Commit graph

8614 commits

Author SHA1 Message Date
Clint 48e5c71b33 Update apis.html.md (#5071)
We disable TLS for example purposes, not exemplary purposes 😄
2018-08-15 19:41:29 -04:00
Christoph Ludwig 24a368c1ba Add support for "sovereign" Azure cloud environments (#4997)
* Add support for "sovereign" Azure cloud environments

* Shorten variable names
2018-08-15 19:40:36 -04:00
Jim Kalafut f8a0daafa0
Add check of truncated length (#5109) 2018-08-15 13:16:17 -07:00
Brian Kassouf f5aa7d3721
changelog++ 2018-08-15 11:47:00 -07:00
Jeff Mitchell 71d92ef093 ACL Templating (#4994)
* Initial work on templating

* Add check for unbalanced closing in front

* Add missing templated assignment

* Add first cut of end-to-end test on templating.

* Make template errors be 403s and finish up testing

* Review feedback
2018-08-15 11:42:56 -07:00
RichardWLaub 8d7a983bba Update usage section for kv-v1 docs (#5105)
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:

```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```

Running `vault kv list kv/` gives the desired output. 

Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
Seth Vargo 324c8fab24 Fix docs typo (service-account => service_account) (#5102)
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
Jeff Mitchell 9b4e04917e Fix http tests 2018-08-14 17:09:55 -04:00
Jeff Mitchell f1d72abb39 Remove injection into top routes (#5101) 2018-08-14 15:29:22 -04:00
Jeff Mitchell c3e063f2a6 Fix read test 2018-08-14 14:20:49 -04:00
Jim Kalafut 09e9a7a203 Make base62.Random truncation optional (#5100) 2018-08-14 12:38:25 -04:00
Jim Kalafut 5f86155e6a
Consolidate base62 functions (#5099) 2018-08-14 08:44:30 -07:00
Seth Vargo 6dcecbdfda Fix Google Cloud races (#5081)
* storage/gcs: fix race condition in releasing lock

Previously we were deleting a lock without first checking if the lock we were deleting was our own. There existed a small period of time where vault-0 would lose leadership and vault-1 would get leadership. vault-0 would delete the lock key while vault-1 would write it. If vault-0 won, there'd be another leader election, etc.

This fixes the race by using a CAS operation instead.

* storage/gcs: properly break out of loop during stop

* storage/spanner: properly break out of loop during stop
2018-08-14 09:53:36 -04:00
Gerald 9192bd6b07 Add ttl params into csr signing docs (#5094) 2018-08-13 23:38:03 -04:00
Jeff Mitchell d4fe6a8571 changelog++ 2018-08-13 22:01:05 -04:00
Jeff Mitchell 74175b29af
Add support for passing args via vault read (#5093)
We support this in the API as of 0.10.2 so read should support it too.

Trivially tested with some log info:

`core: data: data="map[string]interface {}{"zip":[]string{"zap", "zap2"}}"`
2018-08-13 22:00:26 -04:00
Jeff Mitchell cbc1eded46 changelog++ 2018-08-13 21:19:28 -04:00
Stephen J. Butler 672668dea5 Add tokenGroups and tokenGroupsGlobalAndUniversal (#4936) 2018-08-13 14:57:10 -07:00
Yoko 1395d6ea1a
[Guide] Control Groups (#5072)
* Control Group guide

* Fixed user policy list

* Fixed a typo

* Replaced the wrong screenshot

* Added missing period
2018-08-13 14:51:32 -07:00
Frank Allenby ddc77d62f0 Added a link to the "previous section" mentioned (#5018)
This is for clarity since I had to check back to remember where it was mentioned.
2018-08-13 17:13:42 -04:00
Jim Kalafut 3822e2997b
Clarify "Commands" docs (#5092)
Fixes #4890
2018-08-13 14:09:48 -07:00
Nándor István Krácser b9fab6375b Alibaba Object Storage support (#4783) 2018-08-13 17:03:24 -04:00
Michael Schuett 63e7ac034f MySQL HA Backend Support (#4686) 2018-08-13 17:02:31 -04:00
Becca Petrin 4e7237178f
Add a header type field (#4993) 2018-08-13 11:02:44 -07:00
Jim Kalafut 92f0e1a39e Revert "Add ttl parameter to pki api docs (#5063)"
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
2018-08-13 09:34:05 -07:00
Vishal Nayak 303b2f97ff
don't ignore errors (#5087) 2018-08-10 22:32:10 -04:00
Vishal Nayak 68d27c7c38
Adjust ACL error checking (#5086)
* Adjust acl error checking

* address review feedback

* unlock before checks
2018-08-10 21:05:10 -04:00
Jim Kalafut 5a35b718df
changelog++ 2018-08-10 16:42:51 -07:00
bohr 79b571d90d add backtick to fix mysql database name contain special characters (#5054)
when use mysql storage, set` database = "dev-dassets-bc"` , create database and create table will throw exceptions as follows:

    Error initializing storage of type mysql: failed to create mysql database: Error 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '-dassets-bc' at line 1
    Error initializing storage of type mysql: failed to create mysql table: Error 1046: No database selected

cause of `-` is  a MySQL  built-in symbol. so add backtick for create database sql\create table sql \dml sqls.
2018-08-10 16:38:20 -07:00
Yoko 140e3d5402
[Guide] Vault Cluster Monitoring Guide (#5084)
* Vault cluster monitoring guide

* Updated the download link

* Fixed broken link
2018-08-10 13:52:02 -07:00
Jeff Mitchell 24cb96a9c6 Port over ns identity proto info 2018-08-10 12:45:34 -04:00
Jeff Mitchell 9d1a427949 Port over some ns stuff 2018-08-10 12:17:17 -04:00
Jeff Mitchell fb3c7eb449 Port some ns stuff over 2018-08-10 12:13:11 -04:00
Jim Kalafut 343d779434
changelog++ 2018-08-10 09:12:32 -07:00
Jim Kalafut 2da7d30097
Fix DB role statement update (#5058)
The backwards compatibility logic was preventing updates to role
statements from taking effect. This change removes persistence of
deprecated statement fields.
2018-08-10 09:00:52 -07:00
Jim Kalafut aa8dac9bd2
Add RDS notes to MSSQL docs (#5062) 2018-08-10 08:52:21 -07:00
Jeff Mitchell 4798af88f9
Fix some cases where unauthorized calls could return 400 (#5083) 2018-08-10 08:59:58 -05:00
Jeff Mitchell 3403c7ad9c Add headers accessor and ns function 2018-08-09 18:29:03 -04:00
Jeff Mitchell 67b160eb42 Add json tag to names response for sys_plugins 2018-08-09 18:02:03 -04:00
Jeff Mitchell 14dccd7744 Remove unused variable 2018-08-09 16:47:58 -04:00
Jeff Mitchell 99e1d0f444 changelog++ 2018-08-09 16:38:22 -04:00
Jeff Mitchell 2ed2e696a7
Merge Identity Entities if two claim the same alias (#5075)
* Merge Identity Entities if two claim the same alias

Past bugs/race conditions meant two entities could be created each
claiming the same alias. There are planned longer term fixes for this
(outside of the race condition being fixed in 0.10.4) that involve
changing the data model, but this is an immediate workaround that has
the same net effect: if two entities claim the same alias, assume they
were created due to this race condition and merge them.

In this situation, also automatically merge policies so we don't lose
e.g. RGPs.
2018-08-09 15:37:36 -05:00
Jim Kalafut 70d516b34d
Update ParseStringSlice and address lint/vet warnings (#5069) 2018-08-09 11:13:37 -07:00
Jeff Mitchell fc37078cac changelog++ 2018-08-09 14:08:16 -04:00
Martin aa8662c6c0 Add mount_path and mount_type to group lookups (#5074) 2018-08-09 13:07:24 -05:00
Jeff Mitchell 65d2cc768c Website typo fix 2018-08-08 15:53:40 -04:00
Jeff Mitchell 7d90e6eae9 Fix typo 2018-08-08 14:38:11 -04:00
Jim Kalafut 7b7f1cc7ff
Add ttl parameter to pki api docs (#5063) 2018-08-08 09:12:14 -07:00
Conor Mongey 5454c15a7e Fix typo: Consult Template -> Consul Template (#5066) 2018-08-08 09:01:45 -07:00
Brian Kassouf 3330a3954a
Rollback: Only grab statelock if we are running async (#5064) 2018-08-07 17:48:43 -07:00