Commit graph

3512 commits

Author SHA1 Message Date
Jason O'Donnell 921979a40f
docs: update vault-k8s to 0.9.0 (#11138)
* docs: update vault-k8s to 0.9.0

* Fix typos

* Update website/content/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/injector/annotations.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add links for auto-auth

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-03-19 11:34:58 -04:00
Scott Miller 689dd3722f
Document mysql (#11112)
* Document MySQL

* Document snapshot, restore, and export-decoded (#11110)

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Add parseTime note

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-03-19 10:34:41 -05:00
Josh Black 5fcc629847
Add log shipper configuration docs (#11014)
* Add log shipper configuration docs

* Fix indentation issue

* Add telemetry

* Updates to logshipper docs

* Add CCC related replication config docs. (#11087)

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Correct formatting

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-03-18 16:41:13 -07:00
Scott Miller 535bcf289e
Fix handling of minimum operations, and forward rotate/config requests to Primary (#11116)
* Boost max_operations to the greater of that specified or absoluteMinOperations

* Forward rotation config requests to the primary

* Reject rotation configs outside the min/max range

* Minor wording fix
2021-03-18 15:08:47 -05:00
Clint 5353279e75
Add command to look up a lease by ID (#11129)
* snapshot

* basic test

* update command and add documentation

* update help text

* typo

* add changelog for lease lookup command

* run go mod vendor

* remove tabs from help output
2021-03-18 11:11:09 -05:00
aphorise eb36b68710
Corrected links for Consul Consistency Modes (#10862) 2021-03-17 16:05:30 -07:00
aphorise 5b6e2bb77a
Docs - Plugin register operator & example add (#10864) 2021-03-17 16:04:51 -07:00
Hridoy Roy 261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] (#10921)
* first docs pass

* filled in read output

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes
2021-03-17 14:29:13 -07:00
Brad 266582628a
Add missing option to raft storage docs (#11041) 2021-03-17 17:25:28 -04:00
Andy Assareh 4ce8896b29
Add note that static role is rotated upon creation (#11126)
It does not appear to be documented that Vault must rotate the password upon static role creation in order to know the password, as it is not provided.
2021-03-17 11:27:04 -05:00
Austin Gebauer f5e7c2d9a8
Updates docs for jwt_supported_algs in JWT/OIDC auth method (#11115) 2021-03-16 14:17:53 -07:00
Hridoy Roy e9e83ff864
Add FF3-1 Tweak Guidance Docs [VAULT-1036] (#10978)
* ff3 guidance docs

* docs upgrade

* address PR comments
2021-03-16 07:57:50 -07:00
Alvaro Miranda Aguilera 3fb284c217
Update oracle.mdx (#11101) 2021-03-15 14:13:40 -06:00
Scott Miller da982c3982
Upgrade notes for the transform engine upgrade bug fix. (#11098)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav

* Reword to encourage upgrade when available
2021-03-12 19:59:50 -06:00
Mark Gritter 8bbf92ef70
Fix typo in limits.mdx (#11103) 2021-03-12 15:46:41 -06:00
Mike Wickett 933aa782bc
Update alert banner (#11083)
* Update alert banner

* Update website/data/alert-banner.js

Co-authored-by: Zachary Shilton <4624598+zchsh@users.noreply.github.com>

Co-authored-by: Zachary Shilton <4624598+zchsh@users.noreply.github.com>
2021-03-11 15:46:34 -05:00
Scott Miller c4e8d51c9d
Add upgrade notes for the Transform storage upgrade bug (#11075)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav
2021-03-11 11:23:19 -06:00
Meggie 39ff8b071f
Make 1.7.0-rc1 the latest version (#11082) 2021-03-10 20:03:55 -05:00
Jacob Friedman 5305c439d4
Update init.mdx (#11044)
* Update init.mdx

Updated operator init documentation to try to avoid steering customers towards running Auto Unseal seals with recovery-shares=1 and recovery-threshold=1. This is a bad security posture, as it can allow a single user with access to that recovery share to create root tokens and do other very sensitive tasks.

Also rewrote parts of the HSM/KMS Options section to indicate that recovery-related options are not solely for HSM-mode Vault but are for ANY Auto Unseal seal.

* Update website/content/docs/commands/operator/init.mdx

Adding an appropriate number of recovery-pgp-keys

Co-authored-by: Yoko <yoko@hashicorp.com>

Co-authored-by: Yoko <yoko@hashicorp.com>
2021-03-04 15:57:47 -08:00
Michele Degges 9741f51bee
Removing broken link (#11029) 2021-03-02 12:02:59 -08:00
swayne275 d74f82346b
Add Partial Month Client Count API for Activity Log (#11022)
* sketch out partial month activity log client API

* unit test partialMonthClientCount

* cleanup api

* add api doc, fix test, update api nomenclature to match existing

* cleanup

* add PR changelog file

* integration test for API

* report entities and tokens separately
2021-03-01 16:15:59 -07:00
Brian Kassouf 1bc410783d OSS/ENT Drift 2021-03-01 10:51:04 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027)
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Brian Kassouf a112161f60
expiration: Add a few metrics to measure revoke queue lengths (#10955)
* expiration: Add a few metrics to measure revoke queue lengths

* Update the metric names

* Add appropriate cluster labels

* Add metrics to docs

* Update jobmanager.go
2021-02-26 16:00:39 -08:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Meggie de8c06eb31
Update latest to 1.6.3 (#11010) 2021-02-26 17:08:27 -05:00
Tom Proctor 45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation (#10967) 2021-02-26 20:38:27 +00:00
Lauren Voswinkel 075898cf73
Add IAM tagging support for iam_user roles in AWS secret engine (#10953)
* Added support for iam_tags for AWS secret roles

This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
2021-02-25 16:03:24 -08:00
Jim Kalafut e60cc11f33
Add configurable exponential backoff to Agent auto-auth (#10964) 2021-02-23 12:04:21 -08:00
Clint b0b121753a
update docs related to OCI alias changes (#10952)
* update docs related to OCI alias changes

* covert CHANGELOG update to a changelog/ entry
2021-02-23 10:08:15 -06:00
Jim Kalafut 4b1557e6ab
Minor update to Secrets engine overview docs (#10977)
The reference to API calls and link to code isn't a good fit here.

Reverts eb3e34d
2021-02-23 07:17:44 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823)
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Austin Gebauer 0017b78919
Adds API docs for max_age role parameter of JWT/OIDC auth method (#10916) 2021-02-19 13:39:58 -08:00
Nick Cabatoff 81105274d1
Add docs for Agent's template_retry option added in #10644, based on those from consul-template configuration. Also fix some existing config docs that weren't adhering to our conventions. (#10911) 2021-02-18 11:24:36 -08:00
Brian Fox 7f6ec265a1
Update KV Secrets Engine index (#10933)
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.
2021-02-17 14:27:37 -08:00
Nick Cabatoff 1b789f5ae5
Note that all local mounts are impacted, including on primary. (#10807) 2021-02-16 10:37:37 -05:00
Rosemary Wang a48db957ca
docs: Update Azure AD OIDC documentation (#10853)
Addresses #8191 with clearer external groups configuration.
2021-02-12 17:28:00 -08:00
Mark Gritter a8d2e6e350
Added a table showing the entity alias name used by each auth method. (#10908)
* Also corrected the text about token auth method.
2021-02-11 18:34:45 -06:00
Zachary Shilton e45d81ff47
Use revised BeforeAfterDiagram, VerticalTextBlockList (#10907)
* Switch BeforeAfterDiagram implementation, pulled from www-next

* Bump vertical-text-block-list, update md to HTML

* Bump to latest case-study-slider
2021-02-11 16:29:38 -05:00
aphorise 17003328ab
Docs - Namespace monitoring corrected examples (#10863)
Re-doing PR #10305
2021-02-11 11:32:52 -06:00
Tom Proctor 5f9891f992
auth/kubernetes docs: Correct default issuer (#10900)
As per 207d1b4c1c/path_login.go (L24), the default issuer when none is set is `kubernetes/serviceaccount`.
2021-02-11 15:26:34 +00:00
Vishal Nayak 53cb1deb38
Revert "Read-replica instead of non-voter (#10875)" (#10890)
This reverts commit fc745670cf34821f5834357d9caebc3351dbc1e7.
2021-02-10 16:41:58 -05:00
Vishal Nayak a2394e7353
Read-replica instead of non-voter (#10875) 2021-02-10 09:58:18 -05:00
Jim 7cb100e9a7
Update kubernetes.mdx (#10871)
Add suggestion to validate K8S cluster address and TCP port using cluster-info command and update sample config (line 77) to prompt for validation. Feedback from prospect was that doc is misleading since our sample uses TCP 8443.
2021-02-09 14:50:31 -05:00
jonZlotnik 541079dec3
both serviceaccount and namespace can be splat (#10829)
Needs to be changed in the docs.
Please see commit 70bc47384bedfc895d08d1df17a45b0c4ea8b6de
2021-02-09 11:14:13 -08:00
Scott Miller ad1621dd5f
Add documentation about the horizontal cluster scalability of PKI secret engine operations (#10745)
* Add documentation about the horizontal cluster scalability of PKI secret engine operations

* Mention generate_lease

* cluster terminology

* Discuss generate_lease

* active again

* One more go
2021-02-09 11:00:24 -06:00
Bryce Kalow 1e7b38fc75
website: upgrade nextjs-scripts & next (#10831) 2021-02-09 10:54:58 -05:00
Michael Golowka aaa51e975f
Add docs for OpenLDAP dynamic secrets (#10817) 2021-02-05 10:49:29 -07:00
Calvin Leung Huang b1c4b86d7f
approle: add ttl to the secret ID generation response (#10826)
* approle: add ttl to the secret ID generation response

* approle: move TTL derivation into helper func

* changelog: add changelog entry

* docs: update approle docs and api-docs pages
2021-02-03 16:32:16 -08:00