luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
3568 commits 1 branch 0 tags 214 MiB
Commit graph

732 commits

Author SHA1 Message Date
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Vishal Nayak 53fc941761 Merge pull request #1300 from hashicorp/aws-auth-backend 
AWS EC2 instances authentication backend
 2016-05-14 19:42:03 -04:00
vishalnayak 4122ed860b Rename 'role_name' to 'role' 2016-05-13 14:31:13 -04:00
Jeff Mitchell b850f876a7 Merge pull request #1407 from z00m1n/patch-1 
fix PostgreSQL sample code
 2016-05-12 17:07:48 -07:00
cmclaughlin cdf715b94a Document configuring listener to use a CA cert 2016-05-12 15:34:47 -07:00
Steven Samuel Cole e3bb3a4efb fix PostgreSQL sample code 
The current sample configuration line fails with `Error initializing backend of type postgresql: failed to check for native upsert: pq: unsupported sslmode "disabled"; only "require" (default), "verify-full", "verify-ca", and "disable" supported`.
 2016-05-12 23:22:41 +02:00
vishalnayak 7e8a2d55d0 Update docs and path names to the new patterns 2016-05-12 11:45:10 -04:00
Jeff Mitchell aecc3ad824 Add explicit maximum TTLs to token store roles. 2016-05-11 16:51:18 -04:00
vishalnayak ddcaf26396 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
Jeff Mitchell d899f9d411 Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00
Jeff Mitchell d77563994c Merge pull request #1346 from hashicorp/disable-all-caches 
Disable all caches
 2016-05-07 16:33:45 -04:00
Jeff Mitchell 3e71221839 Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
Chris Jansen ea21dec7b4 Add scala vault library to list of client libs 2016-05-04 18:04:28 +01:00
Jeff Mitchell 3600b2573d Update website docs re token store role period parsing 2016-05-04 02:17:20 -04:00
vishalnayak b7c48ba109 Change image/ to a more flexible /role endpoint 2016-05-03 23:36:59 -04:00
Jeff Mitchell 8572190b64 Plumb disabling caches through the policy store 2016-05-02 22:36:44 -04:00
vishalnayak 9f2a111e85 Allow custom endpoint URLs to be supplied to make EC2 API calls 2016-05-02 17:21:52 -04:00
Seth Vargo 45ac1bc151
Track enhanced links 2016-05-02 15:57:23 -04:00
Jeff Mitchell 4182d711c3 Merge branch 'master-oss' into aws-auth-backend 2016-04-29 14:23:16 +00:00
Jeff Mitchell 81da06de05 Fix fetching parameters in token store when it's optionally in the URL 2016-04-28 15:15:37 -04:00
vishalnayak 2a2dc0befb Added allow_instance_migration to the role tag 2016-04-28 11:43:48 -04:00
vishalnayak b7b1f80a83 Updated docs 2016-04-28 11:25:47 -04:00
vishalnayak 779d73ce2b Removed existence check on blacklist/roletags, docs fixes 2016-04-27 21:29:32 -04:00
vishalnayak de1a1be564 tidy endpoint fixes 2016-04-26 10:22:29 -04:00
vishalnayak 21854776af Added cooldown period for periodic tidying operation 2016-04-26 10:22:29 -04:00
vishalnayak 5a2e1340df Removed redundant AWS public certificate. Docs update. 2016-04-26 10:22:29 -04:00
vishalnayak 58c485f519 Support providing multiple certificates. 
Append all the certificates to the PKCS#7 parser during signature verification.
 2016-04-26 10:22:29 -04:00
Jeff Mitchell fd977bb478 Updating to docs 2016-04-26 10:22:29 -04:00
vishalnayak 9d4a7c5901 Docs update 2016-04-26 10:22:29 -04:00
Sean Chittenden 5a33edb57d Change to the pre-0.6.4 Consul Check API 
Consul is never going to pass in more than 1K of output.  This mitigates the pre-0.6.4 concern.
 2016-04-25 18:01:13 -07:00
Sean Chittenden 3228d25c65 Add a small bit of wording re: disable_registration 
Consul service registration for Vault requires Consul 0.6.4.
 2016-04-25 18:01:13 -07:00
Sean Chittenden dd3219ec56 Provide documentation and example output 2016-04-25 18:01:13 -07:00
Sean Chittenden 60006f550f Various refactoring to clean up code organization 
Brought to you by: Dept of 2nd thoughts before pushing enter on `git push`
 2016-04-25 18:01:13 -07:00
Sean Chittenden 0c23acb818 Comment nits 2016-04-25 18:00:54 -07:00
Jeff Mitchell c12dcba9bc Merge pull request #1266 from sepiroth887/azure_backend 
added Azure Blobstore backend support
 2016-04-25 15:53:09 -04:00
Jeff Mitchell 0f0a6ae368 Merge pull request #1282 from rileytg/patch-1 
change github example team to admins
 2016-04-25 15:45:01 -04:00
Seth Vargo da1735e396
Do not allow referrer to modify the parent 
http://mathiasbynens.github.io/rel-noopener/
 2016-04-22 23:41:09 -04:00
Sean Chittenden f6bec6e017 Wordsmith the docs around the list command. 
Prompted by: feedback from conference attendees at PGConf '16
 2016-04-20 18:13:58 -04:00
Jeff Mitchell 4e53f4b1a4 Use UseNumber() on json.Decoder to have numbers be json.Number objects 
instead of float64. This fixes some display bugs.
 2016-04-20 18:38:20 +00:00
Jeff Mitchell ee8dd1ab6a Add vault-php-sdk to libraries page 2016-04-20 13:59:39 +00:00
Jeff Mitchell d7ba52f86b Backtick "region" in S3 config 2016-04-15 17:03:35 -04:00
vishalnayak 5c336297ad Provide clarity for output statements of idempotent calls. 2016-04-14 15:46:45 +00:00
vishalnayak b7178846c1 Clarify token-revoke operation 2016-04-14 15:34:01 +00:00
Seth Vargo 54c414abb2
Clarify delete operation 
One thing that has been a point of confusion for users is Vault's
response when deleting a key that does not actually exist in the system.
For example, consider:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo'

This message is misleading if the secret does not exist, especially if
the same command is run twice in a row.

Obviously the reason for this is clear - returning an error if a secret
does not exist would reveal the existence of a secret (the same reason
everything on S3 is a 403 or why GitHub repos 404 instead of 403 if you
do not have permission to view them).

I think we can make the UX a little bit better by adding just a few
words to the output:

    $ vault delete secret/foo
    Success! Deleted 'secret/foo' if it existed

This makes it clear that the operation was only performed if the secret
existed, but it does not reveal any more information.
 2016-04-14 10:38:10 +01:00
Jeff Mitchell b90286996f Update cert website docs 2016-04-13 16:28:23 +00:00
Simon Dick 66f84077d3 Should be renew not revoke 2016-04-12 14:04:26 +01:00
Adam Kunicki 7fb48fd2c8 Add unofficial client library written in Kotlin 
I've been working on a Vault client written in Kotlin. Still a work in progress but will soon be on-par with the official Ruby client.
 2016-04-11 09:37:42 -07:00
Christopher "Chief" Najewicz 67e8328a76 Update github doc with note about slugifying team 2016-04-10 11:11:40 -04:00
Sean Chittenden 09ad6317ea Merge pull request #1297 from hashicorp/f-bsd-mlock 
F bsd mlock
 2016-04-06 13:57:34 -07:00
Jeff Mitchell 0f923d8da5 Merge pull request #1301 from gliptak/patch-3 
Update vault read output
 2016-04-06 11:26:55 -04:00