Vishal Nayak
4c74b646fe
Merge pull request #1947 from hashicorp/secret-id-lookup-delete
...
Introduce lookup and destroy endpoints for secret IDs and its accessors
2016-09-29 10:19:54 -04:00
Jeff Mitchell
b45a481365
Wrapping enhancements ( #1927 )
2016-09-28 21:01:28 -07:00
vishalnayak
34e76f8b41
Added website docs for lookup and destroy APIs
2016-09-28 22:11:48 -04:00
Michael S. Fischer
2dd1f584e6
Update documentation for required AWS API permissions
...
In order for Vault to map IAM instance profiles to roles, Vault
must query the 'iam:GetInstanceProfile' API, so update the documentation
and help to include the additional permissions needed.
2016-09-28 16:50:20 -07:00
Jeff Mitchell
f0203741ff
Change default TTL from 30 to 32 to accommodate monthly operations ( #1942 )
2016-09-28 18:32:49 -04:00
vishalnayak
a9976dca1c
Remove a mistyped character
2016-09-28 18:30:49 -04:00
Vishal Nayak
69c57f843d
Merge pull request #1943 from hashicorp/iam-bounds-prefix
...
Check for prefix match instead of exact match for IAM bound parameters
2016-09-28 18:11:53 -04:00
vishalnayak
e01f99f042
Check for prefix match instead of exact match for IAM bound parameters
2016-09-28 18:08:28 -04:00
Vishal Nayak
ba5da65163
Merge pull request #1940 from chrishoffman/consul-doc
...
Small consul doc fix
2016-09-28 15:48:45 -04:00
Vishal Nayak
4a30a6b4f8
Merge pull request #1913 from hashicorp/bound-iam-instance-profile-arn
...
Proper naming for bound_iam_instance_profile_arn
2016-09-28 15:34:56 -04:00
Chris Hoffman
8c755bfe92
Small consul doc fix
2016-09-28 15:11:39 -04:00
Laura Bennett
010293ccc3
Merge pull request #1931 from hashicorp/cass-consistency
...
Adding consistency into cassandra
2016-09-27 21:12:02 -04:00
Chris Hoffman
d235acf809
Adding support for chained intermediate CAs in pki backend ( #1694 )
2016-09-27 17:50:17 -07:00
Laura Bennett
883b5db420
typo correction
2016-09-27 16:38:27 -04:00
Laura Bennett
648a71fa11
updates to the documents
2016-09-27 16:36:20 -04:00
Vishal Nayak
b1ee56a15b
Merge pull request #1910 from hashicorp/secret-id-cidr-list
...
CIDR restrictions on Secret ID
2016-09-26 10:22:48 -04:00
Jeff Mitchell
f8e3cf4591
Add information about accessors to the token concepts page.
...
Fixes #1918
2016-09-26 10:18:38 -04:00
vishalnayak
d080107a87
Update docs to contain bound_iam_role_arn
2016-09-26 09:37:38 -04:00
vishalnayak
2d4bfeff49
Update website for bound_iam_instance_profile_arn
2016-09-23 11:23:59 -04:00
vishalnayak
aaadd4ad97
Store the CIDR list in the secret ID storage entry.
...
Use the stored information to validate the source address and credential issue time.
Correct the logic used to verify BoundCIDRList on the role.
Reverify the subset requirements between secret ID and role during credential issue time.
2016-09-21 20:19:26 -04:00
Jeff Mitchell
226ef5d78c
Make HA in etcd off by default. ( #1909 )
...
Fixes #1908
(Doesn't really "fix" it but someone from the community needs to step up
if they want to see this fixed.)
2016-09-21 14:01:36 -04:00
Jeff Mitchell
0ff76e16d2
Transit and audit enhancements
2016-09-21 10:49:26 -04:00
Jeff Mitchell
982f151722
Update docs to reflect that there is more than one constraint for EC2 now
2016-09-20 16:11:32 -04:00
Chris Hoffman
5c241d31e7
Renaming ttl_max -> max_ttl in mssql backend ( #1905 )
2016-09-20 12:39:02 -04:00
Carlo Cabanilla
f6239cf0c0
fix shell quoting ( #1904 )
...
$() doesnt get evaluated in single quotes, so you need to break out of it first
2016-09-19 17:11:16 -04:00
Jeff Mitchell
7f3041d6a5
Fix formatting
2016-09-19 13:00:50 -04:00
Jeff Mitchell
85c51fd861
Update website docs to indicate sudo being required for auth/audit
...
endpoints.
2016-09-19 12:10:08 -04:00
Jeff Mitchell
f7b3937c77
Fix website display of tune paths
2016-09-16 12:03:50 -04:00
Vishal Nayak
61664bc653
Merge pull request #1886 from hashicorp/approle-upgrade-notes
...
upgrade notes entry for approle constraint and warning on role read
2016-09-15 12:14:01 -04:00
Vishal Nayak
4f33e8d713
Merge pull request #1892 from hashicorp/role-tag-defaults
...
Specify that role tags are not tied to an instance by default
2016-09-15 12:04:41 -04:00
vishalnayak
9bca127631
Updated docs with nonce usage
2016-09-14 19:31:09 -04:00
vishalnayak
2639ca4d4f
Address review feedback
2016-09-14 16:06:38 -04:00
vishalnayak
dcddaa8094
Address review feedback
2016-09-14 15:13:54 -04:00
vishalnayak
d5cc763b8d
Clarify that tags can be used on all instances that satisfies constraints
2016-09-14 14:55:09 -04:00
vishalnayak
03fc7b517f
Specify that role tags are not tied to an instance by default
2016-09-14 14:49:18 -04:00
vishalnayak
53c919b1d0
Generate the nonce by default
2016-09-14 14:28:02 -04:00
Jeff Mitchell
722e26f27a
Add support for PGP encrypting the initial root token. ( #1883 )
2016-09-13 18:42:24 -04:00
vishalnayak
99a2655d8e
upgrade notes entry for approle constraint and warning on role read
2016-09-13 17:44:07 -04:00
vishalnayak
bef9c2ee61
Ensure at least one constraint on the role
2016-09-13 16:03:15 -04:00
Jeff Mitchell
888e833aae
Remove old text from upgrade notes, as changes were made
2016-09-13 11:51:46 -04:00
sashman
c01bf6cb1b
Update libraries.html.md ( #1879 )
2016-09-13 09:23:46 -04:00
AJ Bourg
b524e43f15
Small change: Fix permission vault requires.
...
Vault requires ec2:DescribeInstances, not ec2:DescribeInstance. (the
non-plural form doesn't exist)
2016-09-12 14:38:10 -06:00
Raja Nadar
d8b1ab05dd
doc: change invalid otp response code to 400 ( #1863 )
...
invalid otp response code is 400 bad request.
2016-09-08 11:13:13 -04:00
Raja Nadar
b06167c748
doc: fixing field name to security_token ( #1850 )
...
response field is security_token, not secret_token.
2016-09-03 22:40:57 -04:00
vishalnayak
5bd665a842
Update atlas listener factory to use version with pre-release info.
2016-09-01 17:21:11 -04:00
vishalnayak
9c78c58948
Remove the string 'Vault' from version information
2016-09-01 14:54:04 -04:00
Raja Nadar
7bd0edee4b
doc: add keys_base64 to response json ( #1824 )
...
add the missing fields in json response for initializing vault.
keys_base64
2016-09-01 09:40:40 -04:00
Raja Nadar
f6cfc1c7ad
doc: add missing version and cluster fields ( #1826 )
...
adding the missing "version" field in json response.
also adding a new response when the unseal completes, and 2 more fields are returned. (cluster..)
2016-09-01 09:39:26 -04:00
Raja Nadar
97e5a02692
doc: add missing token field to generate-root apis ( #1828 )
...
the response is missing the encoded token field for a couple of apis.
2016-09-01 09:39:00 -04:00
Andrew Backhouse
2f35789e71
Update index.html.md ( #1819 )
...
Corrected a minor spelling error.
2016-08-31 10:02:43 -04:00