Commit graph

647 commits

Author SHA1 Message Date
Alexander Scheel 1996336481
Update repository links to point to main (#14112)
* Update repository links to point to main

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Fix broken link in relatedtools.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2022-02-17 14:30:56 -05:00
Chris Capurso 797f11b0e5
update G Suite to Google Workspace in docs (#14126)
* update G Suite to Google Workplace in docs

* fix Google Workplace to Workspace typo
2022-02-17 13:01:45 -05:00
Jordan Reimer 36ccfaa3aa
MFA (#14049)
* adds development workflow to mirage config

* adds mirage handler and factory for mfa workflow

* adds mfa handling to auth service and cluster adapter

* moves auth success logic from form to controller

* adds mfa form component

* shows delayed auth message for all methods

* adds new code delay to mfa form

* adds error views

* fixes merge conflict

* adds integration tests for mfa-form component

* fixes auth tests

* updates mfa response handling to align with backend

* updates mfa-form to handle multiple methods and constraints

* adds noDefault arg to Select component

* updates mirage mfa handler to align with backend and adds generator for various mfa scenarios

* adds tests

* flaky test fix attempt

* reverts test fix attempt

* adds changelog entry

* updates comments for todo items

* removes faker from mfa mirage factory and handler

* adds number to word helper

* fixes tests

* Revert "Merge branch 'main' into ui/mfa"

This reverts commit 8ee6a6aaa1b6c9ec16b985c10d91c3806819ec40, reversing
changes made to 2428dd6cca07bb41cda3f453619646ca3a88bfd0.

* format-ttl helper fix from main
2022-02-17 09:10:56 -07:00
Alexander Scheel 7278479856
Document vault write JSON request parameters (#14087)
As mentioned by Steve Clark. :-)

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-17 10:07:41 -05:00
Robert 91f5069c03
secret/consul: Add Consul ACL roles support (#14014)
Co-authored-by: Brandon Ingalls <brandon@ingalls.io>
2022-02-16 19:31:08 -06:00
Loann Le 8e504f59e8
Vault documentation: created new developer quick start guide (#14038)
* new developer quick start

* fixed typo

* fixed placement of guide

* modified descr

* Add Ruby quickstart code

* incorporated feedback

* spelling error

* changed word to caps

* Some format edits (#14065)

* Split install instructions into tabs (#14092)

Co-authored-by: Valerie Conklin <val@hashicorp.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-16 15:25:36 -08:00
Matt Schultz c379e41c4c
Rename transit's auto_rotate_interval to auto_rotate_period for consistency and to achieve formatting benefits in CLI output. Update UI handling of the renamed field to account for recent data type change from time string to integral seconds. (#14103) 2022-02-16 14:33:13 -06:00
Alexander Scheel dab1ac4650
Update plugin-portal.mdx (#13229) (#14108)
Add a Vault plugin to allow authentication via SSH certificates and public keys

Co-authored-by: Wim <wim@42.be>
2022-02-16 12:32:43 -08:00
Alex Cahn 42bdcf0657
Vault Integration Program Update (#14031)
* Updating badges

* Updates to the VIP page

Updates to the VIP page to add Enterprise Badges

* Updated Eco Diagram

* Update Eco Image

* Fixing the images

* Fixing Badge Placement

* centering the badges

* Centering the badges - again

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update partnerships.mdx

* trigger ci

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2022-02-15 11:19:51 -08:00
Alexander Scheel 3da261518b
Allow generation of other types of SSH CA keys (#14008)
* Add generation support for other SSH CA key types

This adds two new arguments to config/ca, mirroring the values of PKI
secrets engine but tailored towards SSH mounts. Key types are specified
as x/crypto/ssh KeyAlgo identifiers (e.g., ssh-rsa or ssh-ed25519)
and respect current defaults (ssh-rsa/4096). Key bits defaults to 0,
which for ssh-rsa then takes a value of 4096.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation on key_type, key_bits for ssh/config/ca

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-15 14:14:05 -05:00
VAL 772cfcab91
Typo and clarity fixes (#14081) 2022-02-15 10:43:49 -08:00
Victor Rodriguez 5ad48fc1c2
Restore tidy-status documentation. (#14075)
Restore tidy-status documentation.

Fixes VAULT-5113.
2022-02-15 11:04:21 -05:00
Victor Rodriguez 88e02feab0
Remove documentation for upcoming /pki/tidy-status endpoint. (#14044)
The documentation will be released along with the feature.
2022-02-14 15:41:50 -05:00
Chris Capurso 1b70677eba
add API docs for KVv2 subkeys endpoint (#13893)
* add API docs for KVv2 subkeys endpoint

* add changelog entry
2022-02-14 15:28:14 -05:00
Chris Capurso f9e9b4d327
Add sys/version-history endpoint and associated command (#13766)
* store version history as utc; add self-heal logic

* add sys/version-history endpoint

* change version history from GET to LIST, require auth

* add "vault version-history" CLI command

* add vault-version CLI error message for version string parsing

* adding version-history API and CLI docs

* add changelog entry

* some version-history command fixes

* remove extraneous cmd args

* fix version-history command help text

* specify in docs that endpoint was added in 1.10.0

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* enforce UTC within storeVersionTimestamp directly

* fix improper use of %w in logger.Warn

* remove extra err check and erroneous return from loadVersionTimestamps

* add >= 1.10.0 warning to version-history cmd

* move sys/version-history tests

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2022-02-14 15:26:57 -05:00
Jim Kalafut 0712ef13fc
Allow auto-detection of AWS region when using the vault CLI (#14051) 2022-02-14 12:01:27 -08:00
Ashlee M Boyer c0fe9bf14d
Adding empty lines around codeblock in Tab (#14030)
Only docs changes so I'm admin merging it.
2022-02-14 13:21:23 -05:00
Loann Le f78d82ebe1
Vault documentation: added new warning to listener stanza parameters (#14036)
* added a new warning

* Update website/content/docs/configuration/listener/tcp.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* fixed word tense

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-14 08:54:43 -08:00
Loann Le 296fee0193
changed to upper-case for integrated storage (#14037) 2022-02-14 08:38:06 -08:00
Jason O'Donnell b686d727a9
docs/azure: add note about identities (#14020) 2022-02-11 17:09:35 -05:00
Yoko Hyakuna 4ac997561f
Add 'Integrated Storage vs. Consul' comparison (#13999)
* Add IS vs. external storage section

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Add a cross-referencing link

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/concepts/storage.mdx

Co-authored-by: David Adams <daveadams@gmail.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Update website/content/docs/configuration/storage/index.mdx

Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>

* Incorporate review feedback

* Incorporate review feedback

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Meggie <meggie@hashicorp.com>
Co-authored-by: Lauren Dunnevant <84867887+hashildy@users.noreply.github.com>
Co-authored-by: David Adams <daveadams@gmail.com>
2022-02-11 08:07:35 -08:00
Shohei Maeda 4073f6663b
KV v2 doc - fix format and update examples (#14003) 2022-02-10 13:20:36 -08:00
Loann Le c360d5ad45
fixed steps (#13993) 2022-02-09 17:25:33 -08:00
Loann Le bfd49bc16d
added link to hcpv docs (#13992) 2022-02-09 16:15:17 -08:00
EsbenDalgaard 2489c958f5
Update approle.mdx (#13967) 2022-02-09 18:22:10 -05:00
Ray Ryjewski 571804390e
Update gcp.mdx (#13438)
Updated the example for oauth.  In my testing I had to use the project-id for both the project attribute as well as within the bindings attribute.
2022-02-09 12:09:01 -08:00
Niklas Wagner 8199437a4b
Fix Environment Variables in Kubernetes config (#13969)
The Environment Variables seems wrong as you can see:
$ echo "https://$KUBERNETES_SERVICE_HOST:$KUBERNETES_PORT"
https://172.20.0.1:tcp://172.20.0.1:443
2022-02-09 11:16:33 -08:00
Loann Le 622c24f60f
Vault documentation: Updated Licensing FAQ page (#13959)
* updated license faq doc

* fixed typo

* Update website/content/docs/enterprise/license/faq.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/enterprise/license/faq.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* fixed spelling error

* removed a step and added a new one

* fixed note

* added a new link to TDE

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2022-02-09 11:14:36 -08:00
Samori Gorse 0f588bc159
Formatting touch ups on storage/dynamodb.mdx (#13948)
Following my previous fix, those are some small formatting touch ups.
2022-02-09 10:36:09 -08:00
Alexander Scheel 386ef0eb6b
Add clarification around vague "this" references (#13968)
* Clarify subject of this w.r.t. TLS configuration

Thanks to @aphorise for pointing this out internally.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/gcp docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/aws docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in secrets/database/oracle.mdx

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in seal/pkcs11 docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Clarify vague this in agent/autoauth docs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-09 13:02:44 -05:00
Rudy Gevaert d11bc6d316
Use secret_id_bound_cidrs instead of bound_cidr_list in approle docs (#12658)
bound_cidr_list has been deprecated since 1.2.0
2022-02-09 09:34:13 -08:00
Loann Le 2b66cca52d
Vault documentation: added a warning message to vault ui browser support doc (#13961)
* added a warning about using ie browswer

* added Vault UI at the end
2022-02-09 09:10:24 -08:00
Andy Assareh c292dbaf4d
mysql is also supported for transform external storage (#13104)
per https://www.vaultproject.io/api/secret/transform#driver and https://www.vaultproject.io/docs/secrets/transform/tokenization#external-sql-stores
2022-02-08 16:40:58 -08:00
Steven Clark 12b0e2a56b
Add documentation for Managed Keys (#13856)
* Add documentation for Managed Keys

 - Add concept, sys/api and pki updates related to managed keys

* Review feedback

 - Reworked quite a bit of the existing documentation based on feedback
   and a re-reading
 - Moved the managed keys out of the concepts section and into the
   enterprise section

* Address broken links and a few grammar tweaks
2022-02-08 14:01:19 -05:00
Austin Gebauer 5804da7490
auth/okta: documentation improvements (#13944) 2022-02-08 09:21:19 -08:00
Scott Miller f226d0103f
Add duration/count metrics to PKI issue and revoke flows (#13889)
* Add duration/count metrics to PKI issue and revoke flows

* docs, changelog

* tidy

* last tidy

* remove err

* Update callsites

* Simple returns

* Handle the fact that test cases don't have namespaces

* Add mount point to the request

* fmt

* Handle empty mount point, and add it to unit tests

* improvement

* Turns out sign-verbatim is tricky, it can take a role but doesn't have to

* Get around the field schema problem
2022-02-08 10:37:40 -06:00
cr48 1a4dc03bf7
Typo: Corrected same typo in 2 locations (on-premise to on-premises) (#13402)
* Fixed 2 typos on-premise to on-premises.

* Added changelog file.

* Removed 13402.txt file from changelog.

* Update website/content/docs/secrets/terraform.mdx

Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
2022-02-07 18:59:46 -05:00
Alexander Scheel 33a9218115
Add full CA Chain to /pki/cert/ca_chain response (#13935)
* Include full chain in /cert/ca_chain response

This allows callers to get the full chain (including issuing
certificates) from a call to /cert/ca_chain. Previously, most endpoints
(including during issuance) do not include the root authority, requiring
an explicit call to /cert/ca to fetch. This allows full chains to be
constructed without without needing multiple calls to the API.

Resolves: #13489

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add test case for full CA issuance

We test three main scenarios:

 1. A root-only CA's `/cert/ca_chain`'s `.data.ca_chain` field should
    contain only the root,
 2. An intermediate CA (with root provide) should contain both the root
    and the intermediate.
 3. An external (e.g., `/config/ca`-provided) CA with both root and
    intermediate should contain both certs.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation for new ca_chain field

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add note about where to find the entire chain

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-02-07 14:37:01 -05:00
Loann Le f85945d3aa
Vault documentation: updated What is a Client section (#13816)
* updated client doc

* fixed heading
2022-02-07 09:05:10 -08:00
Jason O'Donnell 7145fe49ff
docs/oracle: add wallet permissions example (#13924)
* docs/oracle: add wallet permissions example

* Update website/content/docs/secrets/databases/oracle.mdx

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>

Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
2022-02-07 11:17:33 -05:00
Andrew Briening ed457aeae7
Adds "raw(/pem)" format to individual cert routes (#10947) (#10948)
Similar to "/pki/ca(/pem)" routes to retrieve
certificates in raw or pem formats, this adds
"pki/cert/{serial}/raw(/pem)" routes for any
certificate.
2022-02-07 09:47:13 -05:00
Samori Gorse b2e3745837
typo: Updated terraform example (#13401)
The terraform example had a couple of issues:

- Tags was missing a `=`
- Attribute list is not supported
2022-02-04 13:08:16 -08:00
Chris Jones b97a1b3157
Add iam:GetUser permission to the example. (#13316)
Without `iam:GetUser` permission, I wasn't able to get Vault to rotate its own credentials.
2022-02-04 13:07:26 -08:00
AnPucel 329342a1fa
Adding dotnet example app to docs (#13782) 2022-02-04 12:28:43 -08:00
mairandomness bc74650b98
Update delete.mdx (#13148)
Adding a note on the parameter necessary for deletion on a key deletion example seems like a good idea.
From my limited research I found other people that had trouble finding the relevant part of the documentation.
Though I'm not sure this is the best wording or formatting for it.
2022-02-04 10:13:24 -08:00
Stefan Kalscheuer f0a8199b19
Fix documentation of "replication_performance_mode" in health API (#13529)
The field "replication_per_mode" was renamed before this feature was
released, but the docs have never been updated. Update the documentation
to present the correct name.
2022-02-04 10:05:44 -08:00
Rémi Lapeyre 2b3661b863
Document the use of inline SSL certificates for PostgreSQL (#11985)
Authored by @remilapeyre.
2022-02-04 11:48:19 -05:00
Maha Sharabinth c30fa154ff
Add a Rekey Example When Auto Unseal is Used (#13139)
Added an example to explicitly show how to perform a Rekey operation when the Vault cluster is using Auto Unseal.  This is placed as the second example. 
The existing example code combines with the PGP keys so added a simple example without the PGP keys.
2022-02-04 10:43:33 -05:00
Theron Voran c01b9915b1
docs/helm: fix duplicate ingress tls section (#13790)
Combined the two Ingress sections into one, hopefully in the right
spot this time.
2022-02-03 22:48:23 -08:00
Mark Lewis 919c197fe9
Update index.mdx (#12936)
Tidy a couple of bullets.
2022-02-03 17:49:46 -08:00
Tom Proctor fce9c92c5b
Update k8s auth long-lived token instructions (#13852) 2022-01-31 23:16:01 +00:00
Anoop Vijayan Maniankara f5b9aefd1e
Update mssql.mdx with typo error (#13527)
user sa -> vaultuser
2022-01-31 14:56:37 -05:00
Sebastien Rosset fd209183d1
Update upgrade-to-1.3.10.mdx (#12341)
The upgrade guide indicates the upgrade path between two identical versions (1.3.10). Presumably you meant compared to 1.3.9?
2022-01-28 09:27:23 -08:00
Joshua Gilman de51e14f66
Add vaultrs Rust crate to community libraries (#12402)
This change proposes adding [vaultrs](https://crates.io/crates/vaultrs) to the list of community-supported libraries. This crate has a mature base and is expected to expand to accommodate most of the API.
2022-01-28 09:02:31 -08:00
Austin Gebauer 17b2e0d259
auth/oidc: Documentation updates for Azure AD applications (#13819) 2022-01-28 08:34:36 -08:00
Steven Clark 69ac11a564
Documentation updates for new keys for PKCS#11 unsealing (#13814)
* Document new force_rw_session parameter within pkcs11 seals

* documentation for key_id and hmac_key_id fields

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/configuration/seal/pkcs11.mdx

Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: rculpepper <rculpepper@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-01-28 11:25:02 -05:00
mickael-hc 45875e2e9d
docs: add cluster-to-cluster communications to external threat overview (#13805) 2022-01-28 10:15:22 -05:00
Scott Miller 86175b2e82
Add notes on the PKI cert generation forwarding regression (#13815)
* Add notes on the PKI cert generation forwarding regression

* content

* typo

* iterate

* extra space
2022-01-27 16:36:50 -06:00
Scott Miller 743b0e1905
Clarify that backend authors can specify that all or no values are sealwrapped (#13813)
* Clarify that backend authors can specify that all or no values are sealwrapped rather than the vague statement that all values _may_ be seal wrapped

* typo
2022-01-27 15:30:55 -06:00
Rosemary Wang e1165737dc
Update CSI provider installation on OpenShift (#13763)
Include recommendation to use Vault agent injector on OpenShift
instead of CSI due to production security constraints.
Additional instructions included for testing and development
clusters.
2022-01-26 07:44:15 -08:00
Rémi Lapeyre 961ff4a363
Return num_uses during authentication (#12791)
* Return num_uses during authentication

https://github.com/hashicorp/vault/issues/10664

* Add changelog entry
2022-01-25 18:59:53 -08:00
mickael-hc 3a1a8c4cbf
Fix limits docs to reflect listener variable name (#13776) 2022-01-25 16:45:56 -05:00
Rémi Lapeyre 978311fee2
Add read support to sys/auth/:path (#12793)
* Add read support to sys/auth/:path

Closes https://github.com/hashicorp/vault/issues/7411

* Add changelog entry
2022-01-25 11:56:40 -08:00
Loann Le 02074f40e7
added missing title (#13775) 2022-01-25 10:19:10 -08:00
Caleb Lemoine f03a176ac3
docs: add vault-plugin-secrets-jenkins to plugin portal page (#13531)
Signed-off-by: circa10a <caleblemoine@gmail.com>
2022-01-24 19:36:42 -08:00
Theron Voran a0ccdfcdb1
docs/k8s: Updates for vault-k8s 0.14.2 and vault-helm 0.19.0 (#13748)
Updated vault and chart versions, and some formatting from the
pre-commit hook. Also updated chart values.
2022-01-24 15:25:52 -08:00
James Bayer 2d3db5ce78
Updated spelling (#13751) 2022-01-24 14:38:13 -08:00
Rémi Lapeyre d6a4a3b53c
Add LIST support to sys/policies/password (#12787)
* Add read support to sys/policies/password

Closes https://github.com/hashicorp/vault/issues/12562

* Add changelog

* Empty commit to trigger CI

* Add optional /

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

* Use a ListOperation

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2022-01-24 13:42:14 -08:00
Loann Le 5bc0c1b3c0
fixed typo (#13740) 2022-01-21 11:12:01 -08:00
Matt Schultz fc7deabfd7
Time-based transit key autorotation (#13691)
* Add auto_rotate_interval field to transit key creation path.

* Add auto_rotate_interval field to transit key config update path.

* Implement transit automatic key rotation on an hourly interval.

* Fixes transit key autorotation key listing typo.

* Add unit tests for transit key autorotation.

* Add unit tests for transit key creation with autorotation interval.

* Add unit tests for transit key config update with autorotation interval.

* Document new auto_rotate_interval fields in key creation and key config update endpoints.

* Add changelog for transit key autorotation.

* Wrap individual transit key autorotation in a policy lock.

* Add a safeguard to transit key autorotation to ensure only one execution happens simultaneously.
2022-01-20 09:10:15 -06:00
Sung Hon Wu 194c9e32d3
Enhance sys/raw to read and write values that cannot be encoded in json (#13537) 2022-01-20 07:52:53 -05:00
Mike Green 364d7a9be1
Add algo signer to support openssl as of recent (#12438)
"algorithm_signer": "rsa-sha2-256"
to prevent /var/log/auth.log `userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]` due to vault defaulting to ssh-rsa which is insecure
2022-01-19 15:37:00 -08:00
Calvin Leung Huang bd25ed1294
docs: add known issues section to 1.9.x upgrade guide (#13662)
* docs: add known issues section to 1.9.x upgrade guide

* minor rephrasing on oidc known issue

* use relative references for URLs

* Update website/content/docs/upgrading/upgrade-to-1.9.x.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* update known issues section for id token

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-01-19 11:21:10 -08:00
Jason O'Donnell 17ca494be3
docs/oracle: fix typo in connection_url example (#13708) 2022-01-19 11:59:30 -05:00
Tony Pulickal 908a1c1178
Update http requests API link to versioned docs (#13692) 2022-01-18 14:16:02 -05:00
James Bayer daefbd0a54
Remove extra commas (#13684)
The payload json example is invalid syntax.
2022-01-18 12:15:52 -05:00
Tero Saarni e2b17ca96b
auth/kubernetes: support for dynamically reloading short-lived tokens (#13595)
* auth/kubernetes: support for short-lived tokens

* Uplift new version of Kubernetes auth plugin that does not store the
  service account token persistently to Vault storage.

* Update the documentation to recommend local token again when running
  Vault inside cluster.

Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* Added changelog entry

Signed-off-by: Tero Saarni <tero.saarni@est.tech>

* clarification to changelog entry, executed go mod tidy

* clarifications and added targeted release version
2022-01-14 19:55:15 -08:00
Jason O'Donnell 33b9db2d26
docs: update oracle tls examples (#13659)
* docs: update oracle tls examples

* Add warnings

* Add notes

* Add missing note
2022-01-14 10:03:58 -05:00
Austin Gebauer 691e440fac
auth/azure: Documents config env vars and fixes resource used in examples (#13641) 2022-01-13 10:41:40 -08:00
Austin Gebauer e5dd039c4f
secrets/keymgmt: Adds documentation for using Azure Private Link (#13640) 2022-01-13 10:41:05 -08:00
akshya96 df53f43ee0
updating response for partial month client count (#13634)
* updating custom response for partial month count

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>

* removing new line

Co-authored-by: Pratyoy Mukhopadhyay <35388175+pmmukh@users.noreply.github.com>
2022-01-13 10:40:42 -08:00
Loann Le 492eb0a2d6
Vault documentation: updated client count FAQ (#13633)
* include nomad vault question

* added link
2022-01-13 08:56:58 -08:00
Chris Capurso d52d69e4bb
Add HTTP PATCH support for KV key metadata (#13215)
* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* add kv metadata patch command

* add changelog entry

* success tests for kv metadata patch flags

* add more kv metadata patch flags tests

* add kv metadata patch cas warning test

* add kv-v2 key metadata patch API docs

* add kv metadata patch to docs

* prevent unintentional field overwriting in kv metadata put cmd

* like create/update ops, prevent patch to paths ending in /

* fix kv metadata patch cmd in docs

* fix flag defaults for kv metadata put

* go get vault-plugin-secrets-kv@vault-4290-patch-metadata

* fix TestKvMetadataPatchCommand_Flags test

* doc fixes

* go get vault-plugin-secrets-kv@master; go mod tidy
2022-01-12 12:05:27 -05:00
Nick Cabatoff 150b1ac67a
Clarify the distinction between token and identity policies. (#13614) 2022-01-11 09:01:43 -05:00
Nick Cabatoff 3828d4bf9d
Note that api_addr and cluster_addr can use go-sockaddr templates. (#13592) 2022-01-10 09:06:30 -05:00
Saru Thuraiman e3426c238f
Add missing word "database" in docs (#13571)
* Update README.md

Add missing word database

* Update what-is-vault.mdx

Add missing "database" keyword.

* Update README.md

* Update what-is-vault.mdx

* Update website/content/docs/what-is-vault.mdx

* Update website/content/docs/what-is-vault.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-01-07 09:21:37 -08:00
Jason O'Donnell 1cc5e8d44d
docs: fix typo in azure auth debug log mode (#13593) 2022-01-07 11:33:53 -05:00
Loann Le 6eff0ae079
included permissions table (#13567) 2022-01-06 12:32:52 -08:00
mickael-hc 82e6f2bbd2
docs: update GitHub auth method docs and security model (#13572)
Provide changes based on recent audit feedback: describe risks of third party authentication systems and plugins.
2022-01-05 09:23:55 -08:00
Dave D'Amico 1b538e584b
corrected name and added link (#13562) 2022-01-04 14:29:59 -08:00
raakatz 86ac6c2996
Fix a sentence in architecture.mdx (#13539)
The words "can be" were missing
2022-01-03 16:38:39 -08:00
Loann Le e5999bba62
Vault documentation: fixed broken links (#13553)
* fixed broken links

* Update ha.mdx

removed extra slash
2022-01-03 13:53:10 -08:00
Tim Peoples 26c46f0b45
Update docs to reflect new plugin behavior. (#13543)
* Update docs to reflect that TLS connection state is now available to plugins

* Fix typo (D'oh!)
2022-01-03 11:54:12 -08:00
Pascal Reeb 48dbe28b24
fix(docs-k8s-helm): changed server's podAntiAffinity labelSelector example to match helm default values (#13140) 2022-01-03 11:13:54 -08:00
VAL ee5f26e18f
Update example code links, remove unneeded comments (#13491) 2021-12-22 09:33:12 -08:00
Jose Diaz-Gonzalez b56f708ef3
docs: add a note regarding the backend => storage config key aliasing (#13451)
* docs: add a note regarding the backend => storage config key aliasing

This was missing from upgrade docs and implemented in #2456.

* Update website/content/docs/upgrading/upgrade-to-0.7.0.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-22 09:24:55 -08:00
Meggie 78b0284f78
Adding upgrade note about 1.7.8 go version (#13475)
* Adding upgrade note about 1.7.8 go version

* Adding version bump while I'm at it
2021-12-21 17:49:41 -05:00
firingLi 0446e14d02
add tencentCloud Secrets&Auth Plugins (#13415)
* add tencentCloud plugin

* add tencentCloud plugin

* add tencentCloud plugin
2021-12-20 17:00:27 -08:00
Jonathan Ballet ed86fca503
Improve databases documentation (#12344)
* Improve databases documentation

Fixed a bunch of formatting issues and broken JSON outputs.

* Remove changelog entry

* Apply suggestions from code review
2021-12-20 15:07:59 -05:00
Jack Halford 3b6053f951
Update entity-alias.mdx (#11629)
* Update entity-alias.mdx

it was not clear for approle what the name should be the approle name or the role_id.

* Update website/content/api-docs/secret/identity/entity-alias.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-12-20 15:05:34 -05:00
Vasilii Angapov f94d0dd44f
Fix typo in policies.mdx (#13345)
Fix typo in Kubernetes policy example which prevents example from working.
2021-12-20 11:25:50 -08:00
Meggie 834ad52d68
Upgrade guidance updates from VLT-172 (#13327)
* Upgrade guidance updates from VLT-172

Trying to clarify some upgrade questions. Learn update to follow in
separate PR.

* Apply suggestions from code review

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-12-20 13:46:57 -05:00
Tom b2c473edbd
adjustemnt of options order (#12804)
Co-authored-by: tograla <tograla@gmail.com>
2021-12-17 16:22:52 -08:00
Carlos Cisneros, Jr fbd0cf82d9
Update index.mdx (#10873)
* Update index.mdx

Fixed typo in Setup section of the Secrets Engine documentation.

* Update index.mdx

Remove line 112.
2021-12-17 16:09:38 -08:00
Kaue Doretto Grecchi 2cc4ec2487
add entity-alias parameter description (#13339)
This page is missing the `entity-alias` parameter description, available in the `vault token create --help` command
2021-12-17 15:23:47 -08:00
Noel Quiles 9a9608a11d
website: Update text (#13441) 2021-12-16 12:35:55 -05:00
John-Michael Faircloth a6c217a917
auth/github: document organization id param (#13449) 2021-12-16 09:41:20 -06:00
Pratyoy Mukhopadhyay a9301012fc
Update docs with new images (#13454)
* Update docs with new images

* Update website/content/docs/concepts/identity.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extraneous Github mention

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-15 20:10:05 -08:00
Jason Peng 0bd6f5392c
Update openshift.mdx (#13372)
Consul Openshift is supported since Consul 1.9 as per https://www.hashicorp.com/blog/introducing-openshift-support-for-consul-on-kubernetes. Please verify.
2021-12-15 13:07:30 -08:00
Pete Bohman ccc1098ea3
Add allowed_uri_sans_template (#10249)
* Add allowed_uri_sans_template

Enables identity templating for the allowed_uri_sans field in PKI cert roles.

Implemented as suggested in #8509

* changelog++

* Update docs with URI SAN templating
2021-12-15 09:18:28 -06:00
Yoko Hyakuna cbdea53dd7
Add paths filter doc (#13435)
* Add paths filter doc

* Add a description about the screenshot

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/enterprise/replication.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Remove extra sentense

* Update the diagram

* Update the diagram

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-14 17:19:31 -08:00
Sai Hemanth Bheemreddy 73160cd074
Add vault-api module (#13048) 2021-12-14 13:32:26 -05:00
Mark Lewis 7ee982cb31
Update raftautosnapshots.mdx (#13412) 2021-12-14 08:29:03 -05:00
Pratyoy Mukhopadhyay c6bb8f2767
Add docs about path param restrictions (#13413)
* Add docs about path param restrictions

* Update website/content/api-docs/auth/userpass.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update with review suggestion

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-13 17:02:39 -08:00
Jason O'Donnell 9674a75a4d
auth/azure: add note about debug env (#13405)
* auth/azure: add note about debug env

* Update azure.mdx

* Update azure.mdx
2021-12-13 14:16:45 -05:00
Ben Ash fc51516ee0
Docs: fix invalid link in the kubernetes auth api doc. (#13399)
* Clean up whitespace
2021-12-13 12:02:52 -05:00
divyapola5 3488948ccd
CLI changes for new mount tune config parameter allowed_managed_keys (#13255)
* CLI changes for new mount tune config parameter allowed_managed_keys

* Correct allowed_managed_keys description in auth and secrets

* Documentation update for secrets and removed changes for auth

* Add changelog and remove documentation changes for auth

* removed changelog

* Correct the field description
2021-12-10 11:08:28 -06:00
hghaf099 65845c7531
VAULT-1564 report in-flight requests (#13024)
* VAULT-1564 report in-flight requests

* adding a changelog

* Changing some variable names and fixing comments

* minor style change

* adding unauthenticated support for in-flight-req

* adding documentation for the listener.profiling stanza

* adding an atomic counter for the inflight requests
addressing comments

* addressing comments

* logging completed requests

* fixing a test

* providing log_requests_info as a config option to determine at which level requests should be logged

* removing a member and a method from the StatusHeaderResponseWriter struct

* adding api docks

* revert changes in NewHTTPResponseWriter

* Fix logging invalid log_requests_info value

* Addressing comments

* Fixing a test

* use an tomic value for logRequestsInfo, and moving the CreateClientID function to Core

* fixing go.sum

* minor refactoring

* protecting InFlightRequests from data race

* another try on fixing a data race

* another try to fix a data race

* addressing comments

* fixing couple of tests

* changing log_requests_info to log_requests_level

* minor style change

* fixing a test

* removing the lock in InFlightRequests

* use single-argument form for interface assertion

* adding doc for the new configuration paramter

* adding the new doc to the nav data file

* minor fix
2021-12-08 17:34:42 -05:00
Pratyoy Mukhopadhyay c97c8687f4
[VAULT-3252] Add entity-alias behavior change to docs (#13370)
* Add entity-alias behavior change to docs

* Add upgrade note about entity-alias mapping change

* Rename 1.7-9 upgrade pages, shuffle upgrade note position

* Update website/content/partials/entity-alias-mapping.mdx

Co-authored-by: Meggie <meggie@hashicorp.com>

* Add incorrect policy issue to the docs

* Add example about entity-alias restriction

Co-authored-by: Meggie <meggie@hashicorp.com>
2021-12-08 13:52:51 -08:00
Matt Schultz 85f5cfc356
Adds support for SHA-3 to transit (#13367)
* Adding support for SHA3 in the transit backend.

* Adds SHA-3 tests for transit sign/verify path. Adds SHA-3 tests for logical system tools path hash functionality. Updates documentation to include SHA-3 algorithms in system tools path hashing.

* Adds changelog entry.

Co-authored-by: robison jacka <robison@packetized.io>
2021-12-08 12:29:33 -06:00
Tom Proctor be07a202d9
Docs to clarify k8s auth options with short-lived tokens (#13275)
* Rework 1.21 content into one heading and add note at top
* Add notes about extended k8s token duration
* Add example of ClusterRoleBinding for using client JWTs
2021-12-08 18:20:24 +00:00
Mike Green 05da506dea
clarify more sink options (#12586) 2021-12-07 12:16:14 -08:00
Calvin Leung Huang 0c5662770d
docs: update custom database sample code (#13211) 2021-12-07 11:10:02 -08:00
mickael-hc 36207b5668
docs: winsvc update recommendations (#13280) 2021-12-07 10:35:13 -08:00
Loann Le 8f7dd0c291
modifed note (#13351) 2021-12-07 08:46:46 -08:00
Steven Clark 94e6a688ff
Add kms_library configuration stanza (#13352)
- Add the kms_library configuration stanza to Vault's command/server
 - Provide validation of keys and general configuration.
 - Add initial kms_library configuration documentation
 - Attempt at startup to verify we can read the configured HSM Library
 - Hook in KmsLibrary config into the Validate to detect typo/unused keys
2021-12-07 09:58:23 -05:00
Harsimran Singh Maan 7178e2c4be
Fix typo (#13355) 2021-12-06 17:23:03 -08:00
Heather Simon 04d634d9d2 Merge branch 'main' of https://github.com/hashicorp/vault 2021-12-06 10:09:49 -08:00
Noel Prince b4d86a13c1
improve "x_forwarded_for_hop_skips" example (#12463)
Currently the example given results in 2.3.4.5 if it is indexed from other side. This new example prevents confusion because it is now clear which side x_forwarded_for_hop_skips is indexing from
2021-12-06 10:56:51 -05:00
Heather Simon f44dbce609 Typo fix in 1.9 Release Notes
Fixes a typo in "Vault Agent improvements"
2021-12-03 14:02:16 -08:00
Loann Le 21b01b71a6
Vault documentation: updated client count FAQ document (#13330)
* modified based on feedback

* Update faq.mdx

fixed text
2021-12-02 11:21:56 -08:00
Jim Kalafut 9ed05c3ff5
Fix doc build (#13329)
path-help.mdx is now the reference for help.
2021-12-02 08:31:56 -08:00
Jim Kalafut f0f4c2886a
Unhide or remove docs sidebar elements (#13198)
A few sidebar elements are hidden for unknown reasons. If we have a
reason to keep them hidden (vs deleting the element and associated docs),
maybe we could add `"_comment":"Hidden because ..."` to them.

A few other elements were definitely obsolete so I've removed them.
2021-12-01 16:58:28 -08:00
Rowan Smith a78721dbfe
update custom headers to mention 1.9 is required (#13155)
* update custom headers to mention 1.9 is required

Per https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#190-rc1 the custom response headers are a new feature introduced in 1.9, meaning we should explicitly call out this version requirement in documentation, otherwise users of earlier versions of Vault will unable to use the functionality and may consider it a bug.

* Update website/content/docs/configuration/listener/tcp.mdx

reads better, agreed

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-12-01 10:48:06 -08:00
Nick Cabatoff a47a2c9fc4
Add "operator members" command to list nodes in the cluster. (#13292) 2021-11-30 14:49:58 -05:00
Nicola Kabar b5f1027d07
docs: added minor recommendation for k8s agent annotations (#13239)
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-11-29 14:57:19 -08:00
Mike 4fd241c3d3
Fix case typo in docs (#13259) 2021-11-29 15:55:46 -05:00
Austin Gebauer 78b4a2c04e
secrets/azure: Fixes use_microsoft_graph_api parameter description in API docs (#13287) 2021-11-27 09:27:11 -08:00
Yoko Hyakuna 6ea0df030e
Update Vault Agent intro (#13267)
* Update Vault Agent intro

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/agent/index.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-24 12:41:11 -08:00
Scott Miller f1b18bd990
Don't claim that Vault obfuscates the environment variable for sensitive values, this doesn't work at least in recent version of Go, as Go makes a copy of the environment, so we're only modifying that one, and not the one visible to the rest of the system (#13252) 2021-11-24 11:50:34 -06:00
Austin Gebauer 19c33125c9
secrets/azure: fix API docs rendering of code block (#13245) 2021-11-23 22:38:06 -08:00
akshya96 3c6f68f9c4
Docs/custom metadata updates (#13244)
* adding custom_metadata read and update changes

* adding custom metadata changes
2021-11-23 09:40:44 -08:00
Nick Cabatoff 0082cc4a5b
Correct flag name: -dev-kv-v1, not dev-kv-1. (#13250) 2021-11-23 12:17:51 -05:00
Austin Gebauer d5f4fbecc1
identity/oidc: optional nonce parameter for authorize request (#13231) 2021-11-22 09:42:22 -08:00
divyapola5 5236fe93aa
Add a new parameter "allowed_managed_keys" to mount config (#13202)
* Add a new parameter "allowed_managed_keys" to mount config

* Adjust formatting in mount.go

* Add changelog entry
2021-11-21 19:08:38 -06:00
Loann Le 10d146125a
Updates to 1.9 documentation (#13228)
* incorporated feedback

* fixed link

* fixed link again

* found another error
2021-11-19 12:46:47 -08:00
Theron Voran 79ec6b7f3d
docs: updated for vault-k8s 0.14.1 vault-helm 0.18.0 (#13199)
* version bumps

* updated chart options
2021-11-18 18:08:35 -08:00
Gary Frederick 9622e36b82
Docs deprecate token issuer validation (#13019)
* change default vaule for disable_iss_validation to be true

* mark as deprecated | remove issuer from sample

* deprecation section

* additional informaiton about when fields will be removed

* additional deprecation note under csi provider

* punctuation

* make the deprecation note more noticable

* missing issuer sentence | remove whitespace

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>

* cleanup

* additional deprecation comments

* fix discovery link

* highlight

* no need to configure the issuer

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
2021-11-18 15:16:54 -08:00
John-Michael Faircloth 73d3204b8f
OIDC: add note on PKCE support for code flow (#13206)
* OIDC: add note on PKCE support for code flow

* add changelog

* remove changelong
2021-11-18 13:46:34 -06:00
Loann Le 4127092fdd
fixed errors in file (#13205) 2021-11-18 10:50:26 -08:00