Joel Thompson
5e6f8904d8
Add AWS Secret Engine Root Credential Rotation ( #5140 )
...
* Add AWS Secret Engine Root Credential Rotation
This allows the AWS Secret Engine to rotate its credentials used to
access AWS. This will only work when the AWS Secret Engine has been
provided explicit IAM credentials via the config/root endpoint, and
further, when the IAM credentials provided are the only access key on
the IAM user associated wtih the access key (because AWS allows a
maximum of 2 access keys per user).
Fixes #4385
* Add test for AWS root credential rotation
Also fix a typo in the root credential rotation code
* Add docs for AWS root rotation
* Add locks around reading and writing config/root
And wire the backend up in a bunch of places so the config can get the
lock
* Respond to PR feedback
* Fix casing in error messages
* Fix merge errors
* Fix locking bugs
2018-09-26 07:10:00 -07:00
Clint
fec3b70374
Allow force restore for Transit Key Restores ( #5382 )
...
* Add test file for testing path_restore in Transit backend. Fails because 'force' is not implemented yet
* initial implementation of 'force', to force restore of existing transit key atomically
2018-09-25 15:20:59 -05:00
Vishal Nayak
68a496dde4
Support operating on entities and groups by their names ( #5355 )
...
* Support operating on entities and groups by their names
* address review feedback
2018-09-25 12:28:28 -07:00
emily
b37b8b7edf
Docs PR for GCP secrets backend access token changes ( #5366 )
...
* initial docs pass
* fix docs
2018-09-21 10:31:49 -07:00
Brian Shumate
b43c52d89b
Add Enterprise Replication metrics ( #3981 )
2018-09-21 12:01:44 -04:00
Brian Shumate
25d6d03222
Docs: update policy read API output to address #5298 ( #5299 )
2018-09-21 10:52:46 -04:00
Brian Shumate
7d692ee614
Update screenshot ( #5378 )
...
- Use a Vault dashboard example (previous example was for Consul)
- Rename image file
2018-09-21 09:53:49 -04:00
Roman Iuvshyn
0832153f7d
fixes file path option in samples ( #5377 )
...
fixes file path option in samples
2018-09-20 15:55:20 -07:00
Yoko
3600f3dfa5
[Guide] Tokens & Leases guide **Correction** ( #5375 )
...
* Added Azure Key Vault
* Corrected the info about orphan token creation
2018-09-20 13:58:29 -07:00
Calvin Leung Huang
189b893b35
Add ability to provide env vars to plugins ( #5359 )
...
* Add ability to provide env vars to plugins
* Update docs
* Update docs with examples
* Refactor TestAddTestPlugin, remove TestAddTestPluginTempDir
2018-09-20 10:50:29 -07:00
Brian Shumate
74ec835b3b
Docs: update Tidy API ( #5374 )
...
- Add a sample response to /auth/token/tidy API docs
- Document /auth/approle/tidy/secret-id API docs
2018-09-20 13:25:33 -04:00
Laura Gjerman-Uva
6fcf6ea6fe
Add -dr-token flag to commands to generate OTP and decode with OTP (required on DR secondary as of 0.11) ( #5368 )
2018-09-20 09:19:01 -07:00
Richard Lane
43837ecdf1
Documentation correction - update list identity whitelist sample request ( #5369 )
...
Path was incorrectly referencing the roletag-blacklist
Updated the sample to match the correct path
2018-09-19 21:21:57 -07:00
Becca Petrin
d05484b586
AliCloud Secrets Docs ( #5351 )
2018-09-19 08:42:59 -07:00
Jeff Mitchell
43aebacfa8
Fix default_max_request_duration HCL name and update docs ( #5321 )
...
* Fix default_max_request_duration HCL name and update docs
* Update tcp.html.md
2018-09-18 14:30:21 -07:00
Yoko
512b64ad77
[Guide] Secure Introduction - Update ( #5323 )
...
* Adding Vault Agent to the Secure Intro guide
* Incorporated the feedback
* Deleted extra spaces
* methods -> approaches
2018-09-14 13:51:23 -07:00
Yoko
2cc8610abb
[Guide] Namespaces policy ( #5296 )
...
* Added policy info
* Fixed the API URL
* Added webinar recording as a reference material
2018-09-14 11:23:46 -07:00
Evan Grim
7f5c193ace
Fix small grammatical error in plugin docs ( #5334 )
2018-09-13 14:23:24 -07:00
Yoko
04a0dd6d0e
ACL Policy Templating -> ACL Policy Path Templating ( #5330 )
2018-09-12 16:14:31 -07:00
Clint
5f5af90dfe
Update AWS auth backend iam_request_headers to be TypeHeader ( #5320 )
...
Update AWS Auth backend to use TypeHeader for iam request headers
- Remove parseIamRequestHeaders function and test, no longer needed with new TypeHeader
- Update AWS auth login docs
2018-09-12 16:16:16 -05:00
Becca Petrin
b2ff87c9c2
Poll for new creds in the AWS auth agent ( #5300 )
2018-09-12 13:30:57 -07:00
Brian Shumate
168b956fbb
Docs: clarify max_ttl in Database Secrets Create ( #5311 )
...
- Clarify max_ttl on Database Secrets Create API
- Crosslink to TTL general case docs
2018-09-11 19:55:15 -04:00
Jeremy Gerson
7c51265de9
Update pki-engine.html.md ( #5322 )
2018-09-11 19:49:31 -04:00
Yoko
7683aa3e57
[Guide] Performance Standby Nodes ( #5272 )
...
* Performance Standby Nodes guide
* Added a link in the Vault HA guide
* Added links
* Clarified the node selection info
* Incorporated feedback
* Added 'when the Enterprise license includes this feature'
* Fixed the label: server 8 -> VM8
* Incorporated the feedback
2018-09-11 15:22:36 -07:00
Jeff Mitchell
d96d10957c
Update some text around encrypting with agent
2018-09-11 15:05:44 -04:00
Becca Petrin
625592c5e6
update to match aws ( #5315 )
2018-09-11 11:10:50 -07:00
Brian Shumate
67bd5e460b
Docs: namespaces edit lookup subcommand text ( #5310 )
...
* Docs: namespaces edit lookup subcommand text
* precise
2018-09-10 11:56:01 -04:00
Jeff Mitchell
f61a3709ee
Finish updating jwt auth docs
2018-09-10 11:46:50 -04:00
mg
db56672529
resolve incorrect scope ( #5307 )
...
https://github.com/terraform-providers/terraform-provider-azurerm/issues/943
> Turns out the problem is that the scope was invalid. There was a missing s on resourceGroup. The error message though is absolutely awful for detecting that.
2018-09-07 16:56:02 -07:00
Joakim Bakke Hellum
6331f8bdf3
Fix typos in Azure Secrets Engine docs ( #5295 )
2018-09-06 15:31:19 -07:00
Geoff Meakin
3085c53ffe
Update relatedtools.html.md ( #5287 )
...
Add ansible-modules-hashivault to the list of third-party tools
2018-09-06 08:37:03 -07:00
Jeff Mitchell
c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly ( #5280 )
...
* Allow most parts of Vault's logging to have its level changed on-the-fly
* Use a const for not set
2018-09-05 15:52:54 -04:00
Steven Black
0a482e9bd2
Fix misspelling ( #5279 )
2018-09-05 15:40:01 -04:00
Brian Shumate
76293834cc
Update terminology ( #5225 )
...
- Change "key ring" references to "key" to match Transit API docs
2018-09-05 12:05:02 -04:00
Becca Petrin
7e0e49656a
Add AliCloud auth to the Vault Agent ( #5179 )
2018-09-05 11:56:30 -04:00
Seth Vargo
81e9efb658
Fix resource binding examples ( #5273 )
2018-09-05 11:55:45 -04:00
Dan Brown
19406ecd32
EA validation of material against Vault 0.11 ( #5276 )
...
* Validate RA against Vault 0.11
* Validate DG against Vault 0.11
2018-09-05 11:55:27 -04:00
Jeff Mitchell
c9b06f3b62
Remove certificates from store if tidying revoked certificates ( #5231 )
...
This will cause them to be removed even if they have not expired yet,
whereas before it would simply leave them in the store until they were
expired, but remove from revocation info.
2018-09-05 11:47:27 -04:00
RobinsonWM
cf525cb934
Documentation: Corrected typo in CLI init doc ( #5269 )
2018-09-04 15:44:41 -06:00
Jeff Mitchell
761f06d3a3
Update index.html.md
2018-09-04 12:15:05 -04:00
Dan Brown
d7d6c295b4
Update Azure VM sizes in Reference Architecture ( #5251 )
2018-09-03 20:24:27 -07:00
Yoko
0da1c762cb
[Guide] Updates on Namespaces guide ( #5243 )
...
* Added 'Additional Discussion' section
* s/at the root/in the root namespace/
* one more place that I said 'at the root' - fixed
2018-08-31 18:24:07 -07:00
Chris Hoffman
218ca527be
adding known issue
2018-08-31 17:29:21 -04:00
Yoko
5cfc84238d
Fixed the incomplete sentense ( #5240 )
2018-08-31 11:37:28 -07:00
Yoko
c52f3c5a24
[Guide] ACL Templating ( #5226 )
...
* WIP - ACL Templating
* WIP
* WIP - ACL Templating
* WIP
* Updated
* ACL Policy Templating guide
* Updated to use kv-v2 instead of kv
* Fixed the incomplete sentense and cleaned it up a little
* WIP Formatting and grammar
* Minor fixes
2018-08-31 09:06:43 -07:00
Chris Hoffman
3f56e989a3
adding known issues section
2018-08-30 19:09:30 -04:00
Yoko
2e7e2778e1
[Guide] Update for Vault HA (0.11) ( #5104 )
...
* For 0.11 - Performance Nodes
* Added the doc link
* Performance Node -> Performance Standby Nodes
* Updated to say 'most read-only requests'
2018-08-30 14:45:34 -07:00
Andy Manoske
e8ef5afb5f
namespace docs updates
...
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
Yoko
cc8eceb849
[Guide] Fixed the reported issue ( #5230 )
...
* Fixed the message
* Fixed the message
2018-08-30 09:45:18 -07:00
Jeff Mitchell
b1f462d7f9
Fix up sidebar JWT description
2018-08-30 12:00:20 -04:00