Commit graph

896 commits

Author SHA1 Message Date
Hridoy Roy 0dfabe7ade
Server Side Consistency Docs (#14392)
* partial docs

* remove unnecessary docs link

* move SSCT upgrade notes to 1.10 instead of 0.10

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/consistency.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* docs updates

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-16 10:20:12 -07:00
mickael-hc ada3d31dd1
update security model (#14482)
compromised clients are not part of vault's threat model
2022-03-15 16:27:41 -04:00
Pratyoy Mukhopadhyay d222981cec
Fixes from mount move testing (#14492)
* Add validation, fix docs

* add changelog

* fmt fix

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Update vault/logical_system_test.go

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2022-03-15 11:11:23 -07:00
Jason O'Donnell dd4a3b339e
auth/ldap: add username_as_alias config flag (#14324) 2022-03-15 10:21:40 -04:00
swayne275 ec4d013047
add tip for how to force a secrets engine disable (#14363)
* add tip for how to force a secrets engine disable

* add warning to force disable secrets instructions

* clean up wording

* add force secrets engine disable info to api doc

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/api-docs/system/mounts.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/secrets/disable.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/commands/secrets/disable.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* feedback updates

* impl taoism feedback

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-11 11:43:59 -07:00
Guillaume 6178f4e060
Added Enigma Vault secret plugin. Designed to be simple but complete, a good starting point for plugin developers (#14389) 2022-03-11 08:33:48 -05:00
Nick Cabatoff 57c6064863
Update error codes that are retried. (#14447) 2022-03-10 15:09:45 -05:00
Peter-Gess 5497f5e8d2
Fixing typo from "fo" to "of" (#14445) 2022-03-10 11:56:28 -08:00
Nick Cabatoff 6fc5a5d165
Add a place for us to link to external plugin examples/guides. (#14414) 2022-03-10 14:29:29 -05:00
hghaf099 b358bd6ffa
remove mount accessor from MFA config (#14406)
* remove mount accessor from MFA config

* Update login_mfa_duo_test.go

* DUO test with entity templating

* using identitytpl.PopulateString to perform templating

* minor refactoring

* fixing fmt failures in CI

* change username format to username template

* fixing username_template example
2022-03-09 09:14:30 -08:00
Jan Klaas Kollhof 756d0f0750
fix spelling of identity (#14318) 2022-03-08 15:59:15 -08:00
hghaf099 0bf9a38b36
Login MFA docs (#14317)
* MFA config docs

* correcting some issues

* feedback

* add a note about deleting methods

* Login MFA docs

* rename and mdx

* adding missing docs nav data

* some fixes

* interactive login request

* Apply suggestions from code review

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* feedback

* feedback

* Apply suggestions from code review

Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>

* feedback on mount accessor

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update login-mfa.mdx

Co-authored-by: Josh Black <raskchanky@gmail.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-07 16:26:00 -05:00
Rachel Culpepper 8aa18a20a2
Vault-4964: Update Managed Key documentation for AWS KMS (#14378)
* Add documentation for Managed Keys

 - Add concept, sys/api and pki updates related to managed keys

* Review feedback

 - Reworked quite a bit of the existing documentation based on feedback
   and a re-reading
 - Moved the managed keys out of the concepts section and into the
   enterprise section

* Address broken links and a few grammar tweaks

* add documentation for AWS KMS managed keys

* a couple small fixes

* # Conflicts:
#	website/content/api-docs/secret/pki.mdx
#	website/content/api-docs/system/managed-keys.mdx
#	website/content/docs/enterprise/managed-keys.mdx

* docs updates

* # Conflicts:
#	sdk/version/version_base.go
#	vault/seal_autoseal_test.go
#	website/content/api-docs/system/managed-keys.mdx
#	website/content/docs/enterprise/managed-keys.mdx

* remove endpoint env var

* Document Azure Key Vault parameters for managed keys.

* docs changes for aws kms managed keys

Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com>
2022-03-07 14:22:42 -06:00
Pratyoy Mukhopadhyay a85d4fe128
[VAULT-5268] Add mount move docs (#14314)
* add mount move docs

* add missed word

* Update website/content/api-docs/system/remount.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* one clarification

* docs changes from feedback

* couple things i missed

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-03-04 14:38:15 -08:00
Scott Miller 423f1b949b
Clarify certificate storage in Vault clustering (#14055)
* Clarify certificate storage in Vault clustering

* no_store clarification

* Update docs again, with new understanding of LocalStorage
2022-03-04 14:50:53 -06:00
Jason O'Donnell 1199a7a9f5
docs: fix typo in CF auth ca maintenance (#14366) 2022-03-03 18:25:57 -05:00
Jamie Finnigan 003d8fb1fe
update vault login docs to cover stdin default (#14336) 2022-03-03 12:45:41 -05:00
Loann Le c7a0dd41ea
fixed broken link (#14305) 2022-02-28 11:49:25 -08:00
Robert 2ea8be0567
docs: consul secret engine improvements, database secrets engine disable_escaping parameter (#14260)
* Update consul secrets engine docs and api-docs
* Update databases secrets engine docs and api-docs
2022-02-25 17:43:18 -06:00
Jim Kalafut 75caf59093
Replace docs references to PUT with POST (#14270)
The operations are handled identically, but ~85% of the references were
POST, and having a mix of PUT and POST was a source of questions.

A subsequent commit will update the internal use of "PUT" such as by
the API client and -output-curl-string.
2022-02-25 06:52:24 -08:00
Tom Proctor 3668275903
Quit agent endpoint with config (#14223)
* Add agent/v1/quit endpoint
  * Closes https://github.com/hashicorp/vault/issues/11089
* Agent quit API behind config setting
* Normalise test config whitespace
* Document config option

Co-authored-by: Rémi Lapeyre <remi.lapeyre@lenstra.fr>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
2022-02-25 10:29:05 +00:00
Austin Gebauer 4d94ba8e14
agent/azure: adds ability to use specific user-assigned managed identities for auto auth (#14214)
* agent/azure: adds ability to use specific user assigned managed identity for auto auth

* add changelog

* change wording in error and docs

* Update website/content/docs/agent/autoauth/methods/azure.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/agent/autoauth/methods/azure.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* docs formatting

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-02-23 11:43:36 -08:00
Robert 5f3b67675b
Clarify service_registration stanza version (#14213)
* Clarify when service_registraion was introduced

Resolves https://github.com/hashicorp/vault/issues/8768
Language is modeled after the nomad acl version limits

> ~> Version information ACLs are only available on Nomad 0.7.0 and above.

1e720054e5/website/pages/docs/secrets/nomad/index.mdx

* Update phrasing to clarify vault isn't rquired

* rephrase

* Rewording statements

Co-authored-by: Spencer Owen <owenspencer@gmail.com>
2022-02-23 10:18:52 -05:00
Theron Voran eea7fb947a
docs/vault-k8s: path for agent-inject-token (#14212)
State the path where the token can be found when injected with the
agent-inject-token annotation.
2022-02-22 22:03:05 -08:00
Romain Aviolat 7845567ee6
fix(doc): mention that leases can be revoked from the UI (#14205) 2022-02-22 18:04:37 -08:00
Nick Cabatoff 5fe1c16201
Remove support for etcd v2 storage backend. (#14193) 2022-02-22 16:48:04 -05:00
Pratyoy Mukhopadhyay 345857fa1b
[VAULT-1011] Update autoauth docs (#13883)
* Update autoauth docs

* Update website/content/docs/agent/autoauth/index.mdx

Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>

Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
2022-02-22 10:04:23 -08:00
Theron Voran a14f19802d
Fix link to Kubernetes 1.21 section (#13960) 2022-02-18 16:43:18 -08:00
Alexander Scheel f0dc3a553f
Switch to secure signing algorithm for SSH secrets engine (#14006)
* Explicitly call out SSH algorithm_signer default

Related: #11608

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Use rsa-sha2-256 as the default SSH CA hash algo

As mentioned in the OpenSSH 8.2 release notes, OpenSSH will no longer be
accepting ssh-rsa signatures by default as these use the insecure SHA-1
algorithm.

For roles in which an explicit signature type wasn't specified, we
should change the default from SHA-1 to SHA-256 for security and
compatibility with modern OpenSSH releases.

See also: https://www.openssh.com/txt/release-8.2

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Update docs mentioning new algorithm change

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix missing parenthesis, clarify new default value

* Add to side bar

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-18 10:44:01 -05:00
Calvin Leung Huang c839fc78d8
auth/ldap: add resp warning if userfilter doesn't consider userattr (#14095)
* auth/ldap: add resp warning if userfilter doesn't consider userattr

* add changelog entry
2022-02-17 17:19:44 -08:00
Rémi Lapeyre 98b18ee08e
Add telemetry to Vault agent (#13675)
This patch adds a new /agent/v1/metrics that will return metrics on the
running Vault agent. Configuration is done using the same telemetry
stanza as the Vault server. For now default runtime metrics are
returned with a few additional ones specific to the agent:
  - `vault.agent.auth.failure` and `vault.agent.auth.success` to monitor
  the correct behavior of the auto auth mechanism
  - `vault.agent.proxy.success`, `vault.agent.proxy.client_error` and
  `vault.agent.proxy.error` to check the connection with the Vault server
  - `vault.agent.cache.hit` and `vault.agent.cache.miss` to monitor the
  cache

Closes https://github.com/hashicorp/vault/issues/8649

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2022-02-17 17:10:26 -08:00
Jordan Reimer b936db8332
Revert "MFA (#14049)" (#14135)
This reverts commit 5f17953b5980e6438215d5cb62c8575d16c63193.
2022-02-17 13:17:59 -07:00
Alexander Scheel 1996336481
Update repository links to point to main (#14112)
* Update repository links to point to main

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix broken link in relatedtools.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2022-02-17 14:30:56 -05:00
Chris Capurso 797f11b0e5
update G Suite to Google Workspace in docs (#14126)
* update G Suite to Google Workplace in docs

* fix Google Workplace to Workspace typo
2022-02-17 13:01:45 -05:00
Jordan Reimer 36ccfaa3aa
MFA (#14049)
* adds development workflow to mirage config

* adds mirage handler and factory for mfa workflow

* adds mfa handling to auth service and cluster adapter

* moves auth success logic from form to controller

* adds mfa form component

* shows delayed auth message for all methods

* adds new code delay to mfa form

* adds error views

* fixes merge conflict

* adds integration tests for mfa-form component

* fixes auth tests

* updates mfa response handling to align with backend

* updates mfa-form to handle multiple methods and constraints

* adds noDefault arg to Select component

* updates mirage mfa handler to align with backend and adds generator for various mfa scenarios

* adds tests

* flaky test fix attempt

* reverts test fix attempt

* adds changelog entry

* updates comments for todo items

* removes faker from mfa mirage factory and handler

* adds number to word helper

* fixes tests

* Revert "Merge branch 'main' into ui/mfa"

This reverts commit 8ee6a6aaa1b6c9ec16b985c10d91c3806819ec40, reversing
changes made to 2428dd6cca07bb41cda3f453619646ca3a88bfd0.

* format-ttl helper fix from main
2022-02-17 09:10:56 -07:00
Alexander Scheel 7278479856
Document vault write JSON request parameters (#14087)
As mentioned by Steve Clark. :-)

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-17 10:07:41 -05:00
Robert 91f5069c03
secret/consul: Add Consul ACL roles support (#14014)
Co-authored-by: Brandon Ingalls <brandon@ingalls.io>
2022-02-16 19:31:08 -06:00
Loann Le 8e504f59e8
Vault documentation: created new developer quick start guide (#14038)
* new developer quick start

* fixed typo

* fixed placement of guide

* modified descr

* Add Ruby quickstart code

* incorporated feedback

* spelling error

* changed word to caps

* Some format edits (#14065)

* Split install instructions into tabs (#14092)

Co-authored-by: Valerie Conklin <val@hashicorp.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-16 15:25:36 -08:00
Alexander Scheel dab1ac4650
Update plugin-portal.mdx (#13229) (#14108)
Add a Vault plugin to allow authentication via SSH certificates and public keys

Co-authored-by: Wim <wim@42.be>
2022-02-16 12:32:43 -08:00
Alex Cahn 42bdcf0657
Vault Integration Program Update (#14031)
* Updating badges

* Updates to the VIP page

Updates to the VIP page to add Enterprise Badges

* Updated Eco Diagram

* Update Eco Image

* Fixing the images

* Fixing Badge Placement

* centering the badges

* Centering the badges - again

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update partnerships.mdx

* trigger ci

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2022-02-15 11:19:51 -08:00
VAL 772cfcab91
Typo and clarity fixes (#14081) 2022-02-15 10:43:49 -08:00
Victor Rodriguez 5ad48fc1c2
Restore tidy-status documentation. (#14075)
Restore tidy-status documentation.

Fixes VAULT-5113.
2022-02-15 11:04:21 -05:00
Victor Rodriguez 88e02feab0
Remove documentation for upcoming /pki/tidy-status endpoint. (#14044)
The documentation will be released along with the feature.
2022-02-14 15:41:50 -05:00
Chris Capurso f9e9b4d327
Add sys/version-history endpoint and associated command (#13766)
* store version history as utc; add self-heal logic

* add sys/version-history endpoint

* change version history from GET to LIST, require auth

* add "vault version-history" CLI command

* add vault-version CLI error message for version string parsing

* adding version-history API and CLI docs

* add changelog entry

* some version-history command fixes

* remove extraneous cmd args

* fix version-history command help text

* specify in docs that endpoint was added in 1.10.0

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* enforce UTC within storeVersionTimestamp directly

* fix improper use of %w in logger.Warn

* remove extra err check and erroneous return from loadVersionTimestamps

* add >= 1.10.0 warning to version-history cmd

* move sys/version-history tests

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-02-14 15:26:57 -05:00
Jim Kalafut 0712ef13fc
Allow auto-detection of AWS region when using the vault CLI (#14051) 2022-02-14 12:01:27 -08:00
Loann Le f78d82ebe1
Vault documentation: added new warning to listener stanza parameters (#14036)
* added a new warning

* Update website/content/docs/configuration/listener/tcp.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* fixed word tense

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-14 08:54:43 -08:00
Loann Le 296fee0193
changed to upper-case for integrated storage (#14037) 2022-02-14 08:38:06 -08:00
Jason O'Donnell b686d727a9
docs/azure: add note about identities (#14020) 2022-02-11 17:09:35 -05:00
Yoko Hyakuna 4ac997561f
Add 'Integrated Storage vs. Consul' comparison (#13999)
* Add IS vs. external storage section

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Add a cross-referencing link

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/concepts/storage.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Incorporate review feedback

* Incorporate review feedback

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>
Co-authored-by: David Adams <daveadams@gmail.com>
2022-02-11 08:07:35 -08:00
Shohei Maeda 4073f6663b
KV v2 doc - fix format and update examples (#14003) 2022-02-10 13:20:36 -08:00
Loann Le c360d5ad45
fixed steps (#13993) 2022-02-09 17:25:33 -08:00
Loann Le bfd49bc16d
added link to hcpv docs (#13992) 2022-02-09 16:15:17 -08:00
EsbenDalgaard 2489c958f5
Update approle.mdx (#13967) 2022-02-09 18:22:10 -05:00
Ray Ryjewski 571804390e
Update gcp.mdx (#13438)
Updated the example for oauth.  In my testing I had to use the project-id for both the project attribute as well as within the bindings attribute.
2022-02-09 12:09:01 -08:00
Niklas Wagner 8199437a4b
Fix Environment Variables in Kubernetes config (#13969)
The Environment Variables seems wrong as you can see:
$ echo "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT"
https://172.20.0.1:tcp://172.20.0.1:443
2022-02-09 11:16:33 -08:00
Loann Le 622c24f60f
Vault documentation: Updated Licensing FAQ page (#13959)
* updated license faq doc

* fixed typo

* Update website/content/docs/enterprise/license/faq.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faq.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* fixed spelling error

* removed a step and added a new one

* fixed note

* added a new link to TDE

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-09 11:14:36 -08:00
Samori Gorse 0f588bc159
Formatting touch ups on storage/dynamodb.mdx (#13948)
Following my previous fix, those are some small formatting touch ups.
2022-02-09 10:36:09 -08:00
Alexander Scheel 386ef0eb6b
Add clarification around vague "this" references (#13968)
* Clarify subject of this w.r.t. TLS configuration

Thanks to @aphorise for pointing this out internally.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/gcp docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/aws docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/database/oracle.mdx

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in seal/pkcs11 docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in agent/autoauth docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-09 13:02:44 -05:00
Loann Le 2b66cca52d
Vault documentation: added a warning message to vault ui browser support doc (#13961)
* added a warning about using ie browswer

* added Vault UI at the end
2022-02-09 09:10:24 -08:00
Andy Assareh c292dbaf4d
mysql is also supported for transform external storage (#13104)
per https://www.vaultproject.io/api/secret/transform#driver and https://www.vaultproject.io/docs/secrets/transform/tokenization#external-sql-stores
2022-02-08 16:40:58 -08:00
Steven Clark 12b0e2a56b
Add documentation for Managed Keys (#13856)
* Add documentation for Managed Keys

 - Add concept, sys/api and pki updates related to managed keys

* Review feedback

 - Reworked quite a bit of the existing documentation based on feedback
   and a re-reading
 - Moved the managed keys out of the concepts section and into the
   enterprise section

* Address broken links and a few grammar tweaks
2022-02-08 14:01:19 -05:00
Austin Gebauer 5804da7490
auth/okta: documentation improvements (#13944) 2022-02-08 09:21:19 -08:00
Scott Miller f226d0103f
Add duration/count metrics to PKI issue and revoke flows (#13889)
* Add duration/count metrics to PKI issue and revoke flows

* docs, changelog

* tidy

* last tidy

* remove err

* Update callsites

* Simple returns

* Handle the fact that test cases don't have namespaces

* Add mount point to the request

* fmt

* Handle empty mount point, and add it to unit tests

* improvement

* Turns out sign-verbatim is tricky, it can take a role but doesn't have to

* Get around the field schema problem
2022-02-08 10:37:40 -06:00
cr48 1a4dc03bf7
Typo: Corrected same typo in 2 locations (on-premise to on-premises) (#13402)
* Fixed 2 typos on-premise to on-premises.

* Added changelog file.

* Removed 13402.txt file from changelog.

* Update website/content/docs/secrets/terraform.mdx

Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
2022-02-07 18:59:46 -05:00
Loann Le f85945d3aa
Vault documentation: updated What is a Client section (#13816)
* updated client doc

* fixed heading
2022-02-07 09:05:10 -08:00
Jason O'Donnell 7145fe49ff
docs/oracle: add wallet permissions example (#13924)
* docs/oracle: add wallet permissions example

* Update website/content/docs/secrets/databases/oracle.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
2022-02-07 11:17:33 -05:00
Samori Gorse b2e3745837
typo: Updated terraform example (#13401)
The terraform example had a couple of issues:

- Tags was missing a `=`
- Attribute list is not supported
2022-02-04 13:08:16 -08:00
Chris Jones b97a1b3157
Add iam:GetUser permission to the example. (#13316)
Without `iam:GetUser` permission, I wasn't able to get Vault to rotate its own credentials.
2022-02-04 13:07:26 -08:00
mairandomness bc74650b98
Update delete.mdx (#13148)
Adding a note on the parameter necessary for deletion on a key deletion example seems like a good idea.
From my limited research I found other people that had trouble finding the relevant part of the documentation.
Though I'm not sure this is the best wording or formatting for it.
2022-02-04 10:13:24 -08:00
Maha Sharabinth c30fa154ff
Add a Rekey Example When Auto Unseal is Used (#13139)
Added an example to explicitly show how to perform a Rekey operation when the Vault cluster is using Auto Unseal.  This is placed as the second example. 
The existing example code combines with the PGP keys so added a simple example without the PGP keys.
2022-02-04 10:43:33 -05:00
Theron Voran c01b9915b1
docs/helm: fix duplicate ingress tls section (#13790)
Combined the two Ingress sections into one, hopefully in the right
spot this time.
2022-02-03 22:48:23 -08:00
Mark Lewis 919c197fe9
Update index.mdx (#12936)
Tidy a couple of bullets.
2022-02-03 17:49:46 -08:00
Tom Proctor fce9c92c5b
Update k8s auth long-lived token instructions (#13852) 2022-01-31 23:16:01 +00:00
Anoop Vijayan Maniankara f5b9aefd1e
Update mssql.mdx with typo error (#13527)
user sa -> vaultuser
2022-01-31 14:56:37 -05:00
Sebastien Rosset fd209183d1
Update upgrade-to-1.3.10.mdx (#12341)
The upgrade guide indicates the upgrade path between two identical versions (1.3.10). Presumably you meant compared to 1.3.9?
2022-01-28 09:27:23 -08:00
Austin Gebauer 17b2e0d259
auth/oidc: Documentation updates for Azure AD applications (#13819) 2022-01-28 08:34:36 -08:00
Steven Clark 69ac11a564
Documentation updates for new keys for PKCS#11 unsealing (#13814)
* Document new force_rw_session parameter within pkcs11 seals

* documentation for key_id and hmac_key_id fields

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/seal/pkcs11.mdx

Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: rculpepper <rculpepper@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-01-28 11:25:02 -05:00
mickael-hc 45875e2e9d
docs: add cluster-to-cluster communications to external threat overview (#13805) 2022-01-28 10:15:22 -05:00
Scott Miller 86175b2e82
Add notes on the PKI cert generation forwarding regression (#13815)
* Add notes on the PKI cert generation forwarding regression

* content

* typo

* iterate

* extra space
2022-01-27 16:36:50 -06:00
Scott Miller 743b0e1905
Clarify that backend authors can specify that all or no values are sealwrapped (#13813)
* Clarify that backend authors can specify that all or no values are sealwrapped rather than the vague statement that all values _may_ be seal wrapped

* typo
2022-01-27 15:30:55 -06:00
Rosemary Wang e1165737dc
Update CSI provider installation on OpenShift (#13763)
Include recommendation to use Vault agent injector on OpenShift
instead of CSI due to production security constraints.
Additional instructions included for testing and development
clusters.
2022-01-26 07:44:15 -08:00
mickael-hc 3a1a8c4cbf
Fix limits docs to reflect listener variable name (#13776) 2022-01-25 16:45:56 -05:00
Loann Le 02074f40e7
added missing title (#13775) 2022-01-25 10:19:10 -08:00
Caleb Lemoine f03a176ac3
docs: add vault-plugin-secrets-jenkins to plugin portal page (#13531)
Signed-off-by: circa10a <caleblemoine@gmail.com>
2022-01-24 19:36:42 -08:00
Theron Voran a0ccdfcdb1
docs/k8s: Updates for vault-k8s 0.14.2 and vault-helm 0.19.0 (#13748)
Updated vault and chart versions, and some formatting from the
pre-commit hook. Also updated chart values.
2022-01-24 15:25:52 -08:00
James Bayer 2d3db5ce78
Updated spelling (#13751) 2022-01-24 14:38:13 -08:00
Loann Le 5bc0c1b3c0
fixed typo (#13740) 2022-01-21 11:12:01 -08:00
Mike Green 364d7a9be1
Add algo signer to support openssl as of recent (#12438)
"algorithm_signer": "rsa-sha2-256"
to prevent /var/log/auth.log `userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]` due to vault defaulting to ssh-rsa which is insecure
2022-01-19 15:37:00 -08:00
Calvin Leung Huang bd25ed1294
docs: add known issues section to 1.9.x upgrade guide (#13662)
* docs: add known issues section to 1.9.x upgrade guide

* minor rephrasing on oidc known issue

* use relative references for URLs

* Update website/content/docs/upgrading/upgrade-to-1.9.x.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* update known issues section for id token

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-01-19 11:21:10 -08:00
Jason O'Donnell 17ca494be3
docs/oracle: fix typo in connection_url example (#13708) 2022-01-19 11:59:30 -05:00
Tony Pulickal 908a1c1178
Update http requests API link to versioned docs (#13692) 2022-01-18 14:16:02 -05:00
Tero Saarni e2b17ca96b
auth/kubernetes: support for dynamically reloading short-lived tokens (#13595)
* auth/kubernetes: support for short-lived tokens

* Uplift new version of Kubernetes auth plugin that does not store the
  service account token persistently to Vault storage.

* Update the documentation to recommend local token again when running
  Vault inside cluster.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* Added changelog entry

Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* clarification to changelog entry, executed go mod tidy

* clarifications and added targeted release version
2022-01-14 19:55:15 -08:00
Jason O'Donnell 33b9db2d26
docs: update oracle tls examples (#13659)
* docs: update oracle tls examples

* Add warnings

* Add notes

* Add missing note
2022-01-14 10:03:58 -05:00
Austin Gebauer 691e440fac
auth/azure: Documents config env vars and fixes resource used in examples (#13641) 2022-01-13 10:41:40 -08:00
Austin Gebauer e5dd039c4f
secrets/keymgmt: Adds documentation for using Azure Private Link (#13640) 2022-01-13 10:41:05 -08:00
Loann Le 492eb0a2d6
Vault documentation: updated client count FAQ (#13633)
* include nomad vault question

* added link
2022-01-13 08:56:58 -08:00
Chris Capurso d52d69e4bb
Add HTTP PATCH support for KV key metadata (#13215)
* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* add kv metadata patch command

* add changelog entry

* success tests for kv metadata patch flags

* add more kv metadata patch flags tests

* add kv metadata patch cas warning test

* add kv-v2 key metadata patch API docs

* add kv metadata patch to docs

* prevent unintentional field overwriting in kv metadata put cmd

* like create/update ops, prevent patch to paths ending in /

* fix kv metadata patch cmd in docs

* fix flag defaults for kv metadata put

* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* fix TestKvMetadataPatchCommand_Flags test

* doc fixes

* go get vault-plugin-secrets-kv@master; go mod tidy
2022-01-12 12:05:27 -05:00
Nick Cabatoff 150b1ac67a
Clarify the distinction between token and identity policies. (#13614) 2022-01-11 09:01:43 -05:00
Nick Cabatoff 3828d4bf9d
Note that api_addr and cluster_addr can use go-sockaddr templates. (#13592) 2022-01-10 09:06:30 -05:00
Saru Thuraiman e3426c238f
Add missing word "database" in docs (#13571)
* Update README.md

Add missing word database

* Update what-is-vault.mdx

Add missing "database" keyword.

* Update README.md

* Update what-is-vault.mdx

* Update website/content/docs/what-is-vault.mdx

* Update website/content/docs/what-is-vault.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-01-07 09:21:37 -08:00
Jason O'Donnell 1cc5e8d44d
docs: fix typo in azure auth debug log mode (#13593) 2022-01-07 11:33:53 -05:00
mickael-hc 82e6f2bbd2
docs: update GitHub auth method docs and security model (#13572)
Provide changes based on recent audit feedback: describe risks of third party authentication systems and plugins.
2022-01-05 09:23:55 -08:00
Dave D'Amico 1b538e584b
corrected name and added link (#13562) 2022-01-04 14:29:59 -08:00
raakatz 86ac6c2996
Fix a sentence in architecture.mdx (#13539)
The words "can be" were missing
2022-01-03 16:38:39 -08:00
Loann Le e5999bba62
Vault documentation: fixed broken links (#13553)
* fixed broken links

* Update ha.mdx

removed extra slash
2022-01-03 13:53:10 -08:00
Tim Peoples 26c46f0b45
Update docs to reflect new plugin behavior. (#13543)
* Update docs to reflect that TLS connection state is now available to plugins

* Fix typo (D'oh!)
2022-01-03 11:54:12 -08:00
Pascal Reeb 48dbe28b24
fix(docs-k8s-helm): changed server's podAntiAffinity labelSelector example to match helm default values (#13140) 2022-01-03 11:13:54 -08:00
VAL ee5f26e18f
Update example code links, remove unneeded comments (#13491) 2021-12-22 09:33:12 -08:00
Jose Diaz-Gonzalez b56f708ef3
docs: add a note regarding the backend => storage config key aliasing (#13451)
* docs: add a note regarding the backend => storage config key aliasing

This was missing from upgrade docs and implemented in #2456.

* Update website/content/docs/upgrading/upgrade-to-0.7.0.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-22 09:24:55 -08:00
Meggie 78b0284f78
Adding upgrade note about 1.7.8 go version (#13475)
* Adding upgrade note about 1.7.8 go version

* Adding version bump while I'm at it
2021-12-21 17:49:41 -05:00
firingLi 0446e14d02
add tencentCloud Secrets&Auth Plugins (#13415)
* add tencentCloud plugin

* add tencentCloud plugin

* add tencentCloud plugin
2021-12-20 17:00:27 -08:00
Vasilii Angapov f94d0dd44f
Fix typo in policies.mdx (#13345)
Fix typo in Kubernetes policy example which prevents example from working.
2021-12-20 11:25:50 -08:00
Meggie 834ad52d68
Upgrade guidance updates from VLT-172 (#13327)
* Upgrade guidance updates from VLT-172

Trying to clarify some upgrade questions. Learn update to follow in
separate PR.

* Apply suggestions from code review

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-12-20 13:46:57 -05:00
Tom b2c473edbd
adjustemnt of options order (#12804)
Co-authored-by: tograla <tograla@gmail.com>
2021-12-17 16:22:52 -08:00
Carlos Cisneros, Jr fbd0cf82d9
Update index.mdx (#10873)
* Update index.mdx

Fixed typo in Setup section of the Secrets Engine documentation.

* Update index.mdx

Remove line 112.
2021-12-17 16:09:38 -08:00
Kaue Doretto Grecchi 2cc4ec2487
add entity-alias parameter description (#13339)
This page is missing the `entity-alias` parameter description, available in the `vault token create --help` command
2021-12-17 15:23:47 -08:00
Noel Quiles 9a9608a11d
website: Update text (#13441) 2021-12-16 12:35:55 -05:00
Pratyoy Mukhopadhyay a9301012fc
Update docs with new images (#13454)
* Update docs with new images

* Update website/content/docs/concepts/identity.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extraneous Github mention

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-15 20:10:05 -08:00
Jason Peng 0bd6f5392c
Update openshift.mdx (#13372)
Consul Openshift is supported since Consul 1.9 as per https://www.hashicorp.com/blog/introducing-openshift-support-for-consul-on-kubernetes. Please verify.
2021-12-15 13:07:30 -08:00
Yoko Hyakuna cbdea53dd7
Add paths filter doc (#13435)
* Add paths filter doc

* Add a description about the screenshot

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extra sentense

* Update the diagram

* Update the diagram

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-14 17:19:31 -08:00
Jason O'Donnell 9674a75a4d
auth/azure: add note about debug env (#13405)
* auth/azure: add note about debug env

* Update azure.mdx

* Update azure.mdx
2021-12-13 14:16:45 -05:00
divyapola5 3488948ccd
CLI changes for new mount tune config parameter allowed_managed_keys (#13255)
* CLI changes for new mount tune config parameter allowed_managed_keys

* Correct allowed_managed_keys description in auth and secrets

* Documentation update for secrets and removed changes for auth

* Add changelog and remove documentation changes for auth

* removed changelog

* Correct the field description
2021-12-10 11:08:28 -06:00
hghaf099 65845c7531
VAULT-1564 report in-flight requests (#13024)
* VAULT-1564 report in-flight requests

* adding a changelog

* Changing some variable names and fixing comments

* minor style change

* adding unauthenticated support for in-flight-req

* adding documentation for the listener.profiling stanza

* adding an atomic counter for the inflight requests
addressing comments

* addressing comments

* logging completed requests

* fixing a test

* providing log_requests_info as a config option to determine at which level requests should be logged

* removing a member and a method from the StatusHeaderResponseWriter struct

* adding api docks

* revert changes in NewHTTPResponseWriter

* Fix logging invalid log_requests_info value

* Addressing comments

* Fixing a test

* use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core

* fixing go.sum

* minor refactoring

* protecting InFlightRequests from data race

* another try on fixing a data race

* another try to fix a data race

* addressing comments

* fixing couple of tests

* changing log_requests_info to log_requests_level

* minor style change

* fixing a test

* removing the lock in InFlightRequests

* use single-argument form for interface assertion

* adding doc for the new configuration paramter

* adding the new doc to the nav data file

* minor fix
2021-12-08 17:34:42 -05:00
Pratyoy Mukhopadhyay c97c8687f4
[VAULT-3252] Add entity-alias behavior change to docs (#13370)
* Add entity-alias behavior change to docs

* Add upgrade note about entity-alias mapping change

* Rename 1.7-9 upgrade pages, shuffle upgrade note position

* Update website/content/partials/entity-alias-mapping.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Add incorrect policy issue to the docs

* Add example about entity-alias restriction

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-12-08 13:52:51 -08:00
Tom Proctor be07a202d9
Docs to clarify k8s auth options with short-lived tokens (#13275)
* Rework 1.21 content into one heading and add note at top
* Add notes about extended k8s token duration
* Add example of ClusterRoleBinding for using client JWTs
2021-12-08 18:20:24 +00:00
Mike Green 05da506dea
clarify more sink options (#12586) 2021-12-07 12:16:14 -08:00
Calvin Leung Huang 0c5662770d
docs: update custom database sample code (#13211) 2021-12-07 11:10:02 -08:00
mickael-hc 36207b5668
docs: winsvc update recommendations (#13280) 2021-12-07 10:35:13 -08:00
Loann Le 8f7dd0c291
modifed note (#13351) 2021-12-07 08:46:46 -08:00
Steven Clark 94e6a688ff
Add kms_library configuration stanza (#13352)
- Add the kms_library configuration stanza to Vault's command/server
 - Provide validation of keys and general configuration.
 - Add initial kms_library configuration documentation
 - Attempt at startup to verify we can read the configured HSM Library
 - Hook in KmsLibrary config into the Validate to detect typo/unused keys
2021-12-07 09:58:23 -05:00
Harsimran Singh Maan 7178e2c4be
Fix typo (#13355) 2021-12-06 17:23:03 -08:00
Heather Simon 04d634d9d2 Merge branch 'main' of https://github.com/hashicorp/vault 2021-12-06 10:09:49 -08:00
Noel Prince b4d86a13c1
improve "x_forwarded_for_hop_skips" example (#12463)
Currently the example given results in 2.3.4.5 if it is indexed from other side. This new example prevents confusion because it is now clear which side x_forwarded_for_hop_skips is indexing from
2021-12-06 10:56:51 -05:00
Heather Simon f44dbce609 Typo fix in 1.9 Release Notes
Fixes a typo in "Vault Agent improvements"
2021-12-03 14:02:16 -08:00
Loann Le 21b01b71a6
Vault documentation: updated client count FAQ document (#13330)
* modified based on feedback

* Update faq.mdx

fixed text
2021-12-02 11:21:56 -08:00
Jim Kalafut 9ed05c3ff5
Fix doc build (#13329)
path-help.mdx is now the reference for help.
2021-12-02 08:31:56 -08:00
Jim Kalafut f0f4c2886a
Unhide or remove docs sidebar elements (#13198)
A few sidebar elements are hidden for unknown reasons. If we have a
reason to keep them hidden (vs deleting the element and associated docs),
maybe we could add `"_comment":"Hidden because ..."` to them.

A few other elements were definitely obsolete so I've removed them.
2021-12-01 16:58:28 -08:00
Rowan Smith a78721dbfe
update custom headers to mention 1.9 is required (#13155)
* update custom headers to mention 1.9 is required

Per https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#190-rc1 the custom response headers are a new feature introduced in 1.9, meaning we should explicitly call out this version requirement in documentation, otherwise users of earlier versions of Vault will unable to use the functionality and may consider it a bug.

* Update website/content/docs/configuration/listener/tcp.mdx

reads better, agreed

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-01 10:48:06 -08:00
Nick Cabatoff a47a2c9fc4
Add "operator members" command to list nodes in the cluster. (#13292) 2021-11-30 14:49:58 -05:00
Nicola Kabar b5f1027d07
docs: added minor recommendation for k8s agent annotations (#13239)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-11-29 14:57:19 -08:00
Mike 4fd241c3d3
Fix case typo in docs (#13259) 2021-11-29 15:55:46 -05:00
Yoko Hyakuna 6ea0df030e
Update Vault Agent intro (#13267)
* Update Vault Agent intro

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-24 12:41:11 -08:00
Scott Miller f1b18bd990
Don't claim that Vault obfuscates the environment variable for sensitive values, this doesn't work at least in recent version of Go, as Go makes a copy of the environment, so we're only modifying that one, and not the one visible to the rest of the system (#13252) 2021-11-24 11:50:34 -06:00
akshya96 3c6f68f9c4
Docs/custom metadata updates (#13244)
* adding custom_metadata read and update changes

* adding custom metadata changes
2021-11-23 09:40:44 -08:00
Nick Cabatoff 0082cc4a5b
Correct flag name: -dev-kv-v1, not dev-kv-1. (#13250) 2021-11-23 12:17:51 -05:00
Austin Gebauer d5f4fbecc1
identity/oidc: optional nonce parameter for authorize request (#13231) 2021-11-22 09:42:22 -08:00
Loann Le 10d146125a
Updates to 1.9 documentation (#13228)
* incorporated feedback

* fixed link

* fixed link again

* found another error
2021-11-19 12:46:47 -08:00
Theron Voran 79ec6b7f3d
docs: updated for vault-k8s 0.14.1 vault-helm 0.18.0 (#13199)
* version bumps

* updated chart options
2021-11-18 18:08:35 -08:00
Gary Frederick 9622e36b82
Docs deprecate token issuer validation (#13019)
* change default vaule for disable_iss_validation to be true

* mark as deprecated | remove issuer from sample

* deprecation section

* additional informaiton about when fields will be removed

* additional deprecation note under csi provider

* punctuation

* make the deprecation note more noticable

* missing issuer sentence | remove whitespace

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>

* cleanup

* additional deprecation comments

* fix discovery link

* highlight

* no need to configure the issuer

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
2021-11-18 15:16:54 -08:00
John-Michael Faircloth 73d3204b8f
OIDC: add note on PKCE support for code flow (#13206)
* OIDC: add note on PKCE support for code flow

* add changelog

* remove changelong
2021-11-18 13:46:34 -06:00
Loann Le 4127092fdd
fixed errors in file (#13205) 2021-11-18 10:50:26 -08:00
Martin Hristov c933664eeb
docs: fixing the injector.webhookAnnotations annotation (#13181) 2021-11-17 18:19:33 -08:00
Loann Le 42abf7ed2e
Updated Vault 1.9 documentation (#13194)
* post 1-9 doc changes

* fixed endpoint sample

* Update website/content/docs/release-notes/1.9.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-11-17 14:23:48 -08:00
VAL f6d8904540
Use new auth modules + Login method in Go client docs (#13189) 2021-11-17 11:52:38 -08:00
Meggie 5af1db7992
Removing draft note (#13187) 2021-11-17 13:22:55 -05:00
Austin Gebauer a01e1a4101
docs/identity: fix template parameter for groups (#13176) 2021-11-17 08:25:37 -08:00
Tom Proctor 46adcccfea
Website docs for Vault EKM provider for MS SQL (#13175) 2021-11-17 13:46:07 +00:00
Austin Gebauer b73815f966
identity/oidc: Adds section to 1.9 upgrade guide for ACL policy requirements (#13154) 2021-11-16 11:27:31 -08:00
Austin Gebauer d75db00dcb
Adds documentation for GCP Cloud KMS support in key management secrets engine (#13153) 2021-11-16 11:27:08 -08:00
Loann Le 764c10ded7
[Doc Assembly Branch] Vault 1.9 release (#12944)
* new document for feature deprecation notice

* fixed errors

* Update website/content/docs/feature-deprecation-notice.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Update website/content/docs/feature-deprecation-notice.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Update website/content/docs/feature-deprecation-notice.mdx

Co-authored-by: Rosemary Wang <915624+joatmon08@users.noreply.github.com>

* Update website/content/docs/feature-deprecation-notice.mdx

Co-authored-by: Rosemary Wang <915624+joatmon08@users.noreply.github.com>

* Update feature-deprecation-notice.mdx

* added new faq page

* added content for faq

* updated faq page based on aarti's feedback

* added client count faq

* fixed a broken link

* added links

* fixed spacing issue

* added new release notes page

* edited the client count faq

* edited the feature deprecation faq

* edited the featue deprecation notice and plans

* edited the release notes

* added new oidc provider doc

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* incorporated feedback

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

* changed mnt_acc to mount_accessor

* rewritting content

* added doc link

* fixed link error

* fixed spacing error

* incorporate additional feedback

* more feedback

* incorporated more feedback

* fixed headings

* fixed a heading

* incorproate changes

* incorporate feedback

* modified RN based on feedback

* Update website/content/docs/concepts/oidc-provider.mdx

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* updated final release notes

* updated image

* fixed link

* added a new hyperlink to the etcd document

* add and modify notes; update scope template

* break identity docs into separate pages

* fix nav for identity token

* fix nav links; add links on overview

* use real example IDs

* fix typos

* incorporated additional feedback

Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Rosemary Wang <915624+joatmon08@users.noreply.github.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
Co-authored-by: JM Faircloth <jmfaircloth@hashicorp.com>
2021-11-15 18:02:36 -08:00
Rémi Lapeyre 677e2a1ca5
Fix some typos (#12289) 2021-11-15 14:52:04 -05:00
Yoko Hyakuna ff145d3a4f
Fix out-dated hyperlink (#13145) 2021-11-15 09:53:49 -08:00
Hridoy Roy 1279413ea2
Docs Updates for Client Counting non-entity tokens (#13134)
* some client count docs updates

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: swayne275 <swayne275@gmail.com>

* remove full link path

* more path shortening for urls

Co-authored-by: swayne275 <swayne275@gmail.com>
2021-11-12 13:12:23 -08:00
Hridoy Roy 1fc0a699d9
Docs for counting non-entity tokens in the Activity Log (#13007)
* docs for counting tokens without entities

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: swayne275 <swayne275@gmail.com>

* remove parens in docs

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* update documentation to be consistent with the non-entity token terminology

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* add line about client ids to the api docs

* syntax and grammar

Co-authored-by: swayne275 <swayne275@gmail.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-12 09:59:50 -08:00
swayne275 12faa5227b
define batch token interaction with lease count quota (#13127) 2021-11-11 16:09:44 -07:00
Loann Le 6a5fc75ff5
fixed link error (#13103) 2021-11-10 09:38:02 -08:00
swayne275 0604c12f27
Namespace API Lock docs (#13064)
* add api lock doc

* add docs nav data

* Update website/content/api-docs/system/namespaces.mdx

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>

* update command doc

* clarify locked http status code

* add example exempt path

* further exempt clarification

* link api locked response

* add x-vault-namespace api example

* Update website/content/docs/concepts/namespace-api-lock.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* review suggestions

* few other small tweaks

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-09 15:43:17 -07:00
Daniel Nathan Gray 26711ab017
Documentation consistency GPG keys are PGP keys. (#13073)
* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: s/GPG/PGP keys, use GPG's proper name

* Use GPG's proper name GnuPG

* Use GPG's proper name GnuPG

* Consistency: GPG keys are PGP keys

* Fix typo
2021-11-08 10:04:59 -08:00
Meggie bb6ba32f65
Add note that monitor command may truncate logs (#13079)
* Add note that monitor command may truncate logs

* Apply suggestions from code review

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-11-08 12:52:42 -05:00
Jason O'Donnell 16bc065c48
secrets/azure: add doc for rotate-root and AAD migration (#13066)
* secrets/azure: add doc for rotate-root and AAD migration

* Formatting

* Fix bad link, update warnings
2021-11-05 13:04:25 -04:00
castironclay c2e7aca9ca
Address algorithm not supported (#12852)
error seen on host /var/log/auth.log:
  userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]
2021-11-04 18:07:46 -04:00
Loann Le a6432ca770
added new code samples (#13030) 2021-11-03 10:10:28 -07:00
Nick Cabatoff ddf89f2708
Add more detail to recovery mode docs. (#12984) 2021-11-03 10:22:00 -04:00
Gary Frederick f16f3efed5
add missing back tick (#12941) 2021-11-02 14:06:17 -07:00
akshya96 8b89a14f13
Local auth mount documentation (#12970)
* adding documentation changes

* adding requested changes

* adding suggested changes
2021-11-02 13:23:29 -07:00
Theron Voran 3277b8441e
docs: agent cache config requirements (#13006)
Added a note that agent cache requires at least one listener or template
to be defined in the config, and a couple spelling corrections.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-11-02 11:29:40 -07:00
Victor Rodriguez f6e35369f0
VAULT-444: Add PKI tidy-status endpoint. (#12885)
VAULT-444: Add PKI tidy-status endpoint.

Add metrics so that the PKI tidy status can be monitored using telemetry as well.

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2021-11-02 11:12:49 -04:00
Alexander Scheel ecfc679283
TLS Documentation Changes (#12940)
* Add note to TLS cipher suite configuration

Ordering is no longer respected and the tls_max_version flag must be
used for this list to be relevant (as TLSv1.3 will ignore the cipher
suite list entirely).

See blog post linked in the docs for more information.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Note that server cipher suite flag is ignored

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add upgrade note about TLS cipher suites

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2021-11-01 18:14:41 -04:00
Meggie 7ca83828c4
Note on pending etcd v2 API deprecation (#12935)
* Note on pending etcd v2 API deprecation

* Updating etcd guidance to include migration
2021-11-01 11:46:28 -04:00
Yoko Hyakuna a681b363ca
Fix reported error (#12973) 2021-10-29 17:05:24 -07:00
Jim Kalafut ee6b81eb43
Add known issue about MSSQL panic (#12961) 2021-10-28 14:46:14 -07:00
Alexander Scheel 5579394b48
go-kms-wrapping update for Azure Key Vault's Managed HSM offering (#12934)
* Update to hashicorp/go-kms-wrapping@v0.6.8

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation around Managed HSM KeyVault

This introduces the "resource" config parameter and the
AZURE_AD_RESOURCE environment variable from the updated go-kms-wrapping
dependency.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry for g-k-w changes

Includes changes from @stevendpclark.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
2021-10-27 12:07:18 -04:00
Chris Capurso 7dcae18641
Update kv custom metadata docs (#12920)
* fix json code block in kv api docs

* add custom_metadata to GET, PUT, PATCH in kv api docs

* add custom_metadata to get, put, and patch in kv CLI docs
2021-10-26 15:41:40 -04:00
Guillaume b9b7f5a9a3
Added support for a LDAP user search filter. Documentation, tests and UI included (#11000) 2021-10-26 10:39:12 -07:00
Chris Capurso 509eabbff6
add custom-metadata flag docs for 'vault kv metadata put' cmd (#12729) 2021-10-25 14:08:48 -04:00
Tom Proctor 9ad06611a4
agent: Docs for auto-auth and limited-use tokens (#12918)
There are a number of auth methods that support creating tokens with a limited number of uses. However, Vault Agent doesn't track the uses remaining for its auto-auth token, so it may result in flaky permission denied responses if that limit is hit and Vault Agent remains unaware.
2021-10-25 18:25:24 +01:00
Theron Voran 96c49ee528
docs: updates for vault-k8s and vault-helm (#12901)
Documentation updates for vault-k8s 0.14.0 and vault-helm 0.17.0
releases.
2021-10-22 14:26:13 -07:00
Chris Capurso 9c8fe62818
add patch section to kv-v2 api and CLI docs (#12689)
* add data patch section to kv-v2 api docs

* fix trucated output for kv put command with cas cmd in kv-v2 docs

* wip vault kv patch CLI docs

* add new flags to 'vault kv patch' CLI command docs

* fix cas_required formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* fix cas formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* additional format fixes

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-22 15:31:03 -04:00
Andreas Gruhler 8f6e4f1923
Clarify docs for CSI provider secretArgs (#12570) 2021-10-22 16:27:24 +01:00
Nick Cabatoff d66fd98d4a
Add support for go-sockaddr templated addresses in config. (#9109) 2021-10-21 10:10:48 -04:00
Meggie fe3abd7e53
Adding upgrade note about request counters API (#12858)
* Adding upgrade note about request counters API

* Note on internal and new behavior
2021-10-21 09:58:28 -04:00
Dave Du Cros ceac6e913d
operator generate-root -decode: allow token from stdin (#12881)
* operator generate-root -decode: allow token from stdin

Allow passing "-" as the value for -decode, causing the encoded token to
be read from stdin. This is intended to prevent leaking the encoded
token + otp into process logs in enterprise environments.

* add changelog entry for PR12881

* add check/test for empty decode value passed via stdin
2021-10-20 12:29:17 -04:00
Daniel Kimsey f9100dfb42
Add documentation for vault-plugin-auth-jwt skip_browser CLI option (#12833) 2021-10-19 15:55:24 -07:00
Loann Le 1347d4c534
Vault documentation: created new identity concepts page (#12825)
* created draft PR for identity doc

* relocated identity page

* fixed error in side nav

* Fix table format

* Add Learn tutorial link

* fixed typo

* Update identity.mdx

fixed typo

* modified intro

* Removed duplicated description about entity (#12861)

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-10-19 10:56:15 -07:00
Steven Clark b75e990cb6
Update website docs regarding ssh role allowed_extensions parameter (#12857)
* Update website docs regarding ssh role allowed_extensions parameter

 - Add note within the upgrading to 1.9.0 about behaviour change
 - Prefix the important note block within the main documentation about
   signed ssh certificates that it applies pre-vault 1.9
 - Update api docs for the allowed_extensions parameter within the ssh
   role parameter.

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-19 09:30:06 -04:00
Victor Rodriguez 70a9636575
Update docs with Transform FPE advanced I/O handling features (#12744) 2021-10-15 14:51:53 -04:00
hghaf099 d016fafdf8
Documentation for custom http response headers (#12524)
* Documentation for custom http response headers

* Adding more explanation of what custom headers are and when to use them

* Header in the config takes precedence

* Update website/content/docs/configuration/listener/tcp.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Adding more information on how to use custom response headers

* adding an API link to the ui

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-10-14 16:04:35 -04:00
Pratyoy Mukhopadhyay 148109b8ed
[VAULT-3252] Disallow alias creation if entity/accessor combination exists (#12747)
* Disallow alias creation if entity/accessor combination exists

* Add changelog

* Address review comments

* Add handling to aliasUpdate, some field renaming

* Update tests to work under new entity-alias constraint

* Add check to entity merge, other review fixes

* Log duplicated accessors only once

* Fix flaky test

* Add note about new constraint to docs

* Update entity merge warn log
2021-10-14 09:52:07 -07:00
Nick Cabatoff 4b847446f3
Document autopilot metrics (#12612) 2021-10-14 09:03:17 -04:00
Alex Cahn d28370747d
Docs/vip update (#12826) 2021-10-13 18:05:19 -07:00
Alex Cahn 1fd0e65fc0
Docs/vip update (#12818)
* Update the Vault Integration program page

This includes now support for HCP Vault as well as general updates to the program

* Updated process flow image

* Adding HCP V image

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-13 13:06:09 -07:00
Loann Le ce0091f5ee
Vault Documentation: Modified What is Vault description (#12783)
* modified vault description

* modified paragraph based on feedback

* Update what-is-vault.mdx

Removed characters that were arbitrarily added.

* Update what-is-vault.mdx

changed markdown syntax for 'secret's
2021-10-13 07:48:00 -07:00
DJCrabhat 810282d469
Add nonce configuration parameter to agent AWS auto-auth documentation (#10926)
* Update aws.mdx

Was looking how to give the vault agent with AWS auth-auth the same nonce, but saw it wasn't documented.  Dove through the code, found https://github.com/hashicorp/vault/blob/master/command/agent/auth/aws/aws.go#L139 and https://github.com/hashicorp/vault/blob/master/command/agent/auth/aws/aws.go#L215 

(tried to call out the importance and point to docs, know setting `nonce` poorly could be very bad!)

* add line breaks

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-13 10:45:34 -04:00
dr-db ee3b1ac4c1
Update index.mdx (#12395)
Typo fix.
2021-10-12 18:50:20 -07:00
Mike Green c99865d970
Clarify max TTL and system max TTL behavior (#12391) 2021-10-12 13:24:07 +01:00
vinay-gopalan ef103cc618
Fix connection_url in AzureSQL Config Example in Secret Engine Docs (#12803)
* remove newline in azuresql example conn url

* add changelog

* remove changelog
2021-10-11 14:11:24 -07:00
Jason O'Donnell 8b5d386537
docs: add additional resources for vault agent templating language (#12798)
* docs: add templating language links

* docs: add templating language links
2021-10-11 14:31:50 -04:00
Loann Le 964a0f3b15
Vault documentation: added new code sample to Kubernetes documentation (#12774)
* added new code sample for k8s auth

* Update kubernetes.mdx

removed spacing
2021-10-08 14:57:53 -07:00
Loann Le 833b51dbba
Documentation: added new c# code samples to Vault documentation (#12769)
* added new code sample for C-sharp

* Update aws.mdx

Removed extra spacing

* added more code samples

* Update gcp.mdx

removed spacing

* Update aws.mdx

remove spacing
2021-10-08 08:54:26 -07:00
Rowan Smith 893a4b9051
raft auto_join_scheme documentation update (#12701) 2021-10-08 08:32:50 -04:00
Jim Kalafut 65d0718a17
Update docs to reference paths filters instead of mount filters (#12717) 2021-10-07 22:53:07 -07:00
Jason O'Donnell 403595fa9f
docs: add note for rolesets to avoid globs in policies (#12756)
* docs: add note for rolesets to avoid wildcards in policies

* Add note about not using example

* Change wildcard to glob

* Update website/content/docs/upgrading/upgrade-to-1.8.0.mdx

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>

* Update documentation per review

* Update per review

* Update website/content/docs/upgrading/upgrade-to-1.8.0.mdx

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2021-10-07 15:35:56 -04:00
Rowan Smith f21be1ed1c
updated vault.core.license.expiration_time_epoch (#12760) 2021-10-07 07:14:25 -04:00
Michael Boulding 79662d0842
Patch to support VAULT_HTTP_PROXY variable (#12582)
* patch to support VAULT_HTTP_PROXY variable

* simplify the proxy replacement

* internal code review

* rename to VAULT_HTTP_PROXY, apply within ReadEnvironment

* clean up some unintended whitespace changes

* add docs for the new env variable and a changelog entry

Co-authored-by: Dave Du Cros <davidducros@gmail.com>
2021-10-06 09:40:31 -07:00
Calvin Leung Huang 752e4a48a1
docs: add plugin limits and lifecycle sections (#12697)
* docs: add plugin limits and lifecycle sections

* remove extranous comments on the limits page

* add more lifecycle cases, review feedback

* address follow-up review feedback

* rename section to "External plugin limits"
2021-10-01 11:59:13 -07:00
Siddharth 97914173fe
Update plugin-portal.mdx (#12681) 2021-09-30 11:00:44 -07:00
Loann Le 037c538ed0
Updated documentation: added new code example and reference (#12693)
* added new code example

* Update website/content/docs/concepts/auth.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/concepts/lease.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update lease.mdx

* Update website/content/docs/concepts/lease.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-09-30 10:46:01 -07:00
Jim Kalafut 06d53f1b18
Highlight that password policies are defined in a namespace (#12692) 2021-09-30 09:41:45 -07:00
Theron Voran 1210a9d319
docs: vault-k8s-0.13.1 vault-helm-0.16.1 (#12680)
Vault K8s 0.13.1 and Vault Helm 0.16.1 updated the default Vault
image, so making the corresponding docs updates here.
2021-09-30 08:49:56 -07:00
Michael Golowka bee49a4c49
Update Azure secrets engine to use MS Graph (#12629) 2021-09-29 11:28:13 -06:00
jweissig f854b4446f
docs: updated enterprise package name (#12667)
Updated docs to align with Enterprise package name.
2021-09-29 10:17:31 -04:00
Blake Covarrubias 0963230b8c
docs: Remove permissive policies in Consul ACL examples (#12454)
The ACL policy examples documented on the Consul Storage Backend and
Consul Service Registration pages are too permissive. Both policies
unnecessarily grant agent:write and node:write access for all agents
within the Consul datacenter. When Consul is used solely for service
registration, `service:write` is only required permission.

This commit modifies the policy for the Consul Storage Backend to
remove node:write access, and changes agent:write to agent:read.

The policy on the Consul Service Registration page is updated to
remove all KV-related privileges, and solely grant the necessary
service:write permission.
2021-09-28 14:13:41 -07:00
Loann Le e94ab7c1f5
Documentation update: Added tuner parameters to the Sensitive information section (#12655)
* added tuner parameter to doc

* reworded the text

* updated text based on feedback

* fine-tuning sentence

* changed to relative links
2021-09-28 11:44:46 -07:00
Francisco Navarro Morales 5bff0d5fc3
Fix typo in command (#12619)
Add missing space after `cut -d`
2021-09-27 12:37:03 -07:00
Mike Green 373f50af47
Add rotate-root cli (#11192) 2021-09-23 09:00:25 -07:00
aphorise f4c1a09e25
Docs: Seal pkcs11 updated example with actual hex slot reference and … (#12530)
* Docs: Seal pkcs11 updated example with actual hex slot reference and notes related to decimal conversion. Minor correction to **Note** area in 'lib' parameter above 'slot'.

* Docs: Seal pkcs11 slot note correction.
2021-09-22 16:55:20 -04:00
Kamal Mahmud 9c0e439d33
Add additional info on v1 KV engine (#12522)
Added information flag to enable v1 KV secret engine in dev mode
2021-09-22 13:31:46 -07:00
Nick Cabatoff 4cca2e0303
Update telemetry docs to include HA forwarding metrics. (#12611) 2021-09-22 12:10:26 -04:00
Tom Proctor 181269f8e1
Revert "Update installation.mdx (#12516)" (#12571)
This reverts commit ab5ad87945177dd0bab6cbcfdf6cc8507bba8c5d.
2021-09-22 11:54:25 +01:00
Loann Le b1cff88fff
added browswer support (#12587) 2021-09-21 13:48:21 -07:00
Yoko Hyakuna 8a122201bc
Add code snippet to demonstrate GCP auth in Go (#12578)
* Add code snippet to demonstrate GCP auth in Go

* Fix a grammatical error
2021-09-17 20:51:07 -07:00
Pratyoy Mukhopadhyay 0819eac6a8
Update token renew docs (#12572)
* Update docs for token renew api and cli

* Clarify api docs for renew/renew-self

* Update wording around periodic tokens
2021-09-16 16:54:46 -07:00
Theron Voran b2418a3a8c
docs: vault-k8s 0.13.0 and vault-helm 0.16.0 (#12573) 2021-09-16 14:58:02 -07:00
Meggie 78bb7d3808
Some docs notes (seal migration + go discover link) (#12542)
* Was confused by pre1.5.1 auto->auto note

* Helpful note on go-discover
2021-09-16 10:22:38 -04:00
Mitali Bisht 89271bf0ca
Added Artifactory secrets plugin (#12528)
* Added Artifactory secrets plugin

Added Artifactory secrets vault plugin under partner programs

* Update plugin-portal.mdx
2021-09-13 15:30:31 -07:00
Aaditya S fbe2462420
Fix typo in lease renew documentation (#10651)
The documentation for `renew` is showing the output for `revoke`.
2021-09-13 11:57:10 -07:00
Lukas Grossar 2f025ef30f
Add link to go-discover README to raft documentation (#10679) 2021-09-10 14:40:36 -07:00
Mike Green 68c561389f
add example for secret tuning (#12503) 2021-09-10 09:10:33 -07:00
Justin Weissig 8a721ef225
docs: update packaging (#12527)
* docs: update packaging

Update language to support current enterprise packaging.

* Update performance-standby.mdx
2021-09-09 14:36:15 -07:00
Theron Voran ed1088d81c
docs: k8s auth issuer lookup (#12506)
Moved the issuer discovery details to from the CSI docs to the K8s
auth docs.
2021-09-09 08:39:21 -07:00
Jim Kalafut 162d9eb095
Update 1.8 upgrade guide (#12518) 2021-09-08 13:14:51 -07:00
Alex Cahn dd0f3d9f2d
Update installation.mdx (#12516)
Updating based upon feedback from ServiceNow review
2021-09-08 12:57:15 -07:00
klucks83 eca34706d7
Update Auto Unseal info to say KMS instead of EKS (#10256)
While EKS may be the managed kubernetes environment under the hood, I believe the idea behind this section of the documentation is to use AWS KMS for seal/unseal operations, not EKS.  (i.e. The surrounding documentation is discussing other Auto Unseal options such as Google KMS.)  

The use of the term EKS instead of KMS made it hard for me to discover this section of documentation, and was a little confusing at first until I realized the possible error.
2021-09-08 10:06:24 -07:00
Justin Weissig 718a5f04c9
docs: update packaging (#12459)
* [WIP] docs: update packaging

Update language to support current enterprise packaging.

* Update index.mdx

* Update entropy-augmentation.mdx

* Update entropy-augmentation.mdx

* Update control-groups.mdx

* Update sealwrap.mdx

* Update index.mdx

* Update control-groups.mdx

* Update entropy-augmentation.mdx

* Update index.mdx

* Update index.mdx

* Update sealwrap.mdx

* Update index.mdx

* Update index.mdx

* Update index.mdx
2021-09-08 08:59:25 -07:00
mickael-hc d2310302a1
docs: provide clarifications for github auth method and ssh secrets engine (#12495)
* Clarify that any org GitHub user token can be used

* Clarify ssh secrets allowed_extensions behaviors
2021-09-08 10:55:35 -05:00
Rowan Smith b4dbd46928
audit page tweaks based on customer feedback (#12504) 2021-09-08 09:21:36 -04:00
Nicholas Seemiller 8bc69a4ccc
Update examples.mdx (#12333)
Deployment manifest has incorrect `envs` tag. It should be `env`
2021-09-07 17:32:22 -04:00
Pratyoy Mukhopadhyay 448ba32bf4
Update kv input documentation with edge case (#12500) 2021-09-07 13:15:33 -07:00
Pratyoy Mukhopadhyay 994372697b
Remove deprecated reauth function from docs (#12482) 2021-09-03 06:09:21 -07:00
Yoko Hyakuna 7c9b06da99
Fix isues 12397 (#12484) 2021-09-02 17:03:55 -07:00
Zadkiel 6d7ad94097
fix: update injector resources requirements (#11198) 2021-09-02 08:01:02 -07:00
Mike Green c04518044a
Clarify on overview page that audit is default replicated (#12298)
* Note that audit is replicated

* tweak

* clarify local is to the cluster, not only the node

* tweaking. i think this makes more sense
2021-09-01 13:53:01 -07:00
Loann Le d385747027
adding ARN in description (#12477) 2021-09-01 13:12:20 -07:00
Nick Cabatoff 8154cd2e4a
Add notes re dangers of identity write endpoints. (#12365) 2021-08-30 10:23:33 -04:00
Meggie 67dcbf1dea
Upgrade note for Alpine 3.14 docker images (#12450)
* Upgrade note for Alpine 3.14 docker images

It might break things for some people

* Add CVE #

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>

* Adding upgrade note to all relevant versions

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
2021-08-27 12:33:44 -04:00
Loann Le 97a3fd4287
Seal Migration Doc: Modified existing note (#12444)
* changed note

* fixed spacing issue

* Update website/content/docs/concepts/seal.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* modified intro

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-08-26 16:06:23 -07:00
Nick Cabatoff 4f30a01068
Remove the old license instructions from the Enterprise index page. (#12400) 2021-08-25 12:16:38 -04:00
Calvin Leung Huang 306071f8b8
docs: fix exit flag reference on agent (#12401) 2021-08-24 14:26:56 -07:00
Meggie 98678e4caf
Upgrade note for RedHat package issue (#12345)
* Upgrade note for RedHat package issue

* Reverse ordering of upgrade guides

* Refining affected versions
2021-08-24 13:07:26 -04:00
swayne275 8b033c3c49
add known issue for dr secondary lease count quota invalidation (#12288)
* add known issue for dr secondary lease count quota invalidation

* Update website/content/partials/lease-count-quota-upgrade.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* put known issues to main 1.6 and 1.7 pages

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-08-23 15:58:06 -06:00
hghaf099 94ece6fd38
Lease count quotas does not apply to root tokens (#12405) 2021-08-23 17:22:28 -04:00
Chris Capurso 3f4a381f1b
Add kv custom key metadata (#12218)
* add custom-metdata flag to "kv metadata put" command

* add kv metadata put command test for custom-metadata flag

* add custom_metadata to kv-v2 api docs

* add custom_metadata to kv-v2 cli docs

* update go.mod

* Add custom metadata limits to docs

* add changelog entry

* update vault-plugin-secrets-kv to @master
2021-08-23 15:49:09 -04:00
Theron Voran f90b7104cd
docs: updates for vault-helm-0.15.0 and vault-k8s-0.12.0 (#12373)
Also simplifies the cert-manager example
2021-08-23 09:39:36 -07:00
Alex Cahn e4e8555e3a
Fixed a slight grammar mistake (#12356) 2021-08-20 12:08:34 -07:00
Mike Green 16794711d5
Add agent approle method example (#12297) 2021-08-19 11:03:57 -04:00
Meggie 0328598798
Removing line about consul consistency (#12353) 2021-08-19 10:01:47 -04:00
Nick Cabatoff f7cb7a19b2
Add docs for metrics from #11472. (#12278) 2021-08-19 09:49:00 -04:00
Andrei Burd b868dac12c
Docs: k8s annotations for static_secret_render_interval (#12244)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-08-18 13:41:16 -07:00
John-Michael Faircloth 30f470915f
docs: draft update guide for identity token roles (#12337) 2021-08-17 11:27:32 -05:00
Loann Le 4e3b66a2d7
Vault Documentation: Added Glossary (#12324)
* added glossary

* Update website/content/docs/glossary.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* Update website/content/docs/glossary.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>

* modified secrets and barrier content based on feedback

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-16 13:08:44 -07:00
Jim Kalafut 75b3dec8be
Add draft upgrade guide (#12332) 2021-08-16 10:58:09 -07:00
Yoko Hyakuna 7cfbc0350d
[Docs] Add code example (#12302)
* Experiment adding code example

* Add Go code snippet

* Minor updates to the brief description

* Add a note to reference 'Code Example'

* Fix the title

* Add a callout note up front
2021-08-12 12:53:15 -07:00
Jim Kalafut af57e56f09
Add AWS EC2 Auth known issue (#12316) 2021-08-12 10:45:32 -07:00
Andrei Burd 63de67d891
Agent template static secrets docs update (#12307)
* Agent template static secrets docs update

static_secret_render_interval mention

* Update website/content/docs/agent/template.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
2021-08-11 12:30:37 -04:00
hghaf099 f885d97774
VAULT-2285 adding capability to accept comma separated entries for au… (#12126)
* VAULT-2285 adding capability to accept comma separated entries for auth enable/tune

* Adding changelog

* Adding logic to detect invalid input parameter for auth enable config

* Updating tune.mdx

* Updating secret enable/tune for comma separated parameters

* Adding further parameter checks for auth/secret tests
Fixing changelog
using builtin type for a switch statement
Fixing a possible panic scenario

* Changing a function name, using deep.Equal instead of what reflect package provides

* Fixing auth/secret enable/tune mdx files

* One more mdx file fix

* Only when users provide a single comma separated string in a curl command, split the entries by commas

* Fixing API docs for auth/mount enable/tune for comma separated entries

* updating docs, removing an unnecessary switch case
2021-08-09 15:37:03 -04:00
Meggie b43f9c10cc
Master -> Main on CL links (#12286) 2021-08-09 12:57:19 -04:00
Theron Voran 3455adc885
docs: vault-k8s and cert-manager (#12281)
Adding an example of configuring vault-k8s to use cert-manager for
managing the webhook certs.

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
2021-08-06 17:56:15 -07:00
Austin Gebauer bf086e8dc6
auth/oidc: documents redirect URI for UI login with form_post response_mode (#12273) 2021-08-05 15:13:33 -07:00
Loann Le 7ef0c4bde9
replaced changelog link (#12259) 2021-08-04 12:07:22 -07:00
Mike Green 65c449063b
Add link to Learn's usage tutorial (#11199)
* Add link to Learn's usage tutorial

* Update website/content/docs/commands/operator/usage.mdx

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>

Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
2021-08-03 16:19:09 -07:00
Jim Kalafut 0c678f14a0
Add link to plugin upgrade instructions (#12043) 2021-08-03 15:58:17 -07:00
mickael-hc 795a5fea43
docs: add barrier key auto-rotation to internals/rotation (#12149)
This functionality was introduced in Vault 1.7.0 and is documented in api-docs/system/rotate-config
2021-08-03 15:52:24 -07:00
Meggie 034f09c373
Adding upgrade note about arm64 (#12240) 2021-08-03 11:54:55 -04:00
Jonathan Ballet dd33777d17
Improve "Integrated Storage" documentation (#12200)
* Improve "Integrated Storage" documentation

* add missing markup
* add more links to the configuration pages

* Improve the Raft Storage configuration page

* More markup

* Improve the "High Availability" documentation

* More links to the configuration pages

* More links

* even more links
2021-07-30 15:05:15 -07:00
Theron Voran d2e2761aee
docs: updates for vault-k8s v0.11.0 (#12209) 2021-07-29 14:52:29 -07:00
Theron Voran 5e113abbf4
docs: updating for vault-helm v0.14.0 (#12206)
And found a couple missing values
2021-07-29 11:16:08 -07:00
Vishal Nayak ab232b9d9a
Update docs to reflect support for autopilot DR (#12097)
* Update docs to reflect support for autopilot DR

* Reword sentence

* Fix link

* Fix link
2021-07-29 12:40:27 -04:00
Rowan Smith 8924e7d656
Fixed typo for 'forward' value in relation to caching (#12199) 2021-07-29 07:41:08 -04:00
SaintMalik 4223ddf6fd
Docs: Fix broken link (#12192)
* Docs: Fix broken link

What does this PR do

Fix dead or broken links in this docs page, making navigation easy for others.

* fixing broken link

* fixing broken links
2021-07-28 13:18:54 -07:00
akosuadenell 5f57fa205f
Update template.mdx (#11913)
Deleted duplicate text
2021-07-28 11:54:15 -07:00
Jim Kalafut 64b7f8eb1a
Add 1.8 release notes (#12190) 2021-07-28 08:54:09 -07:00
Jim Kalafut f86cede572
Add 1.8 upgrade guide (#12186) 2021-07-28 08:46:40 -07:00
John-Michael Faircloth fa9c5dc67c
docs: Update Database Capabilities to include username customization (#12172)
* docs: Update Database Capabilities to include username customization

* add operator/diagnose to the index file
2021-07-27 10:33:12 -05:00
Hridoy Roy fff7dc7a40
Diagnose docs + changelog (#12159)
* save

* diagnose docs

* changelog

* changelog formatting
2021-07-26 08:45:12 -07:00
Jacob e579cf4ad1
docs/update replication seal table (#12147)
* Update replication.mdx 

Add separate secondary seal and recovery key columns to better distinguish what is updated in each scenario.

* Update replication.mdx, fix caps.
2021-07-22 15:41:36 -04:00
Nicholas Seemiller 87ff4bfac8
Create Kubernetes Namespace (#11902)
If you're setting up vault for the first time on a cluster, the namespace may not exist.

Add a step to create the namespace.
2021-07-22 15:41:22 -04:00
Nick Cabatoff 9a26209a9d
Fix a couple of broken links to api docs. (#12143)
* Fix a couple of broken links to api docs.

* Qualify deprecation.
2021-07-21 13:09:32 -07:00
John-Michael Faircloth 877b8166f2
docs: Update Database Capabilities to include username customization (#12130)
* Update Database Capabilities docs page to include username customization column

* fix elasticdb entry, yes for 1.8+
2021-07-21 13:24:22 -05:00
swayne275 ed361ee8da
Fix minor typo in Internals/Plugins documentation (#12113)
* fix minor plugin doc typo

* fix limits of of typo and related

* forgot to save on this typo fix
2021-07-20 07:21:24 -06:00
Nick Cabatoff e98b45fc79
Fix license expiration metric name in docs. (#12125) 2021-07-19 19:19:32 -04:00
Pratyoy Mukhopadhyay 3990446e46
Update some metric types, fix some wording (#12122) 2021-07-19 14:54:24 -07:00
Meggie 08de78aedd
Elaborating on telemetry persistence (#12119)
* Elaborating on telemetry persistence

Some users understand how an aggregator relates to Vault telemetry, and
some users are approaching this concept for the first time. Those newer
to the concepts benefit from some extra clarification that the metrics
sourced directly from Vault aren't stored anywhere.

Sources:
https://prometheus.io/docs/concepts/metric_types/
https://github.com/OpenObservability/OpenMetrics/blob/main/specification/OpenMetrics.md
https://docs.splunk.com/observability/metrics-and-metadata/metric-types.html

* Updated summary note
2021-07-19 16:12:29 -04:00
Dave Shepherd f6770be254
Add AWS Cognito secrets engine to community section of the plugins website page (#11966) 2021-07-16 13:22:33 -07:00
Mike Green 20b84c4deb
Docs: Add link to more sentinel examples (#11931) 2021-07-16 16:20:41 -04:00
Josh Black 9052ed6466
Document bolt metrics (#12107) 2021-07-16 11:44:30 -07:00
Tom Proctor 47457b1298
Add ServiceNow credential resolver docs (#11996)
* Add ServiceNow credential resolver docs

* Add information about using system CAs

* Add field mappings and troubleshooting tips
2021-07-16 10:53:14 +01:00
Danny Hermes 16c3c4902a
Typo fix: period rotation -> periodic rotation (in transit docs) (#12030) 2021-07-15 08:18:09 -04:00
John-Michael Faircloth 07e00882b8
[docs] secrets/identity - grammar and punctuation fixes (#12065)
* some grammar and punctuation fixes

* remove unneeded char
2021-07-14 14:35:10 -05:00
Mike Green 217f69f8d2
docs/stepdown-clarification (#12077) 2021-07-14 15:10:07 -04:00
Loann Le 59bf7b9b09
removed sentence from intro (#12076) 2021-07-14 10:08:04 -07:00
Jason O'Donnell 8bc9790bf4
docs: fix formatting in azure secrets overview (#12058) 2021-07-13 14:55:53 -04:00
Yong Wen Chua 7ea650bc06
Update Documentation for GCP Static Account (#12027)
* Update API Docs for Static Account

* Update CHANGELOGs

* Update guide

* Clarify IAM

* More refinement

* Fix missing replace of roleset while copy/pasting

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Remove CHANGELOG

* Fix some double ticks

* Apply suggestions from code review

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>

* Update examples

Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2021-07-13 09:36:05 -07:00
Meggie 02d5ce7374
Add replication example to upgrade docs (#12040) 2021-07-12 13:13:45 -04:00
Thor db9edf519b
cockroachdb: Fix either incorrect or outdated info (#11512)
The documentation stated that Vault would not create the table
if it doesn't exist. But Vault does attempt to create the table if
it doesn't exist.

Ref:
https://github.com/hashicorp/vault/blob/master/physical/cockroachdb/cockroachdb.go#L84
2021-07-09 14:30:21 -07:00
Pratyoy Mukhopadhyay 9b5e89bd34
[VAULT-2776] Add prefix_filter option to Vault (#12025)
* [VAULT-2776] Add prefix_filter support to vault

* [VAULT-2776] Add filter_default config, update docs

* [VAULT-2776] Add changelog file

* [VAULT-2776] Update telemetry tests and error handling

* [VAULT-2776] Add test fixtures, update test

* [VAULT-2776] Update gitignore hcl filter
2021-07-09 14:49:53 -05:00
Loann Le 43265d6626
changed name from faqs to faq (#12033) 2021-07-09 09:13:49 -07:00
Danny Hermes a4bb9baf48
Typo fix: period rotation -> periodic rotation (#12011) 2021-07-08 10:45:49 -04:00
Jason O'Donnell 0bc339a2f8
docs: add SSL connection example to oracle (#12006)
* docs: add SSL connection example to oracle

* Fix link

* Add quotes to path
2021-07-07 12:47:49 -04:00
Jason O'Donnell 5a3bf9b506
docs: fix link rendering for Oracle (#11994)
* docs: fix link rendering for Oracle

* Fix render
2021-07-06 13:25:36 -04:00
Mike Green 7878db7c2c
Add link to newish learn upgrade guide (#11748) 2021-07-01 08:12:57 -07:00
Pratyoy Mukhopadhyay c7e6a07939
Augment lease revocation metrics (#11954)
* [VAULT-1982] Add metric for irrevocable leases

* [VAULT-1982] Add metric for tracking worker count per queue

* [VAULT-1982] Update external docs

* [VAULT-1982] Add nil check on metrics sink

* [VAULT-1982] Update metric name, fix access patterns

* [VAULT-1982] Add locking when marking leases as irrevocable

* [VAULT-1982] Remove workers per mount metric

* [vault-1982] Misc review fixes

* [VAULT-1982] minor refactor

* [VAULT-1982] Add/update some comments
2021-06-30 14:37:36 -07:00
Nick Cabatoff 7ad3f74e07
Add overlooked 1.7 agent cache eventual consistency options. (#11964) 2021-06-29 15:36:10 -04:00
Austin Gebauer b34e24fa64
docs: AWS KMS updates for key management secrets engine (#11958) 2021-06-29 10:31:25 -07:00
Jason O'Donnell b2c9b3c344
plugins/ad: Add rotate-role endpoint (#11942)
* plugins/ad: add rotate-role

* Add doc

* changelog

* Add note about rotate-role in overview
2021-06-25 14:00:03 -04:00
Theron Voran 5c5a57626e
docs: vault-helm add license update steps (#11911)
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-06-25 08:49:48 -07:00
Jason O'Donnell b2b25be0ce
agent/template: add static_secret_render_interval configurable (#11934)
* agent/template: add default_lease_duration config

* go mod tidy

* Add changelog

* Fix panic

* Add documentation

* Change to static_secret_render_interval

* Update doc

* Update command/agent/template/template.go

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update changelog/11934.txt

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-06-24 15:40:31 -04:00
Austin Gebauer 920b75540e
docs: corrects json and issuer for identity tokens (#11924) 2021-06-23 09:04:23 -07:00
Nick Cabatoff 022ccc2657
Document vault.core.expiration_time_epoch metric. (#11919) 2021-06-22 14:31:08 -04:00
Calvin Leung Huang c1a2a939f9
agent: restart template runner on retry for unlimited retries (#11775)
* agent: restart template runner on retry for unlimited retries

* template: log error message early

* template: delegate retries back to template if param is set to true

* agent: add and use the new template config stanza

* agent: fix panic, fix existing tests

* changelog: add changelog entry

* agent: add tests for exit_on_retry_failure

* agent: properly check on agent exit cases, add separate tests for missing key vs missing secrets

* agent: add note on difference between missing key vs missing secret

* docs: add docs for template_config

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* docs: fix exit_on_retry_failure, fix Functionality section

* docs: update interaction title

* template: add internal note on behavior for persist case

* docs: update agent, template, and template-config docs

* docs: update agent docs on retry stanza

* Apply suggestions from code review

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update changelog/11775.txt

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* agent/test: rename expectExit to expectExitFromError

* agent/test: add check on early exits on the happy path

* Update website/content/docs/agent/template-config.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Jason O'Donnell <2160810+jasonodonnell@users.noreply.github.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-06-21 16:10:15 -07:00
Mike Green fe56eaa1b7
Clarify upgrade steps and shutdown behavior (#11881)
* Clarify upgrade steps and shutdown behavior

* add mlock to standby as well
2021-06-18 11:42:55 -07:00
Nick Cabatoff 515f41558d
Docs for license autoloading. (#11886) 2021-06-18 12:19:18 -04:00
Yoko Hyakuna ed8511f8bf
Updated 'plus' > 'pro' (#11892) 2021-06-17 13:58:16 -07:00
Theron Voran e47be738b2
docs: update for vault-helm v0.13.0 (#11890) 2021-06-17 12:25:19 -07:00
Theron Voran b9d0b1a457
docs: vault-helm license support for enterprise (#11848) 2021-06-17 11:46:21 -07:00
Loann Le 81994cf795
Added new folder and files for Vault License FAQs (#11809)
* added new files for faqs

* added another question

* fixed a few typos

* Update website/content/docs/enterprise/license/index.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* added a link to FAQs page

* Update index.mdx

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* incorporated feedback

* Update website/content/docs/enterprise/license/faqs.mdx

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2021-06-16 09:23:05 -07:00
Yoko Hyakuna 7c514c99cb
Remove a broken link (#11868) 2021-06-15 10:38:16 -07:00
Calvin Leung Huang 89f25d4c2a
docs: add troubleshooting sub-section on plugins (#11858)
* docs: add troubleshooting sub-section on plugins

* docs: fix grammatical error
2021-06-14 12:50:43 -07:00
Tom Proctor b7f5c60a29
Add more detailed documentation on setting issuer for CSI provider (#11839) 2021-06-14 16:41:22 +01:00
moayadi 6ead26183b
login instructions not correct (#11698)
vault login -path=radius username=sethvargo should be changed to -method, not -path
2021-06-14 11:09:47 -04:00
Jason O'Donnell c9c72d079b
docs: add permissions required for cassandra (#11844) 2021-06-11 14:47:34 -04:00
Philip Jay 59a2ae9c20
Include note about ManageOwnAccessKeys stanza (#11734)
It's optional.  Make that clear.
2021-06-11 12:03:21 -04:00
Maha Sharabinth b2c9af2c74
Add note about JSON encoding to password policies docs (#11754)
Updated content to notify the users that the Special and Control characters will be escaped as per the JSON specification.
2021-06-08 11:45:00 -06:00
Loann Le eacf7bd1c7
moved client content from cloud to vault (#11776)
* moved client content from cloud to vault

* Empty commit trigger

Co-authored-by: Michele <mdeggies@gmail.com>
2021-06-07 14:19:42 -07:00
Hridoy Roy 1782b4e880
oss part of control groups upgrade (#11772)
* oss part of control groups upgrade

* changelog and docs

* formatting

* formatting
2021-06-07 09:15:35 -07:00
Oleksandr Melnyk 00150e9bf5
11688 Update docs about stackdriver telemetry (#11699)
* 11688 Update docs about stackdriver telemetry

* 11688 Update docs about stackdriver telemetry
2021-06-02 17:20:06 -04:00
Mark Lewis 3e79e8252a
Update security.mdx (#11725) 2021-05-29 16:15:41 -07:00
Mark Lewis 76ee252953
Update architecture.mdx (#11724) 2021-05-29 16:14:21 -07:00
Tom Proctor 96278a33d8
Clarify supported TCP listener config options for Agent (#11714) 2021-05-27 15:47:45 +01:00
Jason O'Donnell cd5ee2a6ee
docs/k8s: update for latest releases (#11701) 2021-05-25 15:13:00 -04:00
Anthony Burke 4e23452620
Changes role/roles (#11655) 2021-05-24 09:19:14 -07:00
Patrick Picard 4f587ad91f
Update index.mdx (#11644) 2021-05-24 08:43:53 -07:00
Theron Voran 6bdfe4d600
docs: small fixes in k8s docs (#11679)
indentation and spelling
2021-05-20 14:37:49 -07:00
Marc Falzon 31386218de
Add Exoscale plugins to the list of partner plugins (#11592)
This change adds the Exoscale auth/secrets plugins to the list of
partner plugins on the website "Plugin Portal" page.
2021-05-19 11:35:19 -07:00
Mark Lewis 322261c037
Update policies.mdx (#11618)
Suggested PR to use more inclusive language.
2021-05-18 13:02:40 -07:00
Austin Gebauer 872a4bd25f
Update GCP auth docs for signJwt transition to Service Account Credentials API (#11568) 2021-05-11 16:57:12 -07:00
Meggie ffda908b15
Add functional to logical description (#11263)
Based on the gap analysis.
2021-05-11 10:41:52 -04:00
Dave D'Amico 1d5d576a3e
SIGHUP syntax to update log level (#10972) 2021-05-07 08:30:11 -04:00
Zachary Shilton 3fad03e9ff
website: support hidden pages in nav-data (#11528)
* website: bump to docs-page prerelease, support hidden pages

* website: switch to hidden pages approach for docs and api-docs

* website: remove temporary fix for hidden pages, and related check

* website: fix content structure issue with docs/auth/jwt

* website: bump to latest pre-release

* website: bump to stable docs-page, w next-mdx-remote bump

* website: bump to latest markdown-page
2021-05-06 13:32:25 -04:00
Nick Cabatoff 67374ba14d
Document the sync option for revoke/revoke-prefix. (#11538) 2021-05-06 10:18:46 -04:00
Jason O'Donnell 41ead5fb69
docs: remove duplicate config from csi (#11529) 2021-05-04 16:28:12 -04:00
Hridoy Roy 2945d95cb6
fix ff3 link (#11524) 2021-05-04 09:47:13 -07:00
Jason O'Donnell 194f1b3937
docs: add missing csi mount config (#11518) 2021-05-03 16:54:20 -04:00
Meggie 5d4341e4d6
docs: adding a storage concepts page (#9155)
* Adding a storage concepts page

It very briefly covers some considerations for taking backups.

* Apply suggestions from code review

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* Updated with some additional comments

* Attempt to further clarify sensitivity

* Update storage.mdx

* More on "Why backup?"

Added HashiConf talk link.

* Update website/content/docs/concepts/storage.mdx

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2021-04-28 10:51:36 -04:00
Artur Frysiak 3da7cdffc7
Fix endpoint path in example (#11437) 2021-04-27 14:53:19 -05:00
Jason O'Donnell ddfe5342c5
docs: add missing configurations for CSI documentation (#11236) 2021-04-26 17:32:00 +01:00
Yoko bc91eef281
[Docs] Add relevant Learn tutorial links (#11440)
* Add cross-links to matching Learn tutorials

* Undo automatic format update by Atom

* Fix a typo

* Fix a grammartical error
2021-04-22 10:09:31 -07:00
Nick Cabatoff a62202eb87
Document unauth pprof and the new pprof endpoints. (#11413) 2021-04-21 15:21:59 -04:00
Austin Gebauer 81744c4094
Updates docs for G Suite config in JWT/OIDC auth method (#11418) 2021-04-21 10:59:37 -07:00
Josh Black 06809930a3
Add HTTP response headers for hostname and raft node ID (if applicable) (#11289) 2021-04-20 15:25:04 -07:00
xka5h 034442b9ee
Update index.mdx to fix link to vault agent as a windows service link (#11356)
* Update index.mdx

fixed link for windows agent

* removing the 's' in agents

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
2021-04-19 11:36:43 -07:00
Noah Fontes 0f45cd37ea
Add community-maintained OAuth 2.0/OIDC secrets plugin to plugin portal docs (#11280) 2021-04-19 11:20:50 -07:00
Nick Cabatoff 50a471a5e1
Add config docs for leader_tls_servername. (#11369) 2021-04-16 09:40:42 -04:00
Jason O'Donnell cc107171e2
docs: update vault-helm to 0.11.0 (#11355)
* docs: update vault-helm to 0.11.0

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-04-14 11:20:26 -04:00
Tom Proctor 1139ce7cce
Add documentation for vault-csi-provider namespace config (#11344) 2021-04-14 14:53:15 +01:00
Jason O'Donnell 0363fcd3fb
docs: update vault-k8s to 0.10.0 (#11354) 2021-04-14 09:46:28 -04:00
Tom Proctor f932999bda
Add TFE/TFC auth plugin to plugin portal (#11348)
* Add TFE/TFC auth plugin to plugin portal

As requested in #11202, this is an auth plugin designed to be run within TFE/TFC.

* Expand acronyms
2021-04-13 10:22:38 -07:00
Jason O'Donnell 11d779154d
docs: add persistent cache (#11272)
* docs: add persistent cache

* Clarify documentation

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/agent/caching/persistent-caches/kubernetes.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update index.mdx

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update index.mdx

* Update kubernetes.mdx

* Resolve conflicts

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2021-04-08 10:19:17 -04:00
Roger Berlind 2762c45c9b
add Vault Enterprise license page (#11261)
* add Vault Enterprise license page

* move license to index.mdx

* Remove `.mdx` from the hyperlink URL

Co-authored-by: Yoko <yoko@hashicorp.com>
2021-04-07 14:31:06 -07:00
Bryce Kalow d5deb4ba79
website: fix incorrectly formatted frontmatter (#11290) 2021-04-06 15:37:13 -07:00
Nick Cabatoff 70cf7579de
How to create clusters with integrated storage, TLS, and dynamic nodes (#10865) 2021-04-06 17:25:22 -04:00
Bryce Kalow b76a56d40c
feat(website): migrates nav data format and updates docs pages (#11242)
* migrates nav data format and updates docs pages

* removes sidebar_title from content files
2021-04-06 13:49:04 -04:00
Jim Kalafut 11f43ef6a6
Update upgrade guide and changelog with AWS Auth deprecations (#11201) 2021-03-26 15:32:15 -07:00
Jason O'Donnell 6a92a8bd78
docs: add CSI documentation (#11203)
* docs: add CSI documentation

* Fix typos

* Improvements

* Improvements

* Update website/content/docs/platform/k8s/csi/installation.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/configurations.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/configurations.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* review feedback

* Fix typo

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-03-26 11:08:55 -04:00
Kyle MacDonald a3272e7276
website: revert …/integrated-storage path (#11204)
this path was recently changed to /integratedstorage but broke some existing links.
2021-03-25 16:31:20 -04:00
Alex Cahn 284af1cf4b
Adding HSM PKI plugin (#11207)
Adding a newly discovered community plugin
2021-03-25 12:13:37 -07:00
Hridoy Roy 69bde9ec9b
website: fix for ff3-1 doc formatting (#11206) 2021-03-25 14:56:47 -04:00
Jason O'Donnell 081d3e9f03
docs: update vault-helm to 0.10.0 (#11200)
* docs: update vault-helm to 0.10.0

* Missing codeblock

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-03-25 14:53:45 -04:00
Meggie 335dc8423a
Fixing some typos (#11195) 2021-03-25 10:51:31 -04:00
Meggie 11f9c4156f
Update website for 1.7.0 (#11193)
* Stub upgrade guide and version update

* Finalizing upgrade notes

* Fixing clobbered barrier notes
2021-03-24 17:32:23 -04:00
Darshana Sivakumar 5f2995f66b
Create 1.7.0.mdx (#11185)
* Create 1.7.0.mdx

Release notes for Vault 1.7

* Added sidebar, headings

We needed the sidebar and I thought the headings looked better than the
bold text.

* Updated per a note from Darshana

Co-authored-by: Meggie Ladlow <meggie@hashicorp.com>
2021-03-24 17:13:28 -04:00
Alex Milowski ffad2c6eb2
Added Redis Enterprise database plugin (#11111)
Added the link to the Redis Enterprise database plugin GitHub repository.
2021-03-24 12:17:37 -07:00
Nick Cabatoff dbce98c1bb
Client controlled consistency docs (#10990) 2021-03-24 15:09:01 -04:00
Vishal Nayak 2c161a6f6b
Autopilot Docs (#11167) 2021-03-24 10:29:10 -04:00
Austin Gebauer 1eee383ecf
Updates documentation for key management secrets engine (#11172) 2021-03-23 14:14:25 -07:00
Jim Kalafut a9dfaeb765
Update AWS Auth docs for deprecated terms and endpoints (#11146) 2021-03-22 14:15:19 -07:00
Nick Cabatoff e2aadfc157
Update docs for agent's new vault.retry stanza. (#11151) 2021-03-22 12:50:59 -04:00
Jason O'Donnell 921979a40f
docs: update vault-k8s to 0.9.0 (#11138)
* docs: update vault-k8s to 0.9.0

* Fix typos

* Update website/content/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/injector/annotations.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add links for auto-auth

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-03-19 11:34:58 -04:00
Scott Miller 689dd3722f
Document mysql (#11112)
* Document MySQL

* Document snapshot, restore, and export-decoded (#11110)

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Add parseTime note

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-03-19 10:34:41 -05:00
Josh Black 5fcc629847
Add log shipper configuration docs (#11014)
* Add log shipper configuration docs

* Fix indentation issue

* Add telemetry

* Updates to logshipper docs

* Add CCC related replication config docs. (#11087)

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Correct formatting

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-03-18 16:41:13 -07:00
Clint 5353279e75
Add command to look up a lease by ID (#11129)
* snapshot

* basic test

* update command and add documentation

* update help text

* typo

* add changelog for lease lookup command

* run go mod vendor

* remove tabs from help output
2021-03-18 11:11:09 -05:00
aphorise eb36b68710
Corrected links for Consul Consistency Modes (#10862) 2021-03-17 16:05:30 -07:00
aphorise 5b6e2bb77a
Docs - Plugin register operator & example add (#10864) 2021-03-17 16:04:51 -07:00
Hridoy Roy 261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] (#10921)
* first docs pass

* filled in read output

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes
2021-03-17 14:29:13 -07:00
Hridoy Roy e9e83ff864
Add FF3-1 Tweak Guidance Docs [VAULT-1036] (#10978)
* ff3 guidance docs

* docs upgrade

* address PR comments
2021-03-16 07:57:50 -07:00
Alvaro Miranda Aguilera 3fb284c217
Update oracle.mdx (#11101) 2021-03-15 14:13:40 -06:00
Scott Miller da982c3982
Upgrade notes for the transform engine upgrade bug fix. (#11098)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav

* Reword to encourage upgrade when available
2021-03-12 19:59:50 -06:00
Mark Gritter 8bbf92ef70
Fix typo in limits.mdx (#11103) 2021-03-12 15:46:41 -06:00
Scott Miller c4e8d51c9d
Add upgrade notes for the Transform storage upgrade bug (#11075)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav
2021-03-11 11:23:19 -06:00
Jacob Friedman 5305c439d4
Update init.mdx (#11044)
* Update init.mdx

Updated operator init documentation to try to avoid steering customers towards running Auto Unseal seals with recovery-shares=1 and recovery-threshold=1. This is a bad security posture, as it can allow a single user with access to that recovery share to create root tokens and do other very sensitive tasks.

Also rewrote parts of the HSM/KMS Options section to indicate that recovery-related options are not solely for HSM-mode Vault but are for ANY Auto Unseal seal.

* Update website/content/docs/commands/operator/init.mdx

Adding an appropriate number of recovery-pgp-keys

Co-authored-by: Yoko <yoko@hashicorp.com>

Co-authored-by: Yoko <yoko@hashicorp.com>
2021-03-04 15:57:47 -08:00
Michele Degges 9741f51bee
Removing broken link (#11029) 2021-03-02 12:02:59 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027)
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Brian Kassouf a112161f60
expiration: Add a few metrics to measure revoke queue lengths (#10955)
* expiration: Add a few metrics to measure revoke queue lengths

* Update the metric names

* Add appropriate cluster labels

* Add metrics to docs

* Update jobmanager.go
2021-02-26 16:00:39 -08:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Tom Proctor 45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation (#10967) 2021-02-26 20:38:27 +00:00
Jim Kalafut e60cc11f33
Add configurable exponential backoff to Agent auto-auth (#10964) 2021-02-23 12:04:21 -08:00
Clint b0b121753a
update docs related to OCI alias changes (#10952)
* update docs related to OCI alias changes

* covert CHANGELOG update to a changelog/ entry
2021-02-23 10:08:15 -06:00
Jim Kalafut 4b1557e6ab
Minor update to Secrets engine overview docs (#10977)
The reference to API calls and link to code isn't a good fit here.

Reverts eb3e34d
2021-02-23 07:17:44 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823)
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Nick Cabatoff 81105274d1
Add docs for Agent's template_retry option added in #10644, based on those from consul-template configuration. Also fix some existing config docs that weren't adhering to our conventions. (#10911) 2021-02-18 11:24:36 -08:00
Brian Fox 7f6ec265a1
Update KV Secrets Engine index (#10933)
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.
2021-02-17 14:27:37 -08:00
Nick Cabatoff 1b789f5ae5
Note that all local mounts are impacted, including on primary. (#10807) 2021-02-16 10:37:37 -05:00
Rosemary Wang a48db957ca
docs: Update Azure AD OIDC documentation (#10853)
Addresses #8191 with clearer external groups configuration.
2021-02-12 17:28:00 -08:00
Mark Gritter a8d2e6e350
Added a table showing the entity alias name used by each auth method. (#10908)
* Also corrected the text about token auth method.
2021-02-11 18:34:45 -06:00
aphorise 17003328ab
Docs - Namespace monitoring corrected examples (#10863)
Re-doing PR #10305
2021-02-11 11:32:52 -06:00
Jim 7cb100e9a7
Update kubernetes.mdx (#10871)
Add suggestion to validate K8S cluster address and TCP port using cluster-info command and update sample config (line 77) to prompt for validation. Feedback from prospect was that doc is misleading since our sample uses TCP 8443.
2021-02-09 14:50:31 -05:00
Michael Golowka aaa51e975f
Add docs for OpenLDAP dynamic secrets (#10817) 2021-02-05 10:49:29 -07:00
Calvin Leung Huang b1c4b86d7f
approle: add ttl to the secret ID generation response (#10826)
* approle: add ttl to the secret ID generation response

* approle: move TTL derivation into helper func

* changelog: add changelog entry

* docs: update approle docs and api-docs pages
2021-02-03 16:32:16 -08:00
Jason O'Donnell 84cb949802
k8s doc: update for 0.9.1 and 0.8.0 releases (#10825)
* k8s doc: update for 0.9.1 and 0.8.0 releases

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-02-02 16:37:34 -05:00
Josh Black 449b9ddedb
Clarify docs around using the Vault Agent as a windows service (#10519) 2021-02-01 10:03:42 -08:00
Nick Cabatoff 936ce3ba62
Document identity behaviour on local auth mounts. (#10805) 2021-01-28 11:45:53 -05:00
Hridoy Roy 17e20bdaa6
docs change for max request size community PR (#10723) 2021-01-27 10:02:00 -08:00
Aleksandr Bezobchuk 46c3f1f7bc
docs: update "Policy Syntax" section (#10590)
Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 22:14:47 -06:00
Aleksandr Bezobchuk 2ec8f9a222
metrics: activity log (#10514)
* core: add vault.identity.entity.active.monthly log
* Fixed end-of-month metrics and unit test.
* Added metric covering month-to-date (not broken down by namespace.)
* Updated documentation
* Added changelog.

Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 16:37:07 -06:00
Jim Kalafut fb049caa7f
Clarify agent lease renewal docs (#10772) 2021-01-26 12:07:59 -08:00
John Eikenberry 1ecd3464eb
fix deep links to consul-template docs (#10768) 2021-01-25 16:42:19 -08:00
Lauren Voswinkel 1ec64fd010
Update Snowflake docs (#10691)
* Update Snowflake docs

Snowflake docs had an issue, `DEFAULT ROLE` should be `DEFAULT_ROLE`

* Update docs to show an actual username
2021-01-13 14:59:16 -08:00
Eugene R 331529fc94
Aerospike storage backend (#10131)
* add an Aerospike storage backend

* go mod vendor

* add Aerospike storage configuration docs

* review fixes

* bump aerospike client to v3.1.1

* rename the defaultHostname variable

* relocate the docs page
2021-01-12 15:26:07 -08:00
Scott Miller 77d27cb968
Add NIST guidance on rotating keys used for AES-GCM encryption (#10612)
* Add NIST guidance on rotating keys used for AES-GCM encryption

* Capture more places barrier encryption is used

* spacing issue

* Probabilistically track an estimated encryption count by key term

* Un-reorder imports

* wip

* get rid of sampling
2021-01-07 15:37:37 -06:00
Theron Voran c788e98a16
Adding documentation for multiple vault-k8s replicas (#10659)
Describes the setup and config for using multiple injector replicas
with auto and manual TLS.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-01-07 12:22:21 -08:00
Jim Kalafut 9064097c5d
Make example Okta creds more obviously fake (#10639) 2021-01-06 10:05:23 -08:00
Lauren Voswinkel ce90acd68d
Add Snowflake docs to the website (#10617)
* Add snowflake docs to the website

* Update navs

* Add Snowflake to the DB Capabilities table
2021-01-05 14:44:28 -08:00
Jason O'Donnell abfb92173c
docs: update Vault Helm to 0.9.0 (#10656)
* docs: update vault-helm for 0.9.0

* Fix typo in leaderElector config

* Add default value to ttl

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add affinity default for injector

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-01-05 16:46:20 -05:00
Nick Cabatoff 5c446d9d53
Clarify which seal/recovery config we mean. (#10634) 2021-01-04 10:31:36 -05:00
Nick Cabatoff 69e68c4d0d
Document constraints re primary vs secondary clusters. (#10527) 2021-01-04 08:35:17 -05:00
Jeff Escalante ec620a7765
Implement MDX Remote (#10581)
* implement mdx remote

* fix an unfenced code block

* fix partials path

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-12-17 16:53:33 -05:00