Commit graph

8868 commits

Author SHA1 Message Date
Clint 5882156f53
Translate AWS Rate limiting errors to 502 errors (#5270)
* Initial implemntation of returning 529 for rate limits

- bump aws iam and sts packages to v1.14.31 to get mocking interface
- promote the iam and sts clients to the aws backend struct, for mocking in tests
- this also promotes some functions to methods on the Backend struct, so
  that we can use the injected client

Generating creds requires reading config/root for credentials to contact
IAM. Here we make pathConfigRoot a method on aws/backend so we can clear
the clients on successful update of config/root path. Adds a mutex to
safely clear the clients

* refactor locking and unlocking into methods on *backend

* refactor/simply the locking

* check client after grabbing lock
2018-09-18 15:26:06 -05:00
Jeff Mitchell 919b968c27
The big one (#5346) 2018-09-17 23:03:00 -04:00
Jeff Mitchell 551f435501 changelog++ 2018-09-17 14:30:33 -04:00
Jeff Mitchell f692c1e3a9 Revert "Detect and bypass cycles during token revocation (#5335)"
This reverts commit 00314eb4d1c5609a1935f653dc6f2fc83c0bfcc0.
2018-09-17 14:10:57 -04:00
Brian Kassouf a2608a3b61
Fix approle tidy on performance standbys (#5338)
* Fix approle tidy on performance standbys

* Forward PKI and AWS also
2018-09-17 09:53:23 -07:00
Jeff Mitchell 65928618eb changelog++ 2018-09-17 12:36:20 -04:00
Jeff Mitchell 07e654f539 changelog++ 2018-09-17 12:11:11 -04:00
Jim Kalafut 6c5f678d6a
changelog++ 2018-09-17 09:04:51 -07:00
Jim Kalafut 0ae6ec52b8
Detect and bypass cycles during token revocation (#5335)
Fixes #4803
2018-09-17 08:55:12 -07:00
Yoko 512b64ad77
[Guide] Secure Introduction - Update (#5323)
* Adding Vault Agent to the Secure Intro guide

* Incorporated the feedback

* Deleted extra spaces

* methods -> approaches
2018-09-14 13:51:23 -07:00
Jeff Mitchell 5dc2bff9e2 changelog++ 2018-09-14 14:46:50 -04:00
Yoko 2cc8610abb
[Guide] Namespaces policy (#5296)
* Added policy info

* Fixed the API URL

* Added webinar recording as a reference material
2018-09-14 11:23:46 -07:00
Jeff Mitchell 6a2a6a7b34 changelog++ 2018-09-14 09:06:11 -04:00
Evan Grim 7f5c193ace Fix small grammatical error in plugin docs (#5334) 2018-09-13 14:23:24 -07:00
Jim Kalafut eb6c165e29
Improve CLI error message (#5327) 2018-09-13 08:23:36 -07:00
Clint bfbfe83195
Update CHANGELOG.md 2018-09-13 10:10:52 -05:00
Yoko 04a0dd6d0e
ACL Policy Templating -> ACL Policy Path Templating (#5330) 2018-09-12 16:14:31 -07:00
Clint 5f5af90dfe
Update AWS auth backend iam_request_headers to be TypeHeader (#5320)
Update AWS Auth backend to use TypeHeader for iam request headers

- Remove parseIamRequestHeaders function and test, no longer needed with new TypeHeader
- Update AWS auth login docs
2018-09-12 16:16:16 -05:00
Becca Petrin b2ff87c9c2
Poll for new creds in the AWS auth agent (#5300) 2018-09-12 13:30:57 -07:00
Brian Shumate 168b956fbb Docs: clarify max_ttl in Database Secrets Create (#5311)
- Clarify max_ttl on Database Secrets Create API
- Crosslink to TTL general case docs
2018-09-11 19:55:15 -04:00
Jeremy Gerson 7c51265de9 Update pki-engine.html.md (#5322) 2018-09-11 19:49:31 -04:00
Jim Kalafut e1a326152d
Switch to strings.EqualFold (#5284) 2018-09-11 16:22:29 -07:00
Yoko 7683aa3e57
[Guide] Performance Standby Nodes (#5272)
* Performance Standby Nodes guide

* Added a link in the Vault HA guide

* Added links

* Clarified the node selection info

* Incorporated feedback

* Added 'when the Enterprise license includes this feature'

* Fixed the label: server 8 -> VM8

* Incorporated the feedback
2018-09-11 15:22:36 -07:00
Jeff Mitchell d96d10957c Update some text around encrypting with agent 2018-09-11 15:05:44 -04:00
Becca Petrin 625592c5e6
update to match aws (#5315) 2018-09-11 11:10:50 -07:00
Jeff Mitchell 981bb07a4a changelog++ 2018-09-11 13:10:54 -04:00
Jeff Mitchell 1837c571ec
Fix authhandler-based wrapping in agent (#5316) 2018-09-11 13:10:11 -04:00
Brian Shumate 67bd5e460b Docs: namespaces edit lookup subcommand text (#5310)
* Docs: namespaces edit lookup subcommand text

* precise
2018-09-10 11:56:01 -04:00
Jeff Mitchell f61a3709ee Finish updating jwt auth docs 2018-09-10 11:46:50 -04:00
mg db56672529 resolve incorrect scope (#5307)
https://github.com/terraform-providers/terraform-provider-azurerm/issues/943

> Turns out the problem is that the scope was invalid. There was a missing s on resourceGroup. The error message though is absolutely awful for detecting that.
2018-09-07 16:56:02 -07:00
Jeff Mitchell ea08052120
Add an option to log all ops to inmem (#5306) 2018-09-07 17:35:46 -04:00
Jeff Mitchell 09d97b1eca
Cache negative results in physical cache (#5303) 2018-09-07 14:56:33 -04:00
Chris Hoffman 7c12f852d7
changelog++ 2018-09-07 09:20:20 -04:00
Joakim Bakke Hellum 6331f8bdf3 Fix typos in Azure Secrets Engine docs (#5295) 2018-09-06 15:31:19 -07:00
Jeff Mitchell 96704af2f0
Cut version 0.11.1 2018-09-06 13:45:45 -04:00
Jeff Mitchell 145b42ac11 Disable fmt on build 2018-09-06 13:45:32 -04:00
Jeff Mitchell 3f1e0790a3 changelog++ 2018-09-06 12:52:15 -04:00
vishalnayak e89802de58 changelog++ 2018-09-06 12:22:13 -04:00
vishalnayak e421972efb Remove group alias mdmdb update outside of UpsertGroupInTxn 2018-09-06 12:19:00 -04:00
Martin d51f3a45f7 Fix group alias loading when identity memdb is initialized (#5289) 2018-09-06 09:17:44 -07:00
Clint 900e0cbf50
Merge pull request #5216 from hashicorp/respond-upstream-throttle
Add error logical.ErrUpstreamRateLimited and return 502 from RespondCommonError
2018-09-06 11:07:01 -05:00
Jeff Mitchell f22fcccd34 changelog++ 2018-09-06 12:03:59 -04:00
Jeff Mitchell 95bdbbe85e
Port fix over that ensures we use the right step-down context (#5290) 2018-09-06 12:03:26 -04:00
Geoff Meakin 3085c53ffe Update relatedtools.html.md (#5287)
Add ansible-modules-hashivault to the list of third-party tools
2018-09-06 08:37:03 -07:00
Joshua Ogle bd286dc24b Fix arrows on select inputs (#5282) 2018-09-06 10:56:09 -04:00
Clint 70af510164
Merge branch 'master' into respond-upstream-throttle 2018-09-05 16:43:12 -05:00
Jeff Mitchell 28b403f153 changelog++ 2018-09-05 15:54:16 -04:00
Jeff Mitchell c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly (#5280)
* Allow most parts of Vault's logging to have its level changed on-the-fly

* Use a const for not set
2018-09-05 15:52:54 -04:00
Clint 60dcdf1472
Merge branch 'master' into respond-upstream-throttle 2018-09-05 14:48:21 -05:00
Steven Black 0a482e9bd2 Fix misspelling (#5279) 2018-09-05 15:40:01 -04:00