Commit graph

932 commits

Author SHA1 Message Date
Jeff Mitchell f9c67273f3 Add audited headers to sidebar 2017-02-07 17:02:14 -05:00
Matteo Sessa 29d9d5676e RADIUS Authentication Backend (#2268) 2017-02-07 16:04:27 -05:00
Jeff Mitchell f3de9f57ce Add etcd API info 2017-02-07 11:33:02 -08:00
Brian Kassouf 2923934813 Merge pull request #2326 from hashicorp/pr-2161
Add Socket Audit Backend
2017-02-07 11:27:25 -08:00
Brian Kassouf 128de55742 Added a warning about the dropped socket connection edge case 2017-02-07 11:06:36 -08:00
Brian Vans 29b3cc6b00 Fixing a few typos in the docs (#2344) 2017-02-07 11:55:29 -05:00
Brian Kassouf a566097657 Add info about UNIX sockets 2017-02-06 15:56:58 -08:00
Cameron Stokes d56c0e33b3 docs: add note about request size limit (#2337) 2017-02-06 18:24:40 -05:00
Vishal Nayak 7f2717b74a transit: change batch input format (#2331)
* transit: change batch input format

* transit: no json-in-json for batch response

* docs: transit: update batch input format

* transit: fix tests after changing response format
2017-02-06 14:56:16 -05:00
Brian Kassouf af1847f2b4 Update the docs and move the logic for reconnecting into its own function 2017-02-04 16:55:17 -08:00
Jeff Mitchell 1d0d353901 Fix incorrect sample URL in aws-ec2 docs 2017-02-04 19:27:35 -05:00
Harrison Harnisch b09077c2d8 add socket audit backend 2017-02-02 14:21:48 -08:00
Brian Kassouf 6701ba8a10 Configure the request headers that are output to the audit log (#2321)
* Add /sys/config/audited-headers endpoint for configuring the headers that will be audited

* Remove some debug lines

* Add a persistant layer and refactor a bit

* update the api endpoints to be more restful

* Add comments and clean up a few functions

* Remove unneeded hash structure functionaility

* Fix existing tests

* Add tests

* Add test for Applying the header config

* Add Benchmark for the ApplyConfig method

* ResetTimer on the benchmark:

* Update the headers comment

* Add test for audit broker

* Use hyphens instead of camel case

* Add size paramater to the allocation of the result map

* Fix the tests for the audit broker

* PR feedback

* update the path and permissions on config/* paths

* Add docs file

* Fix TestSystemBackend_RootPaths test
2017-02-02 11:49:20 -08:00
Vishal Nayak 5fb28f53cb Transit: Support batch encryption and decryption (#2143)
* Transit: Support batch encryption

* Address review feedback

* Make the normal flow go through as a batch request

* Transit: Error out if encryption fails during batch processing

* Transit: Infer the 'derived' parameter based on 'context' being set

* Transit: Batch encryption doc updates

* Transit: Return a JSON string instead of []byte

* Transit: Add batch encryption tests

* Remove plaintext empty check

* Added tests for batch encryption, more coming..

* Added more batch encryption tests

* Check for base64 decoding of plaintext before encrypting

* Transit: Support batch decryption

* Transit: Added tests for batch decryption

* Transit: Doc update for batch decryption

* Transit: Sync the path-help and website docs for decrypt endpoint

* Add batch processing for rewrap

* transit: input validation for context

* transit: add rewrap batch option to docs

* Remove unnecessary variables from test

* transit: Added tests for rewrap use cases

* Address review feedback

* Address review feedback

* Address review feedback

* transit: move input checking out of critical path

* transit: allow empty plaintexts for batch encryption

* transit: use common structs for batch processing

* transit: avoid duplicate creation of structs; add omitempty to response structs

* transit: address review feedback

* transit: fix tests

* address review feedback

* transit: fix tests

* transit: rewrap encrypt user error should not error out

* transit: error out for internal errors
2017-02-02 14:24:20 -05:00
Vishal Nayak 3457a11afd awsec2: support periodic tokens (#2324)
* awsec2: support periodic tokens

* awsec2: add api docs for 'period'
2017-02-02 13:28:01 -05:00
louism517 0548555219 Support for Cross-Account AWS Auth (#2148) 2017-02-01 14:16:03 -05:00
Shane Starcher 6033ea884c Okta implementation (#1966) 2017-01-26 19:08:52 -05:00
Jeff Mitchell 89b0ee09d3 Merge pull request #2296 from hashicorp/rfay-20161230_add_cookbook_with_root_token_generation
Add 'Guides' section
2017-01-25 15:33:43 -05:00
Cameron Stokes a898996c43 Update title and other minor changes. 2017-01-24 08:47:53 -08:00
Chris Hoffman c5f690b891 Fixing a few incorrect entries 2017-01-24 11:08:58 -05:00
Chris Hoffman 03d05b448a Minor transit docs fixes 2017-01-23 22:26:38 -05:00
Chris Hoffman b3fc3db6ec Adding LDAP API reference and misc docs formatting issues 2017-01-23 22:08:08 -05:00
Cameron Stokes a307328f04 Additional changes to @rfay's PR from https://github.com/hashicorp/vault/pull/2217.
- Renamed Cookbook to Guides
- Made Guides index page
- Moved Guides link on sidebar
- Minor formatting changes to generate-root guide
2017-01-23 16:41:25 -08:00
Cameron Stokes 82af6a17c8 Merge branch '20161230_add_cookbook_with_root_token_generation' of https://github.com/rfay/vault into rfay-20161230_add_cookbook_with_root_token_generation 2017-01-23 16:13:58 -08:00
Roman Vynar 1615280efa Added tls_cipher_suites, tls_prefer_server_ciphers config options to listener (#2293) 2017-01-23 13:48:35 -05:00
joe miller 98df700495 allow roles to set OU value in certificates issued by the pki backend (#2251) 2017-01-23 12:44:45 -05:00
Chris Hoffman 7568a212b1 Adding support for exportable transit keys (#2133) 2017-01-23 11:04:43 -05:00
Vishal Nayak 5aba2d47b6 ldap: Minor enhancements, tests and doc update (#2272) 2017-01-23 10:56:43 -05:00
Brian Kassouf 2cdd70fdf9 First attempt at adding docs for permissions 2017-01-20 16:34:30 -08:00
Brian Kassouf d6198b7e24 change consistency config value from a bool to a string (#2282) 2017-01-19 17:36:33 -05:00
vishalnayak 4da3cf3479 Fix file_path argument in audit's index.html 2017-01-18 21:43:29 -05:00
Vishal Nayak 06c586ccd1 tokenStore: document the 'period' field (#2267) 2017-01-18 17:25:52 -05:00
Jacob Crowther 5f28afdf32 Example "List" command missing a forward slash (#2233)
The List command example is missing a forward slash before the query parameter.
2017-01-18 17:25:23 -05:00
Raja Nadar 8668f82831 vaultsharp is now cross-platform (#2285) 2017-01-18 08:45:16 -05:00
vishalnayak 0d59c1e6db Adding the 429 code back in 2017-01-17 13:36:56 -05:00
vishalnayak 62f17774f5 doc: remove unused 429 code from docs to avoid confusion 2017-01-13 23:12:32 -05:00
Brian Kassouf f11cd7f54a SP error 2017-01-13 11:50:23 -08:00
Brian Kassouf aff6282e78 Add require_conistent to docs 2017-01-13 11:48:35 -08:00
Erwin de Keijzer d71bdf893a Fixed rabbitmq documentation
The docs were inconsistent between readwrite and readonly, the policy
itself evaluates to a readwrite policy, so the inconsistency is solved
by changing the odd occurrence of readonly.
2017-01-13 08:54:04 +01:00
vishalnayak e5551afac7 paraphrasing the cluster_addr doc 2017-01-12 11:26:43 -05:00
Pavel TImofeev eb7f4ef467 Describe how actually configuration option for 'Per-Node Cluster Address' topic is called.
According to 'Server Configuration' web page it's 'cluster_addr' (note, not 'cluster_address').
Previously this was not clear, what exactly 'this' was.
2017-01-12 12:20:19 +03:00
Matthew Irish cb8bbc4fbd Transit key actions (#2254)
* add supports_* for transit key reads

* update transit docs with new supports_* fields
2017-01-11 10:05:06 -06:00
Cameron Stokes af192b2081 Note about VAULT_UI environment variable. (#2255) 2017-01-11 09:29:45 -05:00
Raja Nadar a5fc6d1f31 fix lookup-self response json
reflect the true 0.6.4 response.
2017-01-10 23:19:49 -08:00
Jeff Mitchell f18d08cf2b Remove documenting that the token to revoke can be part of the URL as (#2250)
this should never be used and only remains for backwards compat.

Fixes #2248
2017-01-09 22:09:29 -05:00
Jeff Mitchell 4d83db66df Clarify text around redirect addr being required 2017-01-06 15:07:01 -05:00
Michael Hofer 6dd1de959c Add link to vault-client vc written in go (#2225) 2017-01-03 11:29:54 -05:00
Randy Fay 787b6aa93c Add cookbook section, with root token generation technique 2016-12-30 09:19:55 -07:00
Chris Hoffman f6cc4c89ec Adding Vault.NET C# Library (#2213) 2016-12-29 19:26:47 -06:00
Stenio Ferreira 6c8a071a01 Fixed docs - auth backend aws had a typo on API example (#2211) 2016-12-28 11:41:50 -06:00
Daniel Heitmann 69da5bc021 Replace app-id with approle due to deprecation (#2197)
According to the documentation the App-ID backend is deprecated in favor of the AppRole backend since Vault 0.6.1.
2016-12-20 13:29:42 -05:00
Brian Nuszkowski 98a6e0fea3 Add Duo pushinfo capabilities (#2118) 2016-12-19 15:37:44 -05:00
Vishal Nayak ba026aeaa1 TokenStore: Added tidy endpoint (#2192) 2016-12-16 15:29:27 -05:00
Jeff Mitchell f6044764c0 Fix revocation of leases when num_uses goes to 0 (#2190) 2016-12-16 13:11:55 -05:00
Elan Ruusamäe ca1f0115b6 add unix socket example as well (#2193) 2016-12-16 05:13:35 -05:00
Elan Ruusamäe 9a9edfb515 Update index.html.md (#2191)
add DSN as link to go-sql-driver/mysql to know the syntax
2016-12-16 03:37:54 -05:00
Vishal Nayak 8400b87473 Don't add default policy to child token if parent does not have it (#2164) 2016-12-16 00:36:39 -05:00
vishesh92 a46217989b Fix broken link 2016-12-13 10:56:18 +05:30
Frank Farmer f1ef8485ab Small typo 2016-12-08 16:51:16 -08:00
Jeff Mitchell bd41c48304 Add doc for ui to config page 2016-12-06 17:13:12 -05:00
Jeff Mitchell f5891b6677 Prep for 0.6.3 2016-12-06 11:26:29 -05:00
Christopher Pauley f07a19c503 gcs physical backend (#2099) 2016-12-01 11:42:31 -08:00
Chris MacNaughton a381f727e6 Add Rust (#2136)
Add the Rust crate to the list
2016-12-01 10:54:41 -08:00
vishesh92 b17100cf0d Fix aws auth login example (#2122) 2016-12-01 10:17:08 -08:00
Brian Nuszkowski 3d66907966 Disallow passwords LDAP binds by default (#2103) 2016-12-01 10:11:40 -08:00
Talal Obeid efe97559ea Improve link to intro and getting started (#2049) 2016-11-28 09:41:08 -08:00
Dan Gorst e1d3650b7f Minor documentation tweak (#2127)
Should be arn, not policy - latter will error as that assume an inline policy json document
2016-11-24 07:36:46 -08:00
Jeff Mitchell a94962e004 Update docs to fix #2102 2016-11-22 12:19:22 -05:00
Benjamin Farley aac4f894c9 Update libraries doc for Haskell community library (#2101) 2016-11-17 13:36:00 -05:00
Jeff Mitchell 6b5327a04d Document bug causing certain LDAP settings to be forgotten on upgrade to
0.6.1+.

Fixes #2104
2016-11-16 17:08:16 -05:00
Daniel Somerfield db9dbdeb86 Added document to github auth backend covering user-specific policies. (#2084) 2016-11-11 08:59:26 -05:00
matt maier 57925ee863 Vendor circonus (#2082) 2016-11-10 16:17:55 -05:00
Brad Jones a8f35e95a0 Clarify that Swift only supports v1.0 auth (#2070) 2016-11-08 06:44:34 -05:00
Jacob Crowther 799707fdd0 Specify the value of "generated secrets" (#2066)
This small change is to specify (mostly for new users) that only dynamic secrets are revoked when running revoke-self.
2016-11-07 15:02:23 -05:00
Joel Thompson 0357d73dad Add information on HMAC verification to transit docs (#2062) 2016-11-07 13:44:14 -05:00
Jeff Mitchell 9d4eedcce4 Update unwrap call documentation 2016-11-02 13:36:32 -04:00
Jeff Mitchell 9066f012a7 Fix cache default size and docs 2016-11-01 10:24:35 -04:00
Benjamin Campbell 35542e39d7 Use gpg binary in PGP website documentation (#2047) 2016-10-30 13:09:56 -04:00
Jeff Mitchell b8b962c6e5 Rearrange libs 2016-10-29 13:53:06 -04:00
Mark Paluch 8c5d40df16 Add Spring Vault to client libraries (#2042) 2016-10-29 13:52:16 -04:00
vishalnayak 48196228d6 s/localhost/127.0.0.1 in approle docs 2016-10-28 09:46:39 -04:00
vishalnayak 260424244b s/localhost/127.0.0.1 2016-10-28 09:23:05 -04:00
vishalnayak 4ab6bd41c4 Using AppRole as an example. Removed 'root' policy being used in examples 2016-10-28 01:24:25 -04:00
Greg Look 089798b5d1 Update libraries.html.md
Add Clojure Vault client.
2016-10-27 11:39:52 -07:00
vishalnayak e0fb8c17ce Added revocation_sql to the website docs 2016-10-27 12:15:08 -04:00
Vishal Nayak c74303dd59 Merge pull request #2029 from bfallik/patch-1
Update aws-ec2.html.md
2016-10-26 16:57:39 -04:00
Raja Nadar d3f71e7232 doc: syslog change data type from bool to string (#1998) 2016-10-26 16:18:31 -04:00
Brian Fallik 59a59a3235 Update aws-ec2.html.md
fix minor typo
2016-10-26 15:40:40 -04:00
Raja Nadar 9bba65e614 doc: change data type from boolean to string (#1997)
the api doesn't accept the boolean value. it needs a string containing a boolean value.
2016-10-26 11:29:42 -04:00
vishalnayak 5ef3e4b5ef Docs: Add port numbers to redirect_addr 2016-10-19 22:07:25 -04:00
vishalnayak fec9d83dce Docs: Update the client redirection defaults 2016-10-18 13:27:19 -04:00
Vishal Nayak 45f720cea7 Merge pull request #2006 from hashicorp/update-github-docs
Update github login output in the docs
2016-10-18 10:27:06 -04:00
Chris Hoffman 4b6e82afcb Add ability to list keys in transit backend (#1987) 2016-10-18 10:13:01 -04:00
Vishal Nayak efa76a02ad Merge pull request #2010 from rajanadar/patch-5
doc: add doc for the GET lease settings api
2016-10-18 09:39:23 -04:00
Raja Nadar d43e7395c7 fix indentation 2016-10-15 22:58:25 -07:00
Raja Nadar f743ac97c2 doc: add doc for the GET lease settings api
Vault supports reading of the lease settings, with all values coming back intact. (along with a good warning message as well)
Adding it to the documentation.
2016-10-15 22:43:50 -07:00
Raja Nadar f31d99e51d doc: add consistency field in get-role response 2016-10-15 01:15:58 -07:00
vishalnayak f556a38959 Update github login output in the docs 2016-10-14 22:39:56 -04:00
Vishal Nayak c1be9ce062 Merge pull request #1988 from mp911de/issue/refdocs-approle-post-on-secret-id-destroy
Use POST method for destroy operations in documentation
2016-10-14 15:37:13 -04:00
vishalnayak 6c9358dbec Update pgp-gpg concepts page to use base64 decoding instead of hex 2016-10-11 15:58:32 -04:00