Stanislav Grozev
4bc3abd152
Remove superfluous argument from SSH CA docs
2017-03-14 10:21:48 -04:00
Stanislav Grozev
7d59d7d3ac
Reads on ssh/config/ca return the public keys
...
If configured/generated.
2017-03-14 10:21:48 -04:00
Stanislav Grozev
830de2dbbd
If generating an SSH CA signing key - return the public part
...
So that the user can actually use the SSH CA, by adding the public key
to their respective sshd_config/authorized_keys, etc.
2017-03-14 10:21:48 -04:00
Jeff Mitchell
ab56fdbebf
Clarify cluster_addr and cluster_address
2017-03-14 10:17:58 -04:00
Jeff Mitchell
4fa4034d50
Minor doc updates
2017-03-14 10:11:47 -04:00
Vishal Nayak
285bdf0a6f
docs: clarify 'storage' and 'ha_storage' requirements ( #2471 )
2017-03-11 09:43:14 -05:00
Vishal Nayak
220beb2cde
doc: ssh allowed_users update ( #2462 )
...
* doc: ssh allowed_users update
* added some more context in default_user field
2017-03-09 10:34:55 -05:00
vishalnayak
431070f828
doc: ssh markdown alignments
2017-03-08 21:58:12 -05:00
Seth Vargo
f18318f6dd
Move upgrade into guides ( #2460 )
...
* Move upgrades to guides
* Make root token copy-pastable
2017-03-08 17:33:58 -05:00
Jeff Mitchell
4d133b8423
Minor doc updates
2017-03-08 10:25:57 -05:00
Jeff Mitchell
5d760d4090
Add option to require valid client certificates ( #2457 )
2017-03-08 10:21:31 -05:00
Jeff Mitchell
f03d500808
Add option to disable caching per-backend. ( #2455 )
2017-03-08 09:20:09 -05:00
Jeff Mitchell
b11f92ba5a
Rename physical backend to storage and alias old value ( #2456 )
2017-03-08 09:17:00 -05:00
Seth Vargo
624c6eab20
Separate backend configurations into their own pages ( #2454 )
...
* Clean vertical lines
* Make sidebar slightly larger on bigger displays
* Separate backend configurations into their own pages
2017-03-07 21:47:23 -05:00
Seth Vargo
1f7bdbf966
Fix http layout
2017-03-06 16:11:05 -05:00
Seth Vargo
93357d7519
Move install guides into docs layout
2017-03-06 16:11:05 -05:00
Seth Vargo
751a2bff1d
Update upgrade guides
2017-03-06 16:11:05 -05:00
Michael
412aad7c6e
Updated doc to match real output ( #2443 )
...
Regards hashicorp/vault#2116
2017-03-06 10:39:34 -05:00
Vishal Nayak
491a56fe9f
AppRole: Support restricted use tokens ( #2435 )
...
* approle: added token_num_uses to the role
* approle: added RUD tests for token_num_uses on role
* approle: doc: added token_num_uses
2017-03-03 09:31:20 -05:00
Jeff Mitchell
76bec343f4
Some minor ssh docs updating
2017-03-02 16:47:21 -05:00
Will May
70bfdb5ae9
Changes from code review
2017-03-02 14:36:13 -05:00
Will May
36b3d89604
Allow internal generation of the signing SSH key pair
2017-03-02 14:36:13 -05:00
Vishal Nayak
3795d2ea64
Rework ssh ca ( #2419 )
...
* docs: input format for default_critical_options and default_extensions
* s/sshca/ssh
* Added default_critical_options and default_extensions to the read endpoint of role
* Change default time return value to 0
2017-03-01 15:50:23 -05:00
Will May
ff1ff02bd7
Changes from code review
...
Major changes are:
* Change `allow_{user,host}_certificates` to default to false
* Add separate `allowed_domains` role property
2017-03-01 15:19:18 -05:00
Will May
099d561b20
Add ability to create SSH certificates
2017-03-01 15:19:18 -05:00
Jeff Mitchell
7012d63a28
Update policies doc with allowed/denied params and min/max wrapping ttl info
2017-02-27 15:17:19 -05:00
Marshall Brekka
184b47e20c
Add a TTL to the dynamodb lock implementation. ( #2141 )
2017-02-27 14:30:34 -05:00
vishalnayak
1518d626e3
docs: update sys heal status codes
2017-02-26 15:20:23 -05:00
Gregory Reshetniak
e13fc759d8
Update sys-health.html.md
...
typo
2017-02-26 15:20:23 -05:00
Vishal Nayak
b762c43fe2
Aws Ec2 additional binds for SubnetID, VpcID and Region ( #2407 )
...
* awsec2: Added bound_region
* awsec2: Added bound_subnet_id and bound_vpc_id
* Add bound_subnet_id and bound_vpc_id to docs
* Remove fmt.Printf
* Added crud test for aws ec2 role
* Address review feedback
2017-02-24 14:19:10 -05:00
Vishal Nayak
c6f138bb9a
PKI: Role switch to control lease generation ( #2403 )
...
* pki: Make generation of leases optional
* pki: add tests for upgrading generate_lease
* pki: add tests for leased and non-leased certs
* docs++ pki generate_lease
* Generate lease is applicable for both issuing and signing
* pki: fix tests
* Address review feedback
* Address review feedback
2017-02-24 12:12:40 -05:00
vishalnayak
3ddffbe574
awsec2: markdown text alignment
2017-02-23 14:52:38 -05:00
Brian Kassouf
f992103615
Merge branch 'master' into acl-parameters-permission
2017-02-21 14:46:06 -08:00
Jeff Mitchell
0c39b613c8
Port some replication bits to OSS ( #2386 )
2017-02-16 15:15:02 -05:00
Jeff Mitchell
817bec0955
Add Organization support to PKI backend. ( #2380 )
...
Fixes #2369
2017-02-16 01:04:29 -05:00
Jeff Mitchell
51f7114648
Merge branch 'master-oss' into acl-parameters-permission
2017-02-15 20:37:58 -05:00
Phil Watts
e2de7ec7fe
Edit to the language of the description of disable_mlock on the configuration documentation page. Previous wording could lead to confusion as to the recommended setting of the disable_mlock option. ( #2377 )
2017-02-15 11:09:27 -05:00
Vishal Nayak
b86e9bc09f
aws-ec2 auth: fix docs ( #2375 )
2017-02-15 06:29:27 -05:00
Tommy Murphy
ca06bc0b53
audit: support a configurable prefix string to write before each message ( #2359 )
...
A static token at the beginning of a log line can help systems parse
logs better. For example, rsyslog and syslog-ng will recognize the
'@cee: ' prefix and will parse the rest of the line as a valid json message.
This is useful in environments where there is a mix of structured and
unstructured logs.
2017-02-10 16:56:28 -08:00
P.Nikolajevs (pl)
2a79627a2e
Update libraries.html.md ( #2360 )
2017-02-10 09:39:18 -08:00
Tommy Murphy
65b274299f
docs: transit parameter is actually deletion_allowed ( #2356 )
2017-02-09 15:10:28 -05:00
Jeff Mitchell
72db329d67
Add support for backup/multiple LDAP URLs. ( #2350 )
2017-02-08 14:59:24 -08:00
Jeff Mitchell
2fd59ad308
Merge branch 'master-oss' into acl-parameters-permission
2017-02-08 01:59:52 -05:00
Jeff Mitchell
f9c67273f3
Add audited headers to sidebar
2017-02-07 17:02:14 -05:00
Matteo Sessa
29d9d5676e
RADIUS Authentication Backend ( #2268 )
2017-02-07 16:04:27 -05:00
Jeff Mitchell
f3de9f57ce
Add etcd API info
2017-02-07 11:33:02 -08:00
Brian Kassouf
2923934813
Merge pull request #2326 from hashicorp/pr-2161
...
Add Socket Audit Backend
2017-02-07 11:27:25 -08:00
Brian Kassouf
128de55742
Added a warning about the dropped socket connection edge case
2017-02-07 11:06:36 -08:00
Brian Vans
29b3cc6b00
Fixing a few typos in the docs ( #2344 )
2017-02-07 11:55:29 -05:00
Brian Kassouf
a566097657
Add info about UNIX sockets
2017-02-06 15:56:58 -08:00