Jeff Mitchell
25e359084c
Update documentation, some comments, make code cleaner, and make generated roots be revoked when their TTL is up
2015-11-19 17:14:22 -05:00
Jeff Mitchell
af3d6ced8e
Update validator function for URIs. Change example of entering a CA to a
...
root cert generation. Other minor documentation updates. Fix private key
output in issue/sign.
2015-11-19 11:35:17 -05:00
Jeff Mitchell
71f9ea8561
Make it clear that generating/setting a CA cert will overwrite what's
...
there.
2015-11-19 09:51:18 -05:00
Jeff Mitchell
a95228e4ee
Split root and intermediate functionality into their own sections in the API. Update documentation. Add sign-verbatim endpoint.
2015-11-19 09:51:18 -05:00
Jeff Mitchell
c461652b40
Address some feedback from review
2015-11-19 09:51:18 -05:00
Jeff Mitchell
ed62afec14
Large documentation updates, remove the pathlength path in favor of
...
making that a parameter at CA generation/sign time, and allow more
fields to be configured at CSR generation time.
2015-11-19 09:51:18 -05:00
Jeff Mitchell
ea676ad4cc
Add tests for intermediate signing and CRL, and fix a couple things
...
Completes extra functionality.
2015-11-19 09:51:17 -05:00
Jeff Mitchell
1c7157e632
Reintroduce the ability to look up obfuscated values in the audit log
...
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).
In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)
Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell
45e7e61d71
Update audit documentation around what hash is used
2015-11-18 10:42:42 -05:00
captainill
28ae7b2466
edit this page
2015-11-09 21:10:49 -08:00
captainill
d931c62d94
sidebar
2015-11-09 21:08:05 -08:00
captainill
2af4092734
redesign header bulk
2015-11-09 20:58:06 -08:00
Jeff Mitchell
1a45696208
Add no-default-policy flag and API parameter to allow exclusion of the
...
default policy from a token create command.
2015-11-09 17:30:50 -05:00
Jeff Mitchell
10913e2e6b
Update cert documentation to note requiring sudo access.
2015-11-06 16:09:42 -05:00
Jeff Mitchell
ffa879d6e2
Update S3 docs
2015-11-06 09:26:09 -05:00
Jeff Mitchell
08dbc70c9f
Switch etcd default port to 2379, in line with 2.x.
...
Fixes #753
2015-11-05 09:47:50 -05:00
Sander van Harmelen
4ad533a5ba
Add a line to the documentation to describe the new feature
2015-11-04 15:36:24 +01:00
Jeff Mitchell
a4322afedb
Merge pull request #746 from hashicorp/issue-677
...
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
Jeff Mitchell
7f44a1b812
Add configuration parameter for max parallel connections to Consul
2015-11-03 15:26:07 -05:00
Jeff Mitchell
73e3aa1d64
Add create-orphan to documentation
2015-11-03 15:15:33 -05:00
Jeff Mitchell
d3f7546602
Fix trailing whitespace complaints
2015-11-03 10:52:20 -05:00
Jeff Mitchell
f0a25ed581
Clarify that CRLs are not fetched by Vault
2015-11-03 10:52:20 -05:00
Jeff Mitchell
154fc24777
Address first round of feedback from review
2015-11-03 10:52:20 -05:00
Jeff Mitchell
59cc61cc79
Add documentation for CRLs and some minor cleanup.
2015-11-03 10:52:20 -05:00
Jeff Mitchell
ffa196da0e
Note that the dev server does not fork
...
Fixes #710 .
2015-10-30 12:47:56 -04:00
Seth Vargo
f83eba4666
Force a trailing slash
2015-10-29 16:21:39 -04:00
Jeff Mitchell
e2d4a5fe0f
Documentation update around path/key name encryption.
...
Make it clear that path/key names in generic are not encrypted.
Fixes #697
2015-10-29 11:21:40 -04:00
Jeff Mitchell
c1d8b97342
Add reset support to the unseal command.
...
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.
Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell
57290b6d92
Minor format fix in environment documentation
2015-10-28 09:56:28 -04:00
Seth Vargo
b057645d73
Use vendored fastly logo
2015-10-26 12:13:03 -04:00
Seth Vargo
a710a80252
Use releases for releases
2015-10-26 00:06:17 -04:00
Jason Antman
c7ff26b650
add documentation for GitHub Auth Backend 'ttl' and 'max_ttl' parameters
2015-10-23 09:30:48 -04:00
Jason Antman
b27e80d090
add GitHub Enterprise base_url to docs
...
In https://github.com/hashicorp/vault/issues/716 @jefferai confirmed that the GitHub Auth Backend supports GitHub enterprise using an undocumented ``base_url`` parameter. This adds that parameter to the relevant documentation page.
2015-10-23 09:18:07 -04:00
Jeremiah Johnson
d4a8c08feb
fix typo in first-secret.html.md
2015-10-22 12:04:22 -06:00
Jeff Mitchell
0168ce491b
Update token documentation to better explain token durations
2015-10-22 13:02:37 -04:00
Jeff Mitchell
189b72c3ba
Document the renew-self call
2015-10-21 10:53:20 -04:00
Jeff Mitchell
bc40e652bf
Remove revoke-self from sys API documentation as it's in the token-store instead
2015-10-21 10:46:41 -04:00
mkb
1d29ae940a
Minor grammar fix.
2015-10-20 13:42:46 -07:00
Jeff Mitchell
9f0b1547bb
Allow disabling the physical storage cache with 'disable_cache'.
...
Fixes #674 .
2015-10-12 13:00:32 -04:00
Jeff Mitchell
44706da08c
Merge pull request #691 from hashicorp/sethvargo/tabs_spaces_oh_my
...
Remove tabs from terminal output
2015-10-12 12:39:44 -04:00
Seth Vargo
50f720bc06
Remove tabs from terminal output
...
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
2015-10-12 12:10:22 -04:00
Jeff Mitchell
55c26a909e
Documentation updates to remove lease id and duration from generic
...
backend example.
2015-10-12 10:01:15 -04:00
Sam Handler
ad09203343
use github_url to generate edit_this_page link
2015-10-07 17:39:08 -04:00
Vishal Nayak
bf464b9a4b
Merge pull request #661 from hashicorp/maxopenconns
...
Parameterize max open connections in postgresql and mysql backends
2015-10-03 16:55:20 -04:00
Curtis Allen
c9213a809d
update acl example
...
Without `auth/token/lookup-self` read access you are unable to
authenticate. Update example to work as well as use new command output.
2015-10-02 09:06:42 -06:00
vishalnayak
644a655920
mysql: made max_open_connections configurable
2015-10-01 21:15:56 -04:00
vishalnayak
2051101c43
postgresql: Configurable max open connections to the database
2015-10-01 20:11:24 -04:00
Colin Rymer
e2b157aa79
Remove redundant wording for SSH OTP introduction.
2015-09-30 10:58:44 -04:00
Jeff Mitchell
f711393de6
Merge pull request #649 from ipoval/master
...
[code-gardening] fix typo in the documentation
2015-09-29 19:01:58 -07:00
vishalnayak
c3569bae5e
Fixed gravatar hash
2015-09-29 14:12:58 -04:00
Ivan Povalyukhin
0bced67170
[code-gardening] fix typo in the documentation
2015-09-28 19:34:57 -07:00
Jeff Mitchell
62ac518ae7
Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend.
2015-09-25 10:41:21 -04:00
Sam Handler
a0290f69df
Add 'edit this page' link to footer
2015-09-24 14:10:32 -07:00
Jeff Mitchell
af27a99bb7
Remove JWT for the 0.3 release; it needs a lot of rework.
2015-09-24 16:23:44 -04:00
Jeff Mitchell
e38c21e0ca
Documentation fix for global TTLs
2015-09-24 12:17:26 -04:00
Jeff Mitchell
8fa7d3bd0b
Add revoke-self to docs
2015-09-24 12:05:00 -04:00
Dominic Luechinger
89511e6977
Fixes docs for new JWT secret backend
2015-09-24 16:47:17 +02:00
Spencer Herzberg
54c62fe5aa
docs: pg username not prefixed with vault-
...
due to
05fa4a4a48
,
vault no longer prefixes the username with `vault-`
2015-09-22 10:14:47 -05:00
Jeff Mitchell
a5f52f43b1
Minor doc update to SSH
2015-09-21 16:26:07 -04:00
Jeff Mitchell
29c722dbb6
Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values
2015-09-21 16:14:30 -04:00
Jeff Mitchell
3eb38d19ba
Update transit backend documentation, and also return the min decryption
...
value in a read operation on the key.
2015-09-21 16:13:43 -04:00
Jeff Mitchell
ca33cd8423
Add API endpoint documentation to cubbyhole
2015-09-21 16:13:36 -04:00
Jeff Mitchell
273f13fb41
Add API endpoint documentation to generic
2015-09-21 16:13:29 -04:00
Jeff Mitchell
59ba17c601
Add clarity to the lease concepts document.
2015-09-21 08:56:26 -04:00
Jeff Mitchell
801e531364
Enhance transit backend:
...
* Remove raw endpoint from transit
* Add multi-key structure
* Add enable, disable, rewrap, and rotate functionality
* Upgrade functionality, and record creation time of keys in metadata. Add flag in config function to control the minimum decryption version, and enforce that in the decrypt function
* Unit tests for everything
2015-09-18 14:41:05 -04:00
Jeff Mitchell
8f79e8be82
Add revoke-self endpoint.
...
Fixes #620 .
2015-09-17 13:22:30 -04:00
Jonathan Klein
dff6e468f9
Grammar fix
2015-09-15 15:53:27 -04:00
Jeff Mitchell
538852d6d6
Add documentation for cubbyhole
2015-09-15 13:50:37 -04:00
vishalnayak
142cb563a6
Improve documentation of token renewal
2015-09-11 21:08:32 -04:00
Jeff Mitchell
ace611d56d
Address items from feedback. Make MountConfig use values rather than
...
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
Jeff Mitchell
488d33c70a
Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation
2015-09-10 15:09:54 -04:00
Jeff Mitchell
4239f9d243
Add DynamicSystemView. This uses a pointer to a pointer to always have
...
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.
Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
Jeff Mitchell
f4239556d2
Merge pull request #508 from mfischer-zd/webdoc_environment
...
docs: Document environment variables
2015-09-09 11:29:10 -04:00
Jeff Mitchell
1a8bcfe18d
Merge pull request #592 from blalor/patch-1
...
Remove unused param to 'vault write aws/roles/deploy'
2015-09-09 11:28:15 -04:00
Michael S. Fischer
24a5127fab
docs: Document environment variables
2015-09-08 11:59:58 -07:00
Neo
4e3e9c38a2
Typo fix
2015-09-08 02:43:01 +02:00
Brian Lalor
2ae48fa586
Remove unused param to 'vault write aws/roles/deploy'
...
The name is taken from the path, not the request body. Having the duplicate key is confusing.
2015-09-06 06:57:39 -04:00
Armon Dadgar
4eaacaf546
Merge pull request #590 from MarkVLK/patch-1
...
Update mysql docs markdown to fix grammar error
2015-09-04 19:13:50 -07:00
MarkVLK
fae51d605f
Update transit docs markdown to add missing word
...
Added the presumably missing *decrypt* from "encrypt/data" in the first sentence.
2015-09-04 17:11:34 -07:00
MarkVLK
cd292d5372
Update mysql docs markdown to fix grammar error
...
Changed "... used to **generated** those credentials" to "... used to **generate** those credentials."
2015-09-04 17:05:45 -07:00
Seth Vargo
6f248425a6
Update documentation around cookies
2015-09-03 10:36:59 -04:00
Vishal Nayak
d4609dea28
Merge pull request #578 from hashicorp/exclude-cidr-list
...
Vault SSH: Added exclude_cidr_list option to role
2015-08-28 07:59:46 -04:00
vishalnayak
b12a2f0013
Vault SSH: Added exclude_cidr_list option to role
2015-08-27 23:19:55 -04:00
Jeff Mitchell
a4fc4a8e90
Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470 .
2015-08-27 12:24:37 -07:00
vishalnayak
fbff20d9ab
Vault SSH: Docs for default CIDR value
2015-08-27 13:10:15 -04:00
vishalnayak
702a869010
Vault SSH: Provide key option specifications for dynamic keys
2015-08-27 11:41:29 -04:00
Jeff Mitchell
8669a87fdd
When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes.
2015-08-26 07:59:50 -07:00
Jeff Mitchell
b940d214bd
Merge pull request #568 from ctennis/add_some_s3_info
...
Make it clear for physical S3 backend we support instance profiles as well.
2015-08-26 09:03:38 -04:00
Jeff Mitchell
cc232e6f79
Address comments from review.
2015-08-25 15:33:58 -07:00
Jeff Mitchell
0b580d0521
Update website documentation for init and rekey with secret_pgp_keys API option
2015-08-25 14:52:13 -07:00
Caleb Tennis
6c30f9a0f9
Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required
2015-08-25 06:47:07 -07:00
Armon Dadgar
88a7b57491
Merge pull request #558 from captainill/master
...
make sure header is below clickable area that hides sidebar
2015-08-21 10:21:40 -07:00
Jeff Mitchell
ea9fbb90bc
Rejig Lease terminology internally; also, put a few JSON names back to their original values
2015-08-20 22:27:01 -07:00
Jeff Mitchell
0fa783f850
Update help text for TTL values in generic backend
2015-08-20 17:59:30 -07:00
captainill
ad9e00b166
make sure header is below clickable area that hides sidebar
2015-08-20 17:22:48 -07:00
Jeff Mitchell
b57ce8e5c2
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4.
...
Fixes #528 .
2015-08-20 16:41:25 -07:00
Vishal Nayak
beca9f1596
Merge pull request #385 from hashicorp/vishal/vault
...
SSH Secret Backend for Vault
2015-08-20 10:03:15 -07:00
Bernhard K. Weisshuhn
86cde438a5
avoid dashes in generated usernames for cassandra to avoid quoting issues
2015-08-20 11:15:28 +02:00
vishalnayak
76ed3bec74
Vault SSH: 1024 is default key size and removed 4096
2015-08-19 12:51:33 -07:00
vishalnayak
1f5062a6e1
Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
2015-08-19 12:16:37 -07:00
David Winterbottom
9fd6837d7b
Fix typo in ACL doc
2015-08-19 07:36:16 +01:00
Armon Dadgar
f351cd5ee0
Merge pull request #531 from mfischer-zd/fix_doc_tls
...
Clarify availability of tls_min_version
2015-08-18 19:01:28 -07:00
vishalnayak
b5cda4942b
Vault SSH: doc update
2015-08-18 11:50:32 -07:00
vishalnayak
b91ebbc6e2
Vault SSH: Documentation update and minor refactoring changes.
2015-08-17 18:22:03 -07:00
vishalnayak
9db318fc55
Vault SSH: Website page for SSH backend
2015-08-14 12:41:26 -07:00
Michael S. Fischer
0e0cdeed75
Clarify availability of tls_min_version
...
`tls_min_version` doesn't work in the current Vault release;
make that clear.
2015-08-13 08:35:09 -07:00
vishalnayak
93dfa67039
Merging changes from master
2015-08-12 09:28:16 -07:00
vishalnayak
0abf07cb91
Vault SSH: Website doc v1. Removed path_echo
2015-08-12 09:25:28 -07:00
Erik Kristensen
2233f993ae
initial pass at JWT secret backend
2015-08-06 17:49:44 -06:00
Armon Dadgar
f58f46c243
Merge pull request #439 from geckoboard/feature-tls-mysql
...
Using SSL to encrypt connections to MYSQL
2015-08-05 14:52:43 -07:00
Armon Dadgar
4d08cfdf6f
Merge pull request #469 from kgutwin/f-config-defaultlease
...
Add configuration options for default lease duration and max lease duration
2015-08-04 10:06:41 -07:00
Vivien Schilis
9db7426002
Add documentation for the tls_ca_file option
2015-08-04 05:10:33 +00:00
Rusty Ross
719ac6e714
update doc for app-id
...
make clearer in doc that user-id can accept multiple app-id mappngs as comma-separated values
2015-08-03 09:44:26 -07:00
Armon Dadgar
473668a1a0
Merge pull request #482 from chiefy/master
...
Adding vaulted nodejs library to libraries section in docs.
2015-07-31 15:13:44 -07:00
Long Nguyen
e666b5c624
added golang client
2015-07-31 17:10:38 -04:00
Christopher Najewicz
c5c7926af6
Adding vaulted nodejs library to libraries section in docs.
2015-07-31 14:31:26 -04:00
Armon Dadgar
03728af495
Merge pull request #464 from bgirardeau/master
...
Add Multi-factor authentication with Duo
2015-07-30 17:51:31 -07:00
Bradley Girardeau
aa55d36f03
Clean up naming and add documentation
2015-07-30 17:36:40 -07:00
Karl Gutwin
4bad987e58
PR review updates
2015-07-30 13:21:41 -04:00
Karl Gutwin
151ec72d00
Add configuration options for default lease duration and max lease duration.
2015-07-30 09:42:49 -04:00
Armon Dadgar
1535a21198
Merge pull request #384 from dkaffee92/feature/storage-backend-consul-configuration
...
allow specifying certificates used to talk to consul for storage backend
2015-07-29 14:41:53 -07:00
Fabian Ruff
41106d9b69
fix doc for pki/revoke API
2015-07-29 14:28:12 +02:00
Kevin Fishner
9fe25414aa
update analytics
2015-07-28 16:05:27 -07:00
Bradley Girardeau
112f98d86f
mfa: cleanup website documentation
2015-07-28 12:25:01 -07:00
Bradley Girardeau
6c24a000a3
mfa: add website documentation
2015-07-28 11:00:57 -07:00
Daniel Kaffee
a6f828ba0a
made documentation a bit more clear
2015-07-28 15:50:43 +03:00
Daniel Kaffee
4146be770c
refactor code
2015-07-28 14:55:33 +03:00
Armon Dadgar
83729a3bd9
website: fixing details about HA backends
2015-07-24 12:11:45 -07:00
Armon Dadgar
80e59089ba
Merge pull request #449 from JustinLaRose/master
...
Cassandra secret backend doc update for connection config
2015-07-23 13:42:59 -07:00
Armon Dadgar
eeb623bca0
Merge pull request #447 from kgutwin/f-tlsvers
...
Specify Vault listener minimum TLS version
2015-07-23 13:42:42 -07:00
Armon Dadgar
9ec3cefea9
Merge pull request #433 from infame-io/feature/s3_sts
...
Granting S3 backend temporary access
2015-07-23 13:33:58 -07:00
Karl Gutwin
3a5e036727
Document warning for using lower TLS versions
2015-07-23 11:54:45 -04:00
Lauro Balderas
436dfd464d
S3 backend session token documentation updated
2015-07-23 22:53:20 +10:00
Justin LaRose
361f10f79e
Cassandra secret backend doc update for connection config - "hosts" instead of "host"
2015-07-23 03:07:29 -04:00
Karl Gutwin
1096f5a53e
Avoid unnecessary abbreviation
2015-07-22 23:28:46 -04:00
Karl Gutwin
9c963a0632
TLS minimum version documentation
2015-07-22 23:21:18 -04:00
Armon Dadgar
63fcb61145
Merge pull request #419 from nbrownus/telemetry_names
...
Disable hostname prefix for runtime telemetry
2015-07-22 15:38:23 -07:00
Armon Dadgar
01147622ce
Merge pull request #420 from bgirardeau/master
...
LDAP Auth - Add per-user policies and option to login with userPrincipalName
2015-07-22 14:35:21 -07:00
Bradley Girardeau
e8d26d244b
ldap: change setting user policies to setting user groups
2015-07-20 11:33:39 -07:00
Seth Vargo
564f6d3743
Small tutorial fixes and tweaks
2015-07-19 16:52:11 -04:00
Daniel Somerfield
30920dc751
Finished draft of api tutorial and worked it into the flow.
2015-07-19 12:29:06 -07:00
Daniel Somerfield
89e0ed22db
More work on apis doc.
2015-07-16 06:29:52 -07:00
Daniel Somerfield
3f45692500
Added start of page in intro that explains / demos the REST apis
2015-07-15 06:28:04 -07:00
Bradley Girardeau
1e1d4ba66d
ldap: add documentation for setting policies based on user
2015-07-14 16:13:40 -07:00
Nate Brown
65dc78ba35
Docs for the telemetry object
2015-07-14 15:45:45 -07:00
Bradley Girardeau
0e2edc2378
ldap: add ability to login with a userPrincipalName (user@upndomain)
2015-07-14 15:37:46 -07:00
Armon Dadgar
3042452def
website: fixing lots of references to vault help
2015-07-13 20:12:09 +10:00
Armon Dadgar
7be012b8b6
website: help command is now path-help
2015-07-13 20:03:29 +10:00
Armon Dadgar
26937498f6
physical/zk: Fixing node representation. Fixes #416
2015-07-13 19:33:23 +10:00
Armon Dadgar
8dd9478e14
website: fixing documentation errors. Fixes #412
2015-07-13 19:10:44 +10:00
Armon Dadgar
2da54da6ed
website: update HA status, discourage ZK
2015-07-13 19:01:32 +10:00
Matt Button
76bc988e50
Remove documentation that was copied from the terraform project
2015-07-12 16:52:24 +00:00
mootpt
872593d1e1
fixed secrets backend url
...
minor doc fix
2015-07-06 11:11:58 -07:00
mootpt
f782e7382e
pointed authentication backend to proper location
...
pointed authentication backend to proper location
2015-07-06 10:42:14 -07:00
Armon Dadgar
70cd3d1206
Merge pull request #400 from hashicorp/f-glob
...
Change ACL semantics, use explicit glob and deny has highest precedence
2015-07-06 11:15:49 -06:00
Armon Dadgar
768a6e33b0
website: clarify changes in addition to feedback
2015-07-06 11:10:09 -06:00
Armon Dadgar
0be3d419c8
secret/transit: address PR feedback
2015-07-05 19:58:31 -06:00
Armon Dadgar
37b68d6dce
website: clarify getting started ACL docs
2015-07-05 18:40:05 -06:00
Armon Dadgar
01b0257c5f
website: update for glob matching
2015-07-05 17:43:13 -06:00
Armon Dadgar
f4d555a2ba
website: document derived keys in secret/transit
2015-07-05 14:47:16 -07:00
Armon Dadgar
0521c6df6c
http: support ?standbyok for 200 status on standby. Fixes #389
2015-07-02 17:49:35 -07:00
Bradley Girardeau
42050fe77b
ldap: add starttls support and option to specificy ca certificate
2015-07-02 15:49:51 -07:00
Armon Dadgar
3c58773598
Merge pull request #380 from kgutwin/cert-cli
...
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Armon Dadgar
b8f2e8d498
website: document insecure_tls for LDAP backend
2015-06-30 09:42:18 -07:00
Jeff Mitchell
42b90fa9b9
Address some issues from code review.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:27:23 -04:00
Karl Gutwin
70fc49be84
Website docs.
2015-06-30 09:18:39 -04:00
Jeff Mitchell
fccbc587c6
A Cassandra secrets backend.
...
Supports creation and deletion of users in Cassandra using flexible CQL queries.
TLS, including client authentication, is supported.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Armon Dadgar
3902626163
Merge pull request #310 from jefferai/f-pki
...
Initial PKI backend implementation
2015-06-21 11:12:22 +01:00
sergiopatino
3e58e8fff2
Fix typo in link to Atlas URL.
...
Missing a colon after https!
2015-06-21 02:41:26 -07:00
Jeff Mitchell
e086879fa3
Merge remote-tracking branch 'upstream/master' into f-pki
2015-06-19 13:01:26 -04:00
Jeff Mitchell
a6fc48b854
A few things:
...
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-19 12:48:18 -04:00
Armon Dadgar
28ddff305c
physical/mysql: cleanup and documentation
2015-06-18 14:31:00 -07:00
Jeff Mitchell
34f495a354
Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-18 15:22:58 -04:00
Armon Dadgar
7e6f44e39e
website: document transit upsert behavior
2015-06-17 18:51:58 -07:00
Armon Dadgar
93ee9f6b76
website: update the transit documentation
2015-06-17 18:45:29 -07:00
Jeff Mitchell
49f1fdbdcc
Merge branch 'master' into f-pki
2015-06-16 13:43:25 -04:00
Armon Dadgar
07df5c251d
Merge pull request #341 from ryancurrah/ryancurrah-doc-transit-echofix
...
Do not output the trailing newline in encoding.
2015-06-15 17:36:01 -07:00
Seth Vargo
db178571eb
Document longest-prefix match
...
Fixes https://github.com/hashicorp/vault/issues/331
2015-06-15 14:29:20 -04:00
Ryan Currah
c232fee6b3
Do not output the trailing newline in encoding.
...
Added -n to echo command to prevent newlines from showing up in encoding.
2015-06-13 12:03:57 -04:00
Jeff Mitchell
e17ced0d51
Fix a docs-out-of-date bug.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-12 16:33:00 -04:00
Jeff Mitchell
db5354823f
Fix some out-of-date examples.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-11 21:17:05 -04:00
Jeff Mitchell
1513e2baa4
Add acceptance tests
...
* CA bundle uploading
* Basic role creation
* Common Name restrictions
* IP SAN restrictions
* EC + RSA keys
* Various key usages
* Lease times
* CA fetching in various formats
* DNS SAN handling
Also, fix a bug when trying to get code signing certificates.
Not tested:
* Revocation (I believe this is impossible with the current testing framework)
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Jeff Mitchell
0d832de65d
Initial PKI backend implementation.
...
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint
Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Justin Campbell
2a1eac837c
docs: Fix examples of auth via JSON
...
For both userpass and LDAP
2015-06-04 10:38:11 -04:00
Justin Campbell
d634a92d2a
Remove .DS_Store
...
Already gitignored
2015-06-04 10:17:00 -04:00
Armon Dadgar
66ab2bbf54
Merge pull request #263 from sheldonh/iam-policy
...
List IAM permissions required by root credentials
2015-06-01 13:16:51 +02:00
Armon Dadgar
98cca9cb18
Merge pull request #261 from jsok/consul-lease
...
Add ability to configure consul lease durations
2015-06-01 13:04:28 +02:00
Armon Dadgar
82caf31532
Merge pull request #277 from hashicorp/f-rotate
...
Add support for key rotation
2015-06-01 12:52:32 +02:00
Seth Vargo
507f5b0114
Cleanup style on http index docs
2015-05-31 21:23:44 -07:00
Seth Vargo
4a41d05870
Merge pull request #271 from boncheff/f-doc-update-read-write-example
...
Update index.html.md
2015-05-31 21:20:34 -07:00
Seth Vargo
090de2c6d3
Merge pull request #279 from whit537/patch-1
...
Capitalize the first word of a sentence
2015-05-31 15:53:34 -07:00
Seth Vargo
7fd3d50f3e
Merge pull request #280 from whit537/patch-2
...
Put me in charge of dev mode :)
2015-05-31 15:53:24 -07:00
Seth Vargo
d90b63a520
Merge pull request #282 from whit537/patch-3
...
Add a missing word
2015-05-31 15:52:21 -07:00
Seth Vargo
68c9b9dd83
Merge pull request #283 from whit537/patch-4
...
revisions to Getting Started > Dynamic Secrets
2015-05-31 15:52:08 -07:00
Seth Vargo
dba3fde064
Merge pull request #284 from whit537/patch-5
...
revisions to Getting Started > Built-in Help
2015-05-31 15:51:51 -07:00
Seth Vargo
83ad07bb72
Merge pull request #285 from whit537/patch-6
...
revisions to Getting Started > Authentication
2015-05-31 15:51:39 -07:00
Seth Vargo
1514dd5a14
Merge pull request #286 from whit537/patch-7
...
revisions to Getting Started > Access Control Policies
2015-05-31 15:51:08 -07:00
Seth Vargo
105def7354
Merge pull request #287 from whit537/patch-8
...
revisions to Getting Started > Deploy Vault
2015-05-31 15:50:58 -07:00
Chad Whitacre
b83f3f2d02
Provide missing verb
2015-05-31 17:19:34 -04:00
Chad Whitacre
e7cc5649dd
Fix punctuation
...
We want an apostrophe (for the contraction, not the possessive), but we don't want an extra period.
2015-05-31 17:00:44 -04:00
Chad Whitacre
2df20f0c8c
Remove an errant article
2015-05-31 16:47:15 -04:00
Chad Whitacre
1629f9ac93
Fix number of a noun
2015-05-31 16:42:29 -04:00
Chad Whitacre
b1b2a4be7c
Fix another broken passive
2015-05-31 16:34:34 -04:00
Chad Whitacre
fcc7cbaee5
Fix a broken verb voice
2015-05-31 16:31:10 -04:00
Chad Whitacre
4a4d944bcc
Charges don't incur themselves
2015-05-31 16:24:03 -04:00
Chad Whitacre
2ee0e9c51b
REMOVE A SINGLE WHITESPACE CHARACTER
2015-05-31 16:21:39 -04:00
Chad Whitacre
bd4dce28b5
Remove quotes to match styling elsewhere
...
Cf. http://vaultproject.io/intro/getting-started/dynamic-secrets.html
2015-05-31 16:20:56 -04:00
Chad Whitacre
11cd9eb6f5
Add a missing word
2015-05-31 16:19:38 -04:00
Chad Whitacre
2e00c9dd27
fix line wrapping
...
Sorry!
2015-05-31 16:07:50 -04:00
Chad Whitacre
4aee92f5e4
Direct new users over to the getting started guide
...
I found myself on the dev server reference, when really I was more interested in the getting started guide. This link is intended to help others get back on the right track.
2015-05-31 16:06:58 -04:00
Chad Whitacre
ee4b84928e
Put me in charge of dev mode :)
...
- "You" as subject instead of "Vault"
- give the actual command
- minor formatting changes
2015-05-31 15:54:32 -04:00
Chad Whitacre
2e8967ce22
Capitalize the first word of a sentence
2015-05-31 14:22:57 -04:00
Armon Dadgar
b71226dfd7
website: document key rotation internals
2015-05-29 15:34:29 -07:00
Armon Dadgar
0563ac643e
website: document new system APIs
2015-05-29 15:05:05 -07:00
Christian Berg
69e501a2e5
Fix typo
2015-05-29 10:24:29 +02:00
boncheff
a1e5330f78
Update index.html.md
...
Updated the docs to show an example of how to read/write a secret using the HTTP API
2015-05-28 22:28:25 +01:00
Armon Dadgar
e72ed2fa87
Merge pull request #269 from sheldonh/getting_started_deploy_consul
...
Use local Consul instance in deploy walkthrough
2015-05-28 10:06:36 -07:00
Sheldon Hearn
9126cf576f
Use local Consul instance in deploy walkthrough
...
As per hashicorp/vault#217 , demo.consul.io prevents sessions from being
created, which means you can't use it as a backend for Vault.
2015-05-28 14:11:34 +02:00
Sheldon Hearn
85fbdae5f5
Mention disable_mlock
in deploy walkthrough
2015-05-28 13:24:28 +02:00
Sheldon Hearn
71c462b3b2
Clarify the disable_mlock option
2015-05-28 12:40:56 +02:00
certifiedloud
ac4763027b
replaced confusing term 'physical' with 'storage'.
2015-05-27 14:44:17 -06:00
Sheldon Hearn
89e7bb2569
Missed a few IAM permissions
2015-05-27 16:42:12 +02:00
Sheldon Hearn
3d2005ea56
List IAM permissions required by root credentials
2015-05-27 16:28:24 +02:00
Jonathan Sokolowski
2b1926f262
website: Update /consul/roles/ parameters
2015-05-27 09:54:15 +10:00
Armon Dadgar
5b587b979d
Merge pull request #259 from buth/etcd
...
etcd non-HA storage backend
2015-05-26 15:07:06 -07:00
Eric Buth
e4e4253d65
added etcd as a non-HA storage backend, updated documentation
2015-05-26 13:38:25 -04:00
Ian Unruh
2a6dd3225c
Add libraries section to HTTP docs
2015-05-22 14:32:14 -07:00
Ian Unruh
bb9f7c47ff
Add read field flag to documentation
2015-05-22 11:33:28 -07:00
Armon Dadgar
e2ff72795e
website: doc cleanup
2015-05-20 17:42:29 -07:00
Armon Dadgar
8c75cc83e3
Merge pull request #242 from jstremick/f-physical-s3-backend
...
Physical S3 backend implementation
2015-05-20 17:00:44 -07:00
joe miller
fd57ca0e39
fix doc example to submit valid json in POST body
...
I don't know if there is some version of curl that auto-generates json but the example didn't work for me on curl 7.32.0. Submitting the data as JSON works though.
2015-05-20 13:11:54 -07:00
James Stremick
53979d6f30
Physical S3 backend implementation
2015-05-20 10:59:03 -04:00
Aaron Bedra
ed9b44bb44
Fix typo in app-id docs
2015-05-20 09:36:54 -05:00
Seth Vargo
05e59edb02
Merge pull request #239 from ijin/patch-1
...
Document that Vault Server needs to be running for vault help path
2015-05-20 12:28:31 +02:00
Michael H. Oshita
e2a923a887
Document that Vault Server needs to be running for vault help path
...
Confused initial, I tried running `vault help secret` by itself and found out that the server needs to be running to execute this command.
Furthermore, the client needs `VAULT_ADDR` configured (`http://127.0.0.1:8200 ` in dev mode, since it uses https by default) to interact with the server.
2015-05-20 17:06:59 +09:00
Daniel McCarney
c7bf89cf60
Add missing word to storage backend threat model.
2015-05-19 12:11:48 -07:00
Daniel McCarney
af1aabe397
Fix "the a lease ID" typo.
2015-05-19 12:07:07 -07:00
Daniel McCarney
dc5e1a714a
Fix "all everything" typo in Secrets description.
2015-05-19 11:59:20 -07:00
Ian Unruh
c0409b69ae
Remove non-existent unseal API argument
2015-05-18 19:59:18 -07:00
Armon Dadgar
9c916386de
Update github.html.md
...
Fixing incorrect documentation about case sensitivity
2015-05-18 09:37:31 -07:00
Armon Dadgar
3f3133b066
Merge pull request #204 from nrocine/master
...
Added implementation details to the GitHub Auth Docs on the Vault Website
2015-05-18 09:36:35 -07:00
Armon Dadgar
3b1df5a8ca
website: clarify the app-id parameters
2015-05-15 11:39:05 -07:00
Nathan McCauley
dd6de90a3f
update info on keywhiz
2015-05-15 00:34:25 -07:00
Nils Rocine
6481c13bcc
Added details in the github auth docs for the website. These details clarify end-to-end use of the github auth backend. Specifically: noting how to create a usable GitHub PAT and an example of how to auth with the PAT.
2015-05-14 13:20:58 -07:00
Trevor Pounds
7ce3718191
Fix minor typo.
2015-05-13 18:08:11 -07:00
Quentin Pradet
99e8b824d5
Fix typo
...
programtic -> programmatic
2015-05-13 09:08:15 +02:00
Mitchell Hashimoto
20d27ca099
website: note PGP key
2015-05-11 11:34:38 -07:00
Armon Dadgar
96e3bac87a
website: Document overwrite behavior. Fixes #182
2015-05-11 10:58:29 -07:00
Mitchell Hashimoto
42d6b2a916
http: allow header for auth token [GH-124]
2015-05-11 10:56:58 -07:00
Armon Dadgar
fbcf0c2b64
website: Fixing doc error
2015-05-11 10:43:03 -07:00
Armon Dadgar
697a70ca48
website: Adding LDAP docs
2015-05-11 10:43:03 -07:00
Kevin Nuckolls
58cfbead75
Update secret-backends.html.md
...
Confusing / typo language in the getting started documentation. Fixed it up. :)
2015-05-11 08:50:45 -05:00
Shaun Mouton
f24841fc2f
a word accidentally
2015-05-08 15:20:26 -05:00
Seth Vargo
83c869c5af
Cleanup userpass docs
2015-05-08 11:49:58 -04:00
Seth Vargo
f3c3f4717a
Remove references to -var
2015-05-08 11:45:29 -04:00
Mads R. Christensen
2fc8ab41e4
Fixed typo
2015-05-08 11:48:42 +02:00
Mads R. Christensen
37deb08a1a
Added more info about the userpass auth backend API endpoint
2015-05-08 11:45:21 +02:00
Armon Dadgar
19a54ea09a
Merge pull request #166 from Banno/remove-plugin-docs
...
remove unused plugin docs
2015-05-07 12:26:44 -07:00
Spencer Herzberg
71b8f7b779
remove unused docs
2015-05-07 14:20:33 -05:00
Seth Vargo
d2a6433270
Add instructions for enabling the auth first
2015-05-07 13:52:06 -04:00
Leo Cassarani
db10a974f6
Fix typo in docs: "it's" -> "its" [ci skip]
2015-05-07 11:08:03 +00:00
Armon Dadgar
9d7119d7d0
website: minor doc changes for zookeeper
2015-05-06 11:08:26 -07:00
Spencer Herzberg
8a4c2eb691
cleanup zk HA leftover docs
2015-05-05 17:22:43 -05:00
Spencer Herzberg
9793986357
properly default zk address to localhost
2015-05-05 17:20:38 -05:00
Spencer Herzberg
966204d73f
initial implementation of non-ha zookeeper
2015-05-05 16:49:18 -05:00
Seth Vargo
a21e9e544d
Merge pull request #144 from gotcha/patch-1
...
Typo
2015-05-05 08:43:43 -07:00
Seth Vargo
8a31b8081b
Merge pull request #145 from gotcha/patch-2
...
Word missing
2015-05-05 08:43:33 -07:00
Godefroid Chapelle
886533e856
Use singular
2015-05-05 09:16:30 +02:00
Godefroid Chapelle
2e92a23727
Word missing
2015-05-05 09:12:32 +02:00
Godefroid Chapelle
4da4aba1bf
Typo
2015-05-05 09:05:05 +02:00
Seth Vargo
1cd7e91bcc
s/consul/vault /cc @armon
2015-05-03 16:13:55 -04:00
Seth Vargo
2994577fdf
Fix more broken links /cc @armon
2015-05-02 18:08:11 -04:00
Seth Vargo
d76eccdf8c
Fix broken link
2015-05-02 18:07:32 -04:00
Armon Dadgar
dff86dfe67
website: adding keywhiz comparison. Fixes #79 .
2015-05-02 15:05:32 -07:00
Armon Dadgar
23ae5abc22
website: adding keywhiz comparison. Fixes #79 .
2015-05-02 15:05:23 -07:00
Armon Dadgar
239ef0a278
website: Adding KMS comparison. Fixes #56 .
2015-05-02 14:27:35 -07:00
Leo Cassarani
f968d23b4f
Add output of reading aws/config/root to the docs [ci skip]
...
Replace "TODO" with the current command-line output from the Vault dev server.
2015-04-30 00:17:19 +01:00
Leo Cassarani
26c9dea303
Fix typo: "taking" -> "talking" [ci skip]
...
Pull Request #66 fixes this typo in Vault's command-line output.
This change updates the documentation to reflect the correct output.
2015-04-29 23:51:18 +01:00
David M. Carr
859ec7cc79
Fix typo in getting started docs
2015-04-29 13:53:24 -04:00
Seth Vargo
25923921ff
Minor formatting update [ci skip]
2015-04-29 10:38:57 -04:00
Juanito Fatas
73abe10f43
Update output of first-secret guide [ci skip]
2015-04-29 14:39:39 +08:00
Juanito Fatas
c5b0e13f97
Update output of vault status
[ci skip]
2015-04-29 14:27:23 +08:00
Mitchell Hashimoto
969f7265e4
Merge pull request #84 from ceh/ignore-ds-store
...
Ignore .DS_Store files
2015-04-28 23:23:55 -07:00
Trevor Pounds
582677b134
Fix documentation typo.
2015-04-28 22:15:56 -07:00
Emil Hessman
de9d88c961
Ignore .DS_Store files
2015-04-29 06:11:50 +02:00
Mitchell Hashimoto
4ad3bb9d61
website: fix docs [GH-77]
2015-04-28 18:53:33 -07:00
Patrick O'Connor
d94d302efb
Fixed link to HTTP API
2015-04-28 18:05:30 -07:00
jjshoe
8e182e4b97
I think you a word.
2015-04-28 18:05:40 -05:00
Mitchell Hashimoto
df41dd70a0
website: add disable_mlock flag
2015-04-28 15:13:07 -07:00
Mitchell Hashimoto
2961712e6e
update CHANGELOG
2015-04-28 14:54:14 -07:00
Mitchell Hashimoto
72d0aa9811
website: clear dead link [GH-65]
2015-04-28 13:00:11 -07:00
Mitchell Hashimoto
369afd8097
website: make it clear that entering via the CLI can be dangerous
2015-04-28 12:59:31 -07:00
Mitchell Hashimoto
12a953dbd4
Merge pull request #58 from colinrymer/patch-1
...
website: typo fix for authentication website doc
2015-04-28 11:44:57 -07:00
Colin Rymer
967abc0921
Typo fix for authentication website doc
2015-04-28 14:43:40 -04:00
Emil Hessman
ba0225249e
website: fix typo
2015-04-28 20:42:53 +02:00
Mitchell Hashimoto
d873100562
website: we vendored
2015-04-28 11:40:36 -07:00
Mitchell Hashimoto
f3fd061ed0
Merge pull request #54 from pborreli/typos
...
website: fixed typos
2015-04-28 11:37:49 -07:00
Emil Hessman
04d09c34d2
website: merge
2015-04-28 20:36:27 +02:00
Pascal Borreli
0ec229a9c9
Fixed typos
2015-04-28 19:36:16 +01:00
AJ Bourg
cc10592dd4
Update architecture.html.md
...
Super trivial grammar fix.
2015-04-28 12:32:06 -06:00