* Add tests for aws auth explicit wildcard constraints
* Remove implicit prefix matching from AWS auth backend
In the aws auth backend, bound_iam_role_arn and
bound_iam_instance_profile_arn were ALWAYS prefix matched, and there was
no way to opt out of this implicit prefix matching. This now makes the
implicit prefix matching an explicit opt-in feature by requiring users
to specify a * at the end of an ARN if they want the prefix matching.
2018-03-17 21:24:49 -04:00
Roger Berlind
753f8a8545
Fixed broken k8s TokenReview API link ( #4144 )
2018-03-17 21:23:41 -04:00
Jeff Mitchell
3d44060b5f
Update interactive tutorial commands
2018-03-16 15:03:51 -04:00
immutability
04d1202426
Plugins need setcap too for syscall mlock ( #4138 )
2018-03-16 06:05:01 -07:00
Yoko
2752855faa
Fixed the hyperlink ( #4140 )
2018-03-15 19:24:26 -07:00
Yoko
fb8d1566e6
updating the AppRole diagram ( #4139 )
...
Fixing the build error
2018-03-15 18:23:25 -07:00
Yoko
3a72bcc4ae
Approle diagram ( #4132 )
...
* Updates requested by the SE team
* Added links to AppRole blog and webinar
* Updated diagram
* Updated diagram
2018-03-15 17:16:59 -07:00
Joel Thompson
39dc981301
auth/aws: Allow binding by EC2 instance IDs ( #3816 )
...
* auth/aws: Allow binding by EC2 instance IDs
This allows specifying a list of EC2 instance IDs that are allowed to
bind to the role. To keep style formatting with the other bindings, this
is still called bound_ec2_instance_id rather than bound_ec2_instance_ids
as I intend to convert the other bindings to accept lists as well (where
it makes sense) and keeping them with singular names would be the
easiest for backwards compatibility.
Partially fixes #3797
2018-03-15 09:19:28 -07:00
Brian Nuszkowski
76be90f384
Add PKCS1v15 as a RSA signature and verification option on the Transit secret engine ( #4018 )
...
Option to specify the RSA signature type, in specific add support for PKCS1v15
2018-03-15 09:17:02 -07:00
Jeff Mitchell
59b3e28151
Make the API docs around ed25519 more clear about what derivation means for this key type
2018-03-15 11:59:50 -04:00
Jim Kalafut
3f1ed4eb0d
Fix description of parameter value globbing ( #4131 )
2018-03-14 17:03:00 -04:00
Edward Z. Yang
ac98730578
Vault user needed to use STS Federation Tokens ( #4108 )
...
If you try to use role authorization to get an STS token, you'll get this error:
* Error generating STS keys: AccessDenied: Cannot call GetFederationToken with session credentials
2018-03-14 10:24:29 -04:00
Malte
a0776eb703
Fix typo in recommended vault auth iam policy ( #4128 )
...
The resource arn for the `sts:AssumeRole` action is missing a `:` for the region and therefore invalid.
2018-03-14 03:45:21 -04:00
Joel Thompson
5c788e8642
docs: Alphabetize CLI commands ( #4127 )
...
status was appearing after token when it should be before
2018-03-14 01:44:41 -04:00
Brian Shumate
bbd4d7ab4c
Docs: grammatical clarification around community supported note ( #4122 )
2018-03-13 10:32:28 -04:00
Marien Fressinaud
5f5faec977
[doc] Change auth token in getting-started ( #4118 )
...
In the authentication section of the getting started doc, the token used
to login doesn't match with the one displayed as the command result.
This commit makes sure that both tokens correspond to avoid distracting
newcomers.
2018-03-13 10:28:09 -04:00
Calvin Leung Huang
3108860d4b
Audit HMAC values on AuthConfig ( #4077 )
...
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs
* docs: Add ttl params to auth enable endpoint
* Rewording of go string to simply string
* Add audit hmac keys as CLI flags on auth/secrets enable
* Fix copypasta mistake
* Add audit hmac keys to auth and secrets list
* Only set config values if they exist
* Fix http sys/auth tests
* More auth plugin_name test fixes
* Pass API values into MountEntry's config when creating auth/secrets mount
* Update usage wording
2018-03-09 14:32:28 -05:00
Alvin Huang
ce7d62e125
bump middleman-hashicorp container to 0.3.32 ( #4117 )
2018-03-09 13:06:58 -05:00
Vishal Nayak
527eb418fe
approle: Use TypeCommaStringSlice for BoundCIDRList ( #4078 )
...
* Use TypeCommaStringSlice for Approle bound_cidr_list
* update docs
* Add comments in the test
2018-03-08 17:49:08 -05:00
Jeff Mitchell
9d2a0dc31f
Update text around default policy to make it clear that it is user-modifiable
2018-03-08 15:48:11 -05:00
Jim Kalafut
079de043e3
Fix instruction in installation docs ( #4097 )
2018-03-08 11:02:04 -05:00
Viacheslav Vasilyev
b06c25b552
Fix autoreplacing issue ( #4103 )
2018-03-08 11:01:46 -05:00
Jeff Escalante
706bb4df4c
Some small website fixes ( #4087 )
...
* prepend first instance of 'Vault' with 'HashiCorp'
* update dependencies + middleman-hashicorp
2018-03-08 10:58:43 -05:00
Aleksandar
a8304e5d4d
Add the chunk_size optional parameter to gcs storage ( #4060 )
2018-03-05 08:32:48 -05:00
Mike
eb1c2b0732
Correct endpoint's path in Doc ( #4074 )
...
Fix typo in endpoint's path
2018-03-05 07:41:53 -05:00
Jim Kalafut
ef4537e5d4
Change "mount" to "secrets enable" in docs
2018-03-02 12:54:28 -08:00
Calvin Leung Huang
e2fb199ce5
Non-HMAC audit values ( #4033 )
...
* Add non-hmac request keys
* Update comment
* Initial audit request keys implementation
* Add audit_non_hmac_response_keys
* Move where req.NonHMACKeys gets set
* Minor refactor
* Add params to auth tune endpoints
* Sync cache on loadCredentials
* Explicitly unset req.NonHMACKeys
* Do not error if entry is nil
* Add tests
* docs: Add params to api sections
* Refactor audit.Backend and Formatter interfaces, update audit broker methods
* Add audit_broker.go
* Fix method call params in audit backends
* Remove fields from logical.Request and logical.Response, pass keys via LogInput
* Use data.GetOk to allow unsetting existing values
* Remove debug lines
* Add test for unsetting values
* Address review feedback
* Initialize values in FormatRequest and FormatResponse using input values
* Update docs
* Use strutil.StrListContains
* Use strutil.StrListContains
2018-03-02 12:18:39 -05:00
Jeff Mitchell
49068a42be
Document primary_email in Okta mfa path
2018-03-02 11:54:21 -05:00
Jeff Mitchell
8fe24dec0a
Actually add PingID to the index of API pages
2018-03-02 11:49:48 -05:00
Joel Thompson
e4949d644b
auth/aws: Allow lists in binds ( #3907 )
...
* auth/aws: Allow lists in binds
In the aws auth method, allow a number of binds to take in lists
instead of a single string value. The intended semantic is that, for
each bind type set, clients must match at least one of each of the bind
types set in order to authenticate.
2018-03-02 11:09:14 -05:00
Vishal Nayak
2646ed5e2a
update sys/capabilities docs ( #4059 )
2018-03-01 11:42:39 -05:00
Jeff Mitchell
5034ae2dcb
Add the ability to use multiple paths for capability checking ( #3663 )
...
* Add the ability to use multiple paths for capability checking. WIP
(tests, docs).
Fixes #3336
* Added tests
* added 'paths' field
* Update docs
* return error if paths is not supplied
2018-03-01 11:14:56 -05:00
Andy Manoske
942aa9bbdc
Update index.html.md
...
Updated for Unbound
2018-02-28 16:20:54 -08:00
Jeff Mitchell
20157fd56a
Fix broken link on Consul docs
2018-02-26 13:28:15 -05:00
Jeff Mitchell
abeb0fd45c
Bump versions in preparation for release
2018-02-26 12:20:19 -05:00
vishalnayak
4b0f27923f
ssh: clarify optional behavior of cidr_list
2018-02-24 06:55:55 -05:00
chris trott
78df6a630e
Configurable Consul Service Address ( #3971 )
...
* Consul service address is blank
Setting an explicit service address eliminates the ability for Consul
to dynamically decide what it should be based on its translate_wan_addrs
setting.
translate_wan_addrs configures Consul to return its lan address to nodes
in its same datacenter but return its wan address to nodes in foreign
datacenters.
* service_address parameter for Consul storage backend
This parameter allows users to override the use of what Vault knows to
be its HA redirect address.
This option is particularly commpelling because if set to a blank
string, Consul will leverage the node configuration where the service is
registered which includes the `translate_wan_addrs` option. This option
conditionally associates nodes' lan or wan address based on where
requests originate.
* Add TestConsul_ServiceAddress
Ensures that the service_address configuration parameter is setting the
serviceAddress field of ConsulBackend instances properly.
If the "service_address" parameter is not set, the ConsulBackend
serviceAddress field must instantiate as nil to indicate that it can be
ignored.
2018-02-23 11:15:29 -05:00
Yoko
099d89ff9d
Fixed a broken link ( #4032 )
2018-02-22 19:43:27 -08:00
Yoko
5389550cdc
Changed the layout category menu ( #4007 )
...
* Changed the layout category menu
* Fixed typos
* Fixed a typo, and removed the duplicated generate-root guide
* Fixed the redirect.txt
2018-02-22 16:24:01 -08:00
Chris Hoffman
a2e816321e
adding LIST for connections in database backend ( #4027 )
2018-02-22 15:27:33 -05:00
Jeff Mitchell
9c2ad5c4ec
Fix formatting on sys/health docs
2018-02-22 10:52:12 -05:00
Jeff Mitchell
2dda3f6363
Make docs around regenerate_key more specific
2018-02-22 09:09:20 -05:00
Calvin Leung Huang
a06243bf8d
Add description param on tune endpoints ( #4017 )
2018-02-21 17:18:05 -05:00
Jeff Mitchell
c2ae25d588
Update PKCS11 seal information
2018-02-21 09:05:36 -05:00
Jeff Mitchell
227ebcc188
Bump files for new version
2018-02-20 14:51:20 -05:00
Vishal Nayak
45bb1f0adc
Verify DNS SANs if PermittedDNSDomains is set ( #3982 )
...
* Verify DNS SANs if PermittedDNSDomains is set
* Use DNSNames check and not PermittedDNSDomains on leaf certificate
* Document the check
* Add RFC link
* Test for success case
* fix the parameter name
* rename the test
* remove unneeded commented code
2018-02-16 17:42:29 -05:00
Jeff Mitchell
f29bde0052
Support other names in SANs ( #3889 )
2018-02-16 17:19:34 -05:00
Jeff Mitchell
6f6b4521fa
Update website for AWS client max_retries
2018-02-16 11:13:55 -05:00
Jeff Mitchell
857cdaeb2b
Add some info about cert reloading behavior on SIGHUP
...
CC #3990
2018-02-15 17:11:48 -05:00
Seth Vargo
cd930b1173
Add support for Google Cloud Spanner ( #3977 )
2018-02-14 20:31:20 -05:00
Jeff Mitchell
35906aaa6c
Add ChaCha20-Poly1305 support to transit ( #3975 )
2018-02-14 11:59:46 -05:00
Nick
11f197dfa5
Update lease.html.md ( #3759 )
2018-02-14 09:44:34 -05:00
Brian Shumate
e6bf69b96b
DOCS: update Telemetry with more coverage ( #3968 )
...
- Add initial secrets engines metrics
- Update metrics types/values
- Update language for auth methods, secrets engines, audit devices
- Add more linking to relevant documentation
2018-02-14 09:39:51 -05:00
Seth Vargo
602a7c27f8
Fix code in header font size ( #3970 )
...
* Fix code in header font size
This fixes the tiny code font in header names.
* Update _global.scss
2018-02-13 22:17:51 -05:00
Brian Shumate
bbc196a6e5
Clarify with example of file-backend specific metrics ( #3913 )
2018-02-13 11:04:11 -05:00
George Perez
6e0ff44bfc
Update generate-root.html.md ( #3894 )
...
Fix typo: "providers" to "provides"
2018-02-13 11:03:35 -05:00
Brian Shumate
492b3e2277
DOCS: update Telemetry ( #3964 )
...
- Correct time to millis
- Correct storage backend summaries from # ops to duration of ops
2018-02-13 10:15:19 -05:00
Paul Stack
3c683dba92
Adding Manta Storage Backend ( #3720 )
...
This PR adds a new Storage Backend for Triton's Object Storage - Manta
```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v -timeout 45m
=== RUN TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok github.com/hashicorp/vault/physical/manta 61.210s
```
Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store
Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value
The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`
The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
2018-02-12 18:22:41 -05:00
Calvin Leung Huang
60732577f5
CLI Enhancements ( #3897 )
...
* Use Colored UI if stdout is a tty
* Add format options to operator unseal
* Add format test on operator unseal
* Add -no-color output flag, and use BasicUi if no-color flag is provided
* Move seal status formatting logic to OutputSealStatus
* Apply no-color to warnings from DeprecatedCommands as well
* Add OutputWithFormat to support arbitrary data, add format option to auth list
* Add ability to output arbitrary list data on TableFormatter
* Clear up switch logic on format
* Add format option for list-related commands
* Add format option to rest of commands that returns a client API response
* Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead
* Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead
* Remove -no-color flag, use env var exclusively to toggle colored output
* Fix compile
* Remove -no-color flag in main.go
* Add missing FlagSetOutputFormat
* Fix generate-root/decode test
* Migrate init functions to main.go
* Add no-color flag back as hidden
* Handle non-supported data types for TableFormatter.OutputList
* Pull formatting much further up to remove the need to use c.flagFormat (#3950 )
* Pull formatting much further up to remove the need to use c.flagFormat
Also remove OutputWithFormat as the logic can cause issues.
* Use const for env var
* Minor updates
* Remove unnecessary check
* Fix SSH output and some tests
* Fix tests
* Make race detector not run on generate root since it kills Travis these days
* Update docs
* Update docs
* Address review feedback
* Handle --format as well as -format
2018-02-12 18:12:16 -05:00
Joel Thompson
c61ac21e6c
auth/aws: Improve role tag docs as suggested on mailing list ( #3915 )
...
Fixes the ambiguity called out in
https://groups.google.com/forum/#!msg/vault-tool/X3s7YY0An_w/yH0KFQxlBgAJ
2018-02-12 17:39:17 -05:00
Jeff Mitchell
4969505c7e
Add transaction-like behavior for Transit persists. ( #3959 )
2018-02-12 17:27:28 -05:00
Jeff Mitchell
db8772f15e
Minor website wording updates
2018-02-12 15:28:06 -05:00
Jeff Mitchell
5a047fba68
Document the disable_sealwrap parameter
2018-02-12 15:20:07 -05:00
Jeff Mitchell
6f025fe2ab
Adds the ability to bypass Okta MFA checks. ( #3944 )
...
* Adds the ability to bypass Okta MFA checks.
Unlike before, the administrator opts-in to this behavior, and is
suitably warned.
Fixes #3872
2018-02-09 17:03:49 -05:00
Vishal Nayak
80ffd07b8b
added a flag to make common name optional if desired ( #3940 )
...
* added a flag to make common name optional if desired
* Cover one more case where cn can be empty
* remove skipping when empty; instead check for emptiness before calling validateNames
* Add verification before adding to DNS names to also fix #3918
2018-02-09 13:42:19 -05:00
alexandrumd
56f0ff4293
Change 'rules' parameter for Policies requests ( #3947 )
...
With Vault Version: 0.9.1, the following is returned when using "rules" for policies operation:
```The following warnings were returned from the Vault server:
* 'rules' is deprecated, please use 'policy' instead```
2018-02-09 07:43:18 -05:00
Roger Berlind
07f587dd05
Updated replication table ( #3929 )
2018-02-08 18:11:00 -05:00
Jeff Mitchell
4fbeae77ee
Update relatedtools.html.md
2018-02-08 11:15:47 -05:00
Robert Kreuzer
a25986391b
Add vaultenv to the list of related tools ( #3945 )
2018-02-08 10:30:45 -05:00
Chris Hoffman
d723479b32
Fixing docs links and adding redirects for new guides ( #3939 )
...
* updating links
* updating links
* updating links
* updating links
* updating links
* adding redirects
2018-02-07 19:29:07 -05:00
Jed
da955a8f1b
Lil typo fixes ( #3925 )
...
Read through the initial docs and noticed a few typos
2018-02-07 09:38:11 -05:00
emily
e086429964
fix IAM diagram for GCP auth method docs ( #3927 )
2018-02-07 09:37:11 -05:00
Andy Manoske
4d33d5fa34
Merge branch 'master' into new-guides
2018-02-06 13:09:22 -08:00
cikenerd
e7973773ac
Update etcd storage doc ( #3753 )
2018-02-06 11:00:00 -05:00
Yoko Hyakuna
1b12d74188
Missing * in the command
2018-02-05 16:17:18 -08:00
Jeff Mitchell
4174019efb
Add a space before the MFA super
2018-02-05 12:32:25 -05:00
Jeff Mitchell
855d8cb769
Move MFA to deprecated section, mark with a super
2018-02-05 12:32:21 -05:00
Jeff Mitchell
193278f9a4
Minor grammatical update to MFA doc
2018-02-05 12:26:16 -05:00
Jeff Mitchell
8145b0ce0b
Mark old MFA as legacy/unsupported in sidebar
2018-02-05 11:47:59 -05:00
Jeff Mitchell
0255d4ca10
Make the MFA support status more clear for the legacy system
2018-02-04 19:25:27 -05:00
Yoko Hyakuna
6883dc32f4
Merge branch 'master' of github.com:hashicorp/vault into new-guides
2018-02-02 09:03:12 -08:00
George Christou
c35af6dd01
website: Include fish
as a supported shell ( #3895 )
2018-02-02 10:34:48 -05:00
Yoko
9c93d2761e
Merge branch 'master' into new-guides
2018-02-01 11:55:18 -08:00
Yoko Hyakuna
2d30bef2af
Fixed a typo 'on-demand'
2018-02-01 10:00:18 -08:00
Yoko Hyakuna
7a1a19b6d6
Incorporated review comments
2018-02-01 09:50:59 -08:00
Vishal Nayak
01b1b9ff6d
docs/telemetry: remove merge conflict remnant ( #3882 )
...
* remove merge conflict remnant
* s/auth/authentication
2018-02-01 12:09:58 -05:00
Andy Manoske
505e65d0fe
Merge branch 'master' into new-guides
2018-01-31 17:17:00 -08:00
Brian Shumate
a7049247d9
Correct cofiguration option in example ( #3879 )
2018-01-31 13:41:31 -05:00
Yoko Hyakuna
cef6f8a758
Replaced deprecated command
2018-01-31 09:27:14 -08:00
Yoko Hyakuna
9fc56991f0
Replaced the deprecated commands with new ones
2018-01-30 10:46:27 -08:00
Jack Pearkes
a2f0f0a8e5
website: add note about the 0.9.2+ CLI changes to reduce confusion ( #3868 )
...
* website: add note about the 0.9.2+ CLI changes to reduce confusion
* website: fix frontmatter for 0.9.3 guide, add to guides index
* website: add overview title to 0.9.3 guide for spacing
2018-01-30 13:30:47 -05:00
Yoko Hyakuna
dded969da6
Merge master
2018-01-30 09:57:30 -08:00
Yoko Hyakuna
470e913af7
resolved the file name conflict
2018-01-29 16:41:44 -08:00
Jeff Mitchell
a5816dd2ae
Prep for 0.9.3
2018-01-28 15:33:29 -05:00
Yoko Hyakuna
1a532cb993
Re-categorized the guides on the navigation
2018-01-26 15:13:15 -08:00
Jeff Mitchell
8f24bdee1f
Typo fixes on upgrading page
2018-01-26 16:11:25 -05:00
Jeff Mitchell
c6d8222236
Add 0.9.2 upgrade guide
2018-01-26 16:07:41 -05:00
Jeff Mitchell
f3d1e8170b
Prep for 0.9.2
2018-01-26 13:59:01 -05:00
Chris Bartlett
c7580b2961
#3850 Fixed documentation for aws/sts ttl ( #3851 )
2018-01-25 22:20:30 -05:00
Yoko Hyakuna
d5262f7896
Fixed typos in the command
2018-01-25 15:07:35 -08:00
Yoko Hyakuna
8a9dc208fb
Fixed the sample admin policies
2018-01-24 22:15:40 -08:00
Yoko Hyakuna
d8de750f97
Fixed the sample admin policies
2018-01-24 21:21:23 -08:00
Yoko Hyakuna
3e043170a0
Fixed the sample admin policies
2018-01-24 18:10:56 -08:00
Yoko Hyakuna
3fc84bff3a
Added policy requirements & scenario diagrams
2018-01-24 16:01:44 -08:00
Andy Manoske
909f0d34fc
Policy Feedback from PM
2018-01-24 11:47:31 -08:00
Yoko Hyakuna
d45a247bec
Cleaned up the diagram
2018-01-23 16:22:17 -08:00
Yoko Hyakuna
9df839e446
More detailed descriptions were added
2018-01-23 15:43:07 -08:00
Vishal Nayak
b9a5a35895
docs: Fix the expected type of metadata ( #3835 )
2018-01-23 16:30:15 -05:00
Jeff Mitchell
8e8675053b
Sync some bits over
2018-01-22 21:44:49 -05:00
Yoko Hyakuna
358f95553c
WIP - new guides
2018-01-22 18:14:23 -08:00
Brian Shumate
dec64ecfd7
Update API endpoint references for revoke-prefix ( #3828 )
2018-01-22 18:04:43 -05:00
Yoko Hyakuna
df16089491
WIP - Added personas
2018-01-18 17:40:35 -08:00
Yoko Hyakuna
ac4bd212fc
WIP - new guides
2018-01-17 17:39:21 -08:00
Yoko Hyakuna
fd77a55dc1
WIP - new guides
2018-01-16 17:16:20 -08:00
Josh Giles
9c46431b80
Support JSON lists for Okta user groups+policies. ( #3801 )
...
* Support JSON lists for Okta user groups+policies.
Migrate the manually-parsed comma-separated string field types for user
groups and user policies to TypeCommaStringSlice. This means user
endpoints now accept proper lists as input for these fields in addition
to comma-separated string values. The value for reads remains a list.
Update the Okta API documentation for users and groups to reflect that
both user group and user/group policy fields are list-valued.
Update the Okta acceptance tests to cover passing a list value for the
user policy field, and require the OKTA_API_TOKEN env var to be set
(required for the "everyone" policy tests to pass).
* Fix typo, add comma-separated docs.
2018-01-16 18:20:19 -05:00
Jake Scaltreto
3ad372d65d
Fix minor typo in word "certificate" ( #3783 )
2018-01-15 15:52:41 -05:00
Paweł Słomka
b994e83c65
Cleanup of deprecated commands in tests, docs ( #3788 )
2018-01-15 15:19:28 -05:00
Harrison Brown
6b7f57caab
Suggested website copy changes ( #3791 )
...
* Adds comma
* Adds comma
* Suggested copy change
2018-01-15 14:33:41 -05:00
Vishal Nayak
8ef51c0065
Delete group alias upon group deletion ( #3773 )
2018-01-11 10:58:05 -05:00
Yoko Hyakuna
588e3bcd2d
WIP - New Vault guides
2018-01-10 17:28:00 -08:00
Yoko Hyakuna
6f7ed3016d
WIP - New Vault guides
2018-01-10 11:14:59 -08:00
Jeff Mitchell
d8009bced1
Merge branch 'master-oss' into sethvargo/cli-magic
2018-01-10 11:15:49 -05:00
Yoko Hyakuna
5e0ac2aee0
WIP - New Vault guides
2018-01-09 15:12:08 -08:00
Yoko Hyakuna
f61f32f0c6
WIP - New Vault guides
2018-01-09 15:06:00 -08:00
Justin Campbell
e59763372e
Bump middleman-hashicorp version
2018-01-09 13:06:59 -05:00
Justin Campbell
748a0d0e4b
Bump middleman-hashicorp Docker image
2018-01-09 12:27:13 -05:00
Justin Campbell
f16977b01a
Revert gem updates, leave Nokogiri updated
2018-01-09 12:04:34 -05:00
Jeff Mitchell
728088a74f
Bump middleman-hashicorp version
2018-01-09 11:54:42 -05:00
Jeff Mitchell
b8b495ee2a
Update gems
2018-01-09 11:26:32 -05:00
Laura Uva
b242800958
Fixed the link to the section on generating DR operation token for promoting secondary. ( #3766 )
2018-01-09 10:02:09 -06:00
Brian Shumate
fd424c74ba
Docs: add DR secondary/active HTTP 472 code ( #3748 )
2018-01-03 15:07:36 -05:00
Jeff Mitchell
d1803098ae
Merge branch 'master-oss' into sethvargo/cli-magic
2018-01-03 14:02:31 -05:00
Jon Davies
66e2593ef9
s3.go: Added options to use paths with S3 and the ability to disable SSL ( #3730 )
2018-01-03 12:11:00 -05:00
Brian Nuszkowski
9c3e96b591
Update '/auth/token/revoke-self' endpoint documentation to reflect the proper response code ( #3735 )
2018-01-03 12:09:43 -05:00
Didi Kohen
089a0793bd
Clarify that keybase is supported only in the CLI ( #3744 )
2018-01-03 11:18:38 -05:00
dmwilcox
39dd122663
Update docs to reflect ability to load cold CA certs to output full chains. ( #3740 )
2018-01-03 10:59:18 -05:00
Alexandre Nicastro
19b4062801
docs: fix typo (change 'a' to 'an' - indefinite article) ( #3741 )
2018-01-03 10:47:15 -05:00
markpaine
c50c597b62
Spelling correction. "specifig" -> "specific" ( #3739 )
2018-01-03 10:38:55 -05:00
markpaine
3c483b3e87
Spelling correction "datatabse" -> "database" ( #3738 )
2018-01-03 10:38:16 -05:00
Brian Shumate
4a9333b076
Docs: Updated Telemetry documentation ( #3722 )
2017-12-26 13:51:15 -05:00
Brian Shumate
bbf1c67d80
Update backend config docs - addresses #3718 ( #3724 )
2017-12-26 13:48:45 -05:00
Jeff Mitchell
1a2eba5f87
Port website changes from ent side
2017-12-21 09:00:35 -05:00
Jeff Mitchell
121d5bfeaa
Bump vars for 0.9.1
2017-12-21 08:39:41 -05:00
Jeff Mitchell
e6d60ee551
Clarify control group APIs are enterprise only.
...
Fixes #3702
2017-12-19 11:00:02 -05:00
Calvin Leung Huang
c4e951efb8
Add period and max_ttl to cert role creation ( #3642 )
2017-12-18 15:29:45 -05:00
Roger Berlind
27cdb42258
Added example for Azure SQL Database ( #3700 )
2017-12-18 13:55:56 -05:00
Travis Cosgrave
cf3e284396
Use Custom Cert Extensions as Cert Auth Constraint ( #3634 )
2017-12-18 12:53:44 -05:00
Jeff Mitchell
77a7c52392
Merge branch 'master' into f-nomad
2017-12-18 12:23:39 -05:00
Ernest W. Durbin III
98e04c42d3
Correct documentation for Kubernetes Auth Plugin ( #3708 )
2017-12-18 12:12:08 -05:00
James Nugent
e320d0580a
physical/dynamodb: Clarify ha_enabled type ( #3703 )
...
The example in the documentation correctly passes a quoted boolean (i.e.
true or false as a string) instead of a "real" HCL boolean. This commit
corrects the parameter list to document that fact.
While it would be more desirable to change the implementation to accept
an unquoted boolean, it seems that the use of `hcl.DecodeObject` for
parameters which are not common to all storage back ends would make this
a rather more involved change than this necessarily warrants.
2017-12-18 09:30:29 -05:00
James Nugent
618b52d72d
docs: Add correct method for mlock on systemd ( #3704 )
...
Although the previously described method of running setcap works if
setcap is available, the built-in LimitMEMLOCK directive is better.
2017-12-18 09:29:37 -05:00
Raja Nadar
446b87ee0e
added the missing nonce and type fields ( #3694 )
2017-12-17 16:26:07 -05:00
Chris Hoffman
f6bed8b925
fixing up config to allow environment vars supported by api client
2017-12-17 09:10:56 -05:00
Chris Hoffman
ef56322369
Merge remote-tracking branch 'oss/master' into f-nomad
...
* oss/master:
Add support for encrypted TLS key files (#3685 )
2017-12-15 19:51:28 -05:00
Chris Hoffman
164849f056
Add support for encrypted TLS key files ( #3685 )
2017-12-15 17:33:55 -05:00
Chris Hoffman
c71f596fbd
address some feedback
2017-12-15 17:06:56 -05:00
Jeff Mitchell
b478ba8bac
Merge branch 'master' into f-nomad
2017-12-14 16:44:28 -05:00
Vishal Nayak
15b3d8738e
Transit: backup/restore ( #3637 )
2017-12-14 12:51:50 -05:00
Brian Shumate
d5d265956d
Docs: fix typo in libtool ltdl name and link to avoid confusion and note about arch ( #3644 )
2017-12-11 13:42:19 -05:00
Brian Shumate
a8932fbcbd
Docs: Update PKI URL config examples to FQDN — addresses #3606 ( #3647 )
2017-12-11 13:25:59 -05:00
Chris Hoffman
3b0ba609b2
Converting key_usage and allowed_domains in PKI to CommaStringSlice ( #3621 )
2017-12-11 13:13:35 -05:00
Paulo Ribeiro
0ee55dde52
Remove duplicate link in ToC ( #3671 )
2017-12-11 12:52:58 -05:00
Brian Shumate
07a0d25aeb
Docs: Update PKI output examples - addresses #3606 ( #3628 )
2017-12-11 11:57:07 -05:00
Jeff Mitchell
b5d21ebdae
Cross reference pki/cert in a few places.
2017-12-11 11:10:28 -05:00
Brad Sickles
295e11d40d
Adding mfa support to okta auth backend. ( #3653 )
2017-12-07 14:17:42 -05:00
Brian Shumate
a0d1092420
Conditionally set file audit log mode ( #3649 )
2017-12-07 11:44:15 -05:00
Mohsen
2aa576149c
Small typo relating to no_store in pki secret backend ( #3662 )
...
* Removed typo :)
* Corrected typo in the website related to no_store
2017-12-07 10:40:21 -05:00
Brian Kassouf
34f5d1e637
Remove the note about GKE from the Kubernetes docs ( #3658 )
2017-12-06 13:38:00 -05:00
Calvin Leung Huang
41f03b466a
Support MongoDB session-wide write concern ( #3646 )
...
* Initial work on write concern support, set for the lifetime of the session
* Add base64 encoded value support, include docs and tests
* Handle error from json.Unmarshal, fix test and docs
* Remove writeConcern struct, move JSON unmarshal to Initialize
* Return error on empty mapping of write_concern into mgo.Safe struct
2017-12-05 15:31:01 -05:00
Calvin Leung Huang
8f87854b86
Clarify api_addr related errors on VaultPluginTLSProvider ( #3620 )
...
* Mention api_addr on VaultPluginTLSProvider logs, update docs
* Clarify message and mention automatic api_address detection
* Change error message to use api_addr
* Change error messages to use api_addr
2017-12-05 12:01:35 -05:00
Laura Uva
892a0cb5e0
Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key ( #3632 )
2017-12-04 12:12:58 -05:00
Brian Shumate
5a9d8c60ac
Docs: Update /sys/policies/ re: beta refs to address #3624 ( #3629 )
2017-12-04 12:10:26 -05:00
Jeff Mitchell
e301ebe91b
Update secrets page
...
Fixes #3623
2017-12-04 12:05:34 -05:00
Jeff Mitchell
f762d0615e
Remove beta notice
2017-12-04 08:25:16 -08:00
Chris Hoffman
b17fb19b52
Expanding on the quick start guide with how to set up an intermediate authority ( #3622 )
2017-12-04 11:23:58 -05:00
Brian Shumate
ac69680d7b
Docs: mlock() notes, fixes #3605 ( #3614 )
2017-12-04 10:56:16 -05:00
crdotson
fd2464c410
Fix spelling ( #3609 )
...
changed "aomma" to "comma"
2017-12-04 10:53:58 -05:00
csawyerYumaed
605efa37e9
update relatedtools, add Goldfish UI. ( #3597 )
...
Add link to Goldfish a web UI for Vault.
2017-12-04 10:51:16 -05:00
Paul Pieralde
ff2c8d4865
Fix docs for Transit API ( #3588 )
2017-12-04 10:34:05 -05:00
Jeff Mitchell
d81a39ab99
Update cassandra docs with consistency value.
...
Fixes #3361
2017-12-02 14:18:23 -05:00
Marc Sensenich
92f937c021
Remove Trailing White space in Kubernetes Doc ( #3360 )
...
Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example
```
vault write auth/kubernetes/role/demo \
bound_service_account_names=vault-auth \
bound_service_account_namespaces=default \
policies=default \
ttl=1h
```
2017-12-02 14:12:39 -05:00
immutability
74bd27bdb5
Missing command for vault PUT operation ( #3355 )
2017-12-02 13:43:37 -05:00
Jeff Mitchell
f79a15ddcd
Update some rekey docs
...
Fixes #3306
2017-12-02 13:34:52 -05:00
Nicolas Corrarello
7b14f41872
Fix docs up to current standards
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:53:42 +00:00
Nicolas Corrarello
b3799697a2
Rename policy into policies
2017-11-29 16:31:17 +00:00
Nicolas Corrarello
a6d3119e3e
Pull master into f-nomad
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:56:37 +00:00
Laura Uva
3b5cbe54fd
Added clarification to KV documentation about default CLI behavior and how to preserve non-string type values ( #3596 )
2017-11-27 11:43:49 -05:00
Brian Shumate
fa4af18b73
Docs: policy update for multiple policies, fixes #3611 ( #3613 )
2017-11-27 09:54:38 -05:00
mariachugunova
89a0919250
Fix typo in s3 storage backend docs ( #3603 )
2017-11-23 13:28:33 -08:00
Vishal Nayak
5f02a64206
docs: encryption/decryption now supports asymmetric keys ( #3599 )
2017-11-21 12:25:28 -05:00
Jeff Mitchell
422c1898c8
Update upgrade guide with HSM info
2017-11-16 11:04:46 -05:00
Vishal Nayak
00dfc1c4de
Docs: Remove 'none' as algorithm options ( #3587 )
2017-11-15 09:09:45 -05:00
Jeff Mitchell
141548fb33
Add now-necessary mfa import to sentinel MFA example
2017-11-14 21:42:43 -05:00
Brian Kassouf
85a5a75835
Add token_reviewer_jwt to the kubernetes docs ( #3586 )
2017-11-14 13:27:09 -08:00
Chris Hoffman
b3a7d8ecf3
adding licensing docs ( #3585 )
2017-11-14 16:15:09 -05:00
Paul Pieralde
8fedef3d99
Docs change for Policy API ( #3584 )
...
vault 0.9.0 deprecated the term `rules` in favor of the
term `policy` in several of the /sys/policy APIs.
The expected return state of 200 SUCCESS_NO_DATA only happens
if the `policy` term is used. A response including the
deprecation notice and a 204 SUCCESS_WITH_DATA status code
is returned when `rules` is applied.
2017-11-14 14:26:26 -05:00
Vishal Nayak
2b481defe4
Upgrade to 0.9 ( #3583 )
...
* Upgrade to 0.9
* Add link to sidebar
* Remove items that were already in 0.8 upgrade guide
2017-11-14 13:32:09 -05:00
Vishal Nayak
3c7f194797
Doc: Add groups to identity concepts ( #3581 )
...
* Add groups to the concepts page
* s/pulled-in and pulled-out/synced against
* Remove double spaces
2017-11-14 13:27:49 -05:00
Seth Vargo
68052f18d0
Flip seal pages upside down to put examples first
2017-11-14 13:12:35 -05:00
Seth Vargo
4efcfe03d1
Add an auto-unseal page to the docs
...
This helps with SEO and also is where I'd expect auto unsealing to be referenced.
2017-11-14 13:12:20 -05:00
Seth Vargo
b09d042173
Use super to show enterprise
2017-11-14 13:11:55 -05:00
Jeff Mitchell
8ba71a67e5
Minor website wording updates
2017-11-14 12:34:28 -05:00
Jeff Mitchell
40e3883788
Fix some broken links
2017-11-14 12:32:03 -05:00
Jeff Mitchell
7ac167f8a4
Sync docs
2017-11-14 06:13:11 -05:00
Jeff Mitchell
77442f8640
Prep for 0.9.0
2017-11-14 06:08:56 -05:00
Vishal Nayak
5d976794d4
API refactoring and doc updates ( #3577 )
...
* Doc updates and API refactoring
* fix tests
* change metadata fieldtype to TypeKVPairs
* Give example for TypeKVPairs in CLI for metadata
* Update API docs examples to reflect the native expected value for TypeKVPairs
* Don't mention comma separation in the docs for TypeCommaStringSlice
* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias
* Address review feedback
* Fix formatting
* fix sidebar links
2017-11-13 20:59:42 -05:00
Laura Uva
96e80e38e8
Updated the Replication guide to make it clear that it is focused on Performance Replication. Added a link to our general info page for information on DR Replication. Removed some statements about DR not being available yet. ( #3502 )
2017-11-13 11:55:04 -05:00
Brian Shumate
697a506b7b
DOCS: Update telemetry docs - fixes #3557 ( #3571 )
2017-11-13 09:58:04 -05:00
Calvin Leung Huang
87feab4492
Docs update related to new top-level config values ( #3556 )
...
* Add new top level config value docs, add VAULT_API_ADDR, purge old references
* Fix indentation
* Update wording on ha.html
* Add section on split data/HA mode
* Fix grammar
2017-11-10 20:06:07 -05:00
Vishal Nayak
645c068011
transit doc update ( #3564 )
2017-11-09 16:17:54 -05:00
James Soubry
f2a98cc662
Fix curl commands ( #3558 )
...
Curl commands require HCL within JSON to work.
2017-11-09 10:16:09 -05:00
Calvin Leung Huang
b7deec2bec
Add docs for /sys/rekey-recovery-key ( #3520 )
2017-11-08 14:22:30 -05:00
Paul Pieralde
01ff6293e0
Doc fix for Create/Update Token API ( #3548 )
...
`orphan` is intended to be default to False. Docs indicate this
is default to True. Simple change to update the docs only.
2017-11-07 18:06:44 -05:00
Joel Thompson
2c8cd19e14
auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive ( #3291 )
2017-11-06 17:12:07 -05:00
Chris Hoffman
de8c0dce99
minor cleanup
2017-11-06 16:34:20 -05:00
Jonathan Freedman
4109473134
More Mount Conflict Detection ( #2919 )
2017-11-06 15:29:09 -05:00
Gregory Reshetniak
57c9afa357
added AWS enpoint handling ( #3416 )
2017-11-06 13:31:38 -05:00
Calvin Leung Huang
d7305a4681
Add note on support for using rec keys on /sys/rekey ( #3517 )
2017-11-06 12:18:15 -05:00
Jason Antman
af649c60d0
Add third party tools list to website ( #3488 )
2017-11-06 12:11:02 -05:00
Jeff Mitchell
17310654a1
Add PKCS8 marshaling to PKI ( #3518 )
2017-11-06 12:05:07 -05:00
Nicolas Corrarello
5a317a1a32
Updated documentation
2017-11-06 15:13:50 +00:00
Calvin Leung Huang
93917743df
Update SSH list roles docs ( #3536 )
2017-11-03 18:00:46 -04:00
Vishal Nayak
e4e4a7ba67
Capabilities responds considering policies on entities and groups ( #3522 )
...
* Capabilities endpoint will now return considering policies on entities and groups
* refactor the policy derivation into a separate function
* Docs: Update docs to reflect the change in capabilities endpoint
2017-11-03 11:20:10 -04:00
Vishal Nayak
06923430cc
docs: s/persona/alias ( #3529 )
2017-11-03 11:17:59 -04:00
Vishal Nayak
52df62d4ff
Encrypt/Decrypt/Sign/Verify using RSA in Transit backend ( #3489 )
...
* encrypt/decrypt/sign/verify RSA
* update path-help and doc
* Fix the bug which was breaking convergent encryption
* support both 2048 and 4096
* update doc to contain both 2048 and 4096
* Add test for encrypt, decrypt and rotate on RSA keys
* Support exporting RSA keys
* Add sign and verify test steps
* Remove 'RSA' from PEM header
* use the default salt length
* Add 'RSA' to PEM header since openssl is expecting that
* export rsa keys as signing-key as well
* Comment the reasoning behind the PEM headers
* remove comment
* update comment
* Parameterize hashing for RSA signing and verification
* Added test steps to check hash algo choice for RSA sign/verify
* fix test by using 'prehashed'
2017-11-03 10:45:53 -04:00
Vishal Nayak
a7acc23034
docs: Add config/ca delete operation ( #3525 )
2017-11-03 06:19:21 -04:00
Chris Hoffman
3d8d887676
Add ability to require parameters in ACLs ( #3510 )
2017-11-02 07:18:49 -04:00
Nicolas Corrarello
d540985926
Unifying Storage and API path in role
2017-10-31 21:06:10 +00:00
Nicolas Corrarello
0fc65cabc7
Minor/Cosmetic fixes
2017-10-31 19:11:24 +00:00
Nathan Valentine
0345dca20f
Should these names not reference Vault? ( #3506 )
...
Since we are in the Vault docs, should these names not reference Vault instead of Nomad?
2017-10-30 11:04:38 -05:00
Jeff Mitchell
963f516ac9
Fix C&P in docs.
...
Fixes #3454
2017-10-27 16:43:26 -04:00
Vishal Nayak
b16084fdaf
aws-ec2: Avoid audit logging of custom nonces ( #3381 )
2017-10-27 11:23:15 -04:00
smeach
c575435040
Updated cli arg to reflect text description ( #3487 )
2017-10-27 09:44:56 -05:00
AJ Bourg
a71add2973
Add a doc for the token helper ( #3411 )
...
* Add token helper docs.
* Update it so the new token helpers page appears in the navigation.
2017-10-27 09:42:33 -05:00
Christophe Tafani-Dereeper
5ff1485a3e
Correct typos in the sys/raw documentation ( #3484 )
2017-10-24 10:33:57 -04:00
Seth Vargo
83b1eb900a
More naming cleanup
2017-10-24 09:35:03 -04:00
Seth Vargo
a07c7d7368
Update guides to use new CLI commands
2017-10-24 09:34:30 -04:00
Seth Vargo
53f26e6bd7
Update getting started walkthrough
2017-10-24 09:34:30 -04:00
Seth Vargo
7463ba73a5
Oops typo
2017-10-24 09:34:30 -04:00
Seth Vargo
6c1411447c
Remove more references to auth backend
2017-10-24 09:34:12 -04:00
Seth Vargo
926ca5c125
Update k8s documentation
2017-10-24 09:34:12 -04:00
Seth Vargo
51a27b758b
Resolve the most painful merge conflict known on earth
2017-10-24 09:34:12 -04:00
Seth Vargo
2982fdf7ca
Remove ?list examples
...
They are documented in the overall API section, but people should get used to seeing LIST as a verb
2017-10-24 09:32:15 -04:00
Seth Vargo
a85d3c6270
Remove smaller font on embedded code snippets
2017-10-24 09:32:15 -04:00
Seth Vargo
c5665920f6
Standardize on "auth method"
...
This removes all references I could find to:
- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend
in favor of the unified:
- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo
3bbeace911
Audit backend -> device
2017-10-24 09:30:52 -04:00
Seth Vargo
f7310eac04
Add new commands to the sidebar
2017-10-24 09:30:52 -04:00
Seth Vargo
aa34fb17c7
Absorb help and read-write into index
2017-10-24 09:30:52 -04:00
Seth Vargo
162c525159
Add "write" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
6fa133852e
Add "unwrap" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4d80ccbb4c
Add "token" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
51e185b9a2
Add "status" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4634949b9b
Add "ssh" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
a106350950
Add "server" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
28fa271c4e
Add "secrets" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
bcf6657e9c
Add "read" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
c743167f4c
Add "policy" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
54f8e0adb2
Update "path-help" documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
f48bc06d93
Add "operator" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
a81ff9a97c
Add "login" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
50d6c9a642
Add "list" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
57c0d53121
Add "lease" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
d31bccccdf
Add "delete" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
48e84342c2
Add "auth" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
0fa0a5ca41
Add "audit" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
3c43409e6c
Add "token revoke" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
6d150b5228
Add "token renew" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
cac3515379
Add "token lookup" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
ffe608d535
Add "token create" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
61edbf3325
Add "token capabilities" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
529b9bd224
Add "secrets tune" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
40b8f3c204
Add "secrets move" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f2bbb3cc18
Add "secrets list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c782b25e7c
Add "secrets enable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
087a87c59e
Add "secrets disable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6995d1e06b
Add "policy write" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
79b3f7d8fe
Add "policy read" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
e29e78eb7d
Add "policy list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6522bd12d5
Add "policy fmt" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
b735d70922
Add "policy delete" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c9d74f77e4
Add "operator unseal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f15eddf299
Add "operator step-down" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c62de019dd
Add "operator seal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c2f31c503a
Add "operator rotate" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
310d4adc87
Add "operator rekey" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
83df4a8c4c
Add "operator key-status" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c35d67c9e3
Add "operator init" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
ed15b273ca
Add "operator generate-root" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
baf2edbc57
Add "lease revoke" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
a1de44f93c
Add "lease renew" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
21e74d73dd
Add "auth tune" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
7d880e3154
Add "auth list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
01780e9b75
Add "auth help" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
e04fb8423a
Add "auth enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
95af51f279
Add "auth disable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
89e23d0e84
Add "audit list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
04ee9ce40a
Add "audit enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
fd2a12bce4
Add "audit disable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
b654f81763
Allow quotes in meta description fields
2017-10-24 09:30:49 -04:00
Seth Vargo
0afff80b5e
Document mount types/values
2017-10-24 09:28:05 -04:00
Seth Vargo
44851f992e
Expand root generation guide with a PGP example
2017-10-24 09:28:05 -04:00
Chris Hoffman
e4065e33d2
copying general purpose tools from transit backend to /sys/tools ( #3391 )
2017-10-20 10:59:17 -04:00
Chris Hoffman
df29bc4fc0
updating mssql docs ( #3477 )
2017-10-19 11:21:29 -04:00
Brian Shumate
d150f374fd
Match plugin name from releases ( #3453 )
2017-10-19 11:10:42 -04:00
blazindragon
6c6e2a3baa
Correct typo: DELET to DELETE ( #3452 )
2017-10-13 10:11:04 -04:00
Brian Kassouf
fdd76563eb
Add a note about the instant client libraries ( #3434 )
...
* Add a note about the instant client libraries
* Update oracle.html.md
2017-10-12 09:40:06 -04:00
Jeremy Voorhis
af24163abd
Implement signing of pre-hashed data ( #3448 )
...
Transit backend sign and verify endpoints now support algorithm=none
2017-10-11 11:48:51 -04:00
Martins Sipenko
a2808db1af
Fix docs ( #3449 )
2017-10-11 11:29:26 -04:00
Brendan
d5decccbfe
Update index.html.md ( #3433 )
...
Fixed typo in json property used to create custom secret_id
2017-10-11 09:25:43 -04:00
emily
cbe41b590f
add GCP APIs that need to be enabled to GCP auth docs, small doc fixes ( #3446 )
2017-10-11 09:18:32 -04:00
Nicolas Corrarello
3380fd647d
Adding Nomad docs to the nav. Minor cosmetics fixes
2017-10-06 16:03:06 +01:00
David Dixon
cfd27317d8
Small typo corrections for policies doc ( #3413 )
2017-10-06 09:38:00 -04:00
Nicolas Corrarello
d7bb311db3
A few simple fixes for the Github API docs ( #3432 )
2017-10-06 06:13:47 -04:00
Daniel DeFisher
974332c2c5
upgrade ldap api docs to refrect 0.8.3 change to returned json of policies ( #3421 )
2017-10-04 15:40:28 -04:00
Jeff Mitchell
e3ce60eb1f
Allow entering PKI URLs as arrays. ( #3409 )
...
Fixes #3407
2017-10-03 16:13:57 -04:00
Oluwafemi Sule
b6ec6351af
fix spellings errors ( #3400 )
2017-09-29 11:52:42 -04:00
Nicolas Corrarello
b207b76f14
Updated API Docs with the Global Token Parameter
2017-09-29 11:23:47 +01:00
Alex Dadgar
f56e191020
Fix spelling errors ( #3390 )
2017-09-28 07:54:40 -04:00
Paulo Ribeiro
43540e9c32
Fix grammatical error ( #3395 )
...
Also changed capitalization for consistency.
2017-09-28 06:28:48 -04:00
Brian Kassouf
b1db3765ca
Kubernetes Docs Update ( #3386 )
...
* Update Kubnernetes Docs
* Add a note about alpha clusters on GKE
* Fix JSON formatting
* Update kubernetes.html.md
* Fix a few review comments
2017-09-27 14:02:18 -07:00
Vishal Nayak
abcf4b3bb2
docs: Added certificate deletion operation API ( #3385 )
2017-09-26 20:28:52 -04:00
Jeff Mitchell
17a15cd594
Add option to disable client certificate requesting. ( #3373 )
...
Fixes #3372
2017-09-25 14:41:46 -04:00
Nicolas Corrarello
2b4561dccb
Adding Nomad Secret Backend API documentation
2017-09-21 09:18:35 -05:00
Nicolas Corrarello
5178e5f5f2
Adding Nomad secret backend documentation
2017-09-20 17:31:28 -05:00
Dave Pedu
19e4d8b6c3
Spelling fix ( #3351 )
2017-09-19 15:25:39 -04:00
Jeff Mitchell
bad1555919
Bump version
2017-09-19 10:54:01 -04:00
Brian Kassouf
9b0d594d02
Kubernetes auth ( #3350 )
...
* Import the kubernetes credential backend
* Add kubernetes docs
* Escape * characters
* Revert "Import the kubernetes credential backend"
This reverts commit f12627a9427bcde7e73cea41dea19d0922f94789.
* Update the vendored directory
2017-09-19 09:27:26 -05:00
Calvin Leung Huang
d4a5362835
Clarify backup data that is being stored ( #3345 )
2017-09-19 07:44:34 -05:00
emily
ed3d75d0b1
Add GCE docs for GCP Auth Backend ( #3341 )
2017-09-19 07:44:05 -05:00
Bruno Miguel Custódio
2abddb248e
Fix a few quirks in the GCP auth backend's docs. ( #3322 )
2017-09-19 07:41:41 -05:00
Vishal Nayak
e99640f462
Add 'pid_file' config option ( #3321 )
...
* add pid_file config option
* address review feedback
* address review comments
2017-09-16 17:09:37 -04:00
Laura Uva
8529972bfb
Updated https://www.vaultproject.io/api/system/replication-dr.html#generate-dr-secondary-token to be a POST rather than GET. This was reported by a customer and I confirmed that this should be a logical.UpdateOperation rather than ReadOperation ( 24f2b961fd/vault/replication_api.go (L121)
). ( #3342 )
2017-09-15 16:19:16 -04:00
Chris Hoffman
1029ad3b33
Rename "generic" secret backend to "kv" ( #3292 )
2017-09-15 09:02:29 -04:00
Chris Hoffman
a2d2f1a543
Adding support for base_url for Okta api ( #3316 )
...
* Adding support for base_url for Okta api
* addressing feedback suggestions, bringing back optional group query
* updating docs
* cleaning up the login method
* clear out production flag if base_url is set
* docs updates
* docs updates
2017-09-15 00:27:45 -04:00
Chris Hoffman
9d73c81f38
Disable the sys/raw
endpoint by default ( #3329 )
...
* disable raw endpoint by default
* adding docs
* config option raw -> raw_storage_endpoint
* docs updates
* adding listing on raw endpoint
* reworking tests for enabled raw endpoints
* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
Chris Hoffman
2e60b20eae
update enterprise urls /docs/vault-enterprise -> /docs/enterprise ( #3333 )
2017-09-13 15:37:40 -04:00
Paul Pieralde
2c640950e0
Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing ( #3331 )
...
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
2017-09-13 11:59:27 -07:00
Jeff Mitchell
cb6ac1e926
Change behavior of TTL in sign-intermediate ( #3325 )
...
* Fix using wrong public key in sign-self-issued
* Change behavior of TTL in sign-intermediate
This allows signing CA certs with an expiration past the signer's
NotAfter.
It also change sign-self-issued to replace the Issuer, since it's
potentially RFC legal but stacks won't validate it.
Ref: https://groups.google.com/d/msg/vault-tool/giP69-n2o20/FfhRpW1vAQAJ
2017-09-13 11:42:45 -04:00
Chris Hoffman
cfa74e6a95
remove token header from login samples ( #3320 )
2017-09-11 18:14:05 -04:00
Bruno Miguel Custódio
886a0acee6
Fix navigation and prameters in the 'gcp' auth backend docs. ( #3317 )
2017-09-11 15:26:24 -04:00
Jose Diaz-Gonzalez
12cde76112
fix: add missing comma to payload ( #3308 )
2017-09-11 12:03:43 -04:00
Dan Urson
57a7002210
Update AWS CloudHSM comparison. ( #3311 )
...
* Update AWS CloudHSM comparison.
* Update hsm.html.md
* Update hsm.html.md
2017-09-10 12:54:05 -04:00
Calvin Leung Huang
c747caac2a
Fix cassandra tests, explicitly set cluster port if provided ( #3296 )
...
* Fix cassandra tests, explicitly set cluster port if provided
* Update cassandra.yml test-fixture
* Add port as part of the config option, fix tests
* Remove hostport splitting in cassandraConnectionProducer.createSession
* Include port in API docs
2017-09-07 23:04:40 -04:00
Adam Duke
a3f97c5e3e
fix typo in policies documentation ( #3302 )
2017-09-07 11:55:24 -04:00
Paul Pieralde
567f2ce1f1
Fix docs for Certificate authentication ( #3301 )
...
Fix discrepencies in the documentation for TLS Certificate
authentication. The Delete CRL method has a misleading title and
description.
2017-09-07 10:28:14 -04:00
Paul Pieralde
25976b340e
Fixed small typo in RabbitMQ secret backend. ( #3300 )
...
Fixed `name` param for the Delete Role API in the RabbitMQ secret backend.
2017-09-07 10:00:32 -04:00
Jeff Mitchell
44bf03e3b6
Fix compile after dep update
2017-09-05 18:18:34 -04:00
Jeff Mitchell
7f7f2c7cfc
Update version
2017-09-05 11:14:25 -04:00
Eugene Bekker
e85e22b00e
Fixing the response sample for reading a plugin ( #3278 )
...
The plugin config data properties are returned immediately within the response's `data` object.
2017-09-01 08:34:54 -04:00
Jeff Mitchell
9578361513
Massive update to response-wrapping concept page
2017-09-01 08:32:55 -04:00
Jeff Mitchell
abb2ab2918
Add pki/root/sign-self-issued. ( #3274 )
...
* Add pki/root/sign-self-issued.
This is useful for root CA rolling, and is also suitably dangerous.
Along the way I noticed we weren't setting the authority key IDs
anywhere, so I addressed that.
* Add tests
2017-08-31 23:07:15 -04:00
Calvin Leung Huang
6f417d39da
Normalize plugin_name option for mount and enable-auth ( #3202 )
2017-08-31 12:16:59 -04:00
Chris Hoffman
194491759d
Updating Okta lib for credential backend ( #3245 )
...
* migrating to chrismalek/oktasdk-go Okta library
* updating path docs
* updating bool reference from config
2017-08-30 22:37:21 -04:00
Jeff Mitchell
8acef196a8
Add 'discard' target to file audit backend ( #3262 )
...
Fixes #seth
2017-08-30 19:16:47 -04:00
Joel Thompson
caf90f58d8
auth/aws: Allow wildcard in bound_iam_principal_id ( #3213 )
2017-08-30 17:51:48 -04:00
stephan stachurski
e396d87bc5
add support to use application default credentials to gcs storage backend ( #3257 )
2017-08-30 15:42:02 -04:00
Seth Vargo
9f80099fae
Remove fake news about custom plugins
...
This also adds a redirect from the old page to the new one
2017-08-30 12:57:45 -04:00
Christopher Pauley
eccbb21ce8
stdout support for file backend via logger ( #3235 )
2017-08-29 14:51:16 -04:00
djboris9
21a15204bd
Fix API/AUTH/AppRole doc issue concerning bound_cidr_list ( #3205 )
...
This patch fixes a little documentation issue.
bind_cidr_list doesn't exist as parameter to AppRole creation. It should be "bound_cidr_list".
In "path-help" it is documented correctly.
2017-08-29 12:37:20 -04:00
Hamza Tümtürk
525c124d69
Add missing code ending to Sample Payload ( #3239 )
2017-08-25 12:34:12 -04:00