Commit graph

1304 commits

Author SHA1 Message Date
moayadi 6ead26183b
login instructions not correct (#11698)
vault login -path=radius username=sethvargo should be changed to -method, not -path
2021-06-14 11:09:47 -04:00
Jason O'Donnell c9c72d079b
docs: add permissions required for cassandra (#11844) 2021-06-11 14:47:34 -04:00
Marco Rieger 41d0b57498
Docs: Add Mittwald Vault Libraries (#9402) 2021-06-11 11:11:01 -07:00
pjaudiomv 34a28d592e
sts is PUT/POST request (#11681)
* sts is PUT/POST request

add changelog

* rebase, rm uneeded changelog
2021-06-11 12:58:39 -04:00
Philip Jay 59a2ae9c20
Include note about ManageOwnAccessKeys stanza (#11734)
It's optional.  Make that clear.
2021-06-11 12:03:21 -04:00
Jason O'Donnell 36cc4d8e87
db/cassandra: Adding changelog and documentation (#11822)
* db/cassandra: add tls_server_name

* Remove changes from deprecated engine

* Add changelog and doc
2021-06-10 19:06:40 -04:00
Michael Golowka 38ad0a4ac9
database/cassandra: Docs: Add known issue warning to pem_bundle field (#11823) 2021-06-10 17:04:12 -06:00
Shanker Naik 35593978ed
fix typo in vault operator init cmd (#11792) 2021-06-10 10:39:53 -04:00
Maha Sharabinth 57cf0a8a4e
Password policies: Fix link from API docs to password policy syntax (#11755)
Fixed the issue with the URL link for the Password Policy Syntax.
2021-06-08 11:50:15 -06:00
Maha Sharabinth b2c9af2c74
Add note about JSON encoding to password policies docs (#11754)
Updated content to notify the users that the Special and Control characters will be escaped as per the JSON specification.
2021-06-08 11:45:00 -06:00
Loann Le eacf7bd1c7
moved client content from cloud to vault (#11776)
* moved client content from cloud to vault

* Empty commit trigger

Co-authored-by: Michele <mdeggies@gmail.com>
2021-06-07 14:19:42 -07:00
Jason O'Donnell f1d88b8c58
Docs: clarify purposes in KMS for aws (#11782) 2021-06-07 13:45:14 -04:00
Hridoy Roy 1782b4e880
oss part of control groups upgrade (#11772)
* oss part of control groups upgrade

* changelog and docs

* formatting

* formatting
2021-06-07 09:15:35 -07:00
Josh Black c6c0424a8e
OSS parts of sys/config/reload/license (#11695) 2021-06-03 10:30:30 -07:00
Anand Capur 9c0c0eb7e5
Update index.mdx (#11753) 2021-06-02 16:20:32 -07:00
Oleksandr Melnyk 00150e9bf5
11688 Update docs about stackdriver telemetry (#11699)
* 11688 Update docs about stackdriver telemetry

* 11688 Update docs about stackdriver telemetry
2021-06-02 17:20:06 -04:00
Kendall Strautman a9c9bb3cde
chore: upgrades text-split-with-logo-grid (#11750)
* chore: upgrades `text-split-with-logo-grid` and implementations

* fix: formatting docs page
2021-06-02 14:01:05 -04:00
swayne275 9724f59180
Vault 1979: Query API for Irrevocable Leases (#11607)
* build out lease count (not fully working), start lease list

* build out irrevocable lease list

* bookkeeping

* test irrevocable lease counts for API/CLI

* fix listIrrevocableLeases, test listIrrevocableLeases, cleanup

* test expiration API limit

* namespace tweaks, test force flag on lease list

* integration test leases/count API, plenty of fixes and improvements

* test lease list API, fixes and improvements

* test force flag for irrevocable lease list API

* i guess this wasn't saved on the last refactor...

* fixes and improvements found during my review

* better test error msg

* Update vault/logical_system_paths.go

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update vault/logical_system_paths.go

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* return warning with data if more than default leases to list without force flag

* make api doc more generalized

* list leases in general, not by mount point

* change force flag to include_large_results

* sort leases by LeaseID for consistent API response

* switch from bool flag for API limit to string value

* sort first by leaseID, then stable sort by expiration

* move some utils to be in oss and ent

* improve sort efficiency for API response

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-06-02 10:11:30 -06:00
Baljeet Singh daaec9bdee
Fixing issue with FPE read and delete api docs (#11735)
Read and Delete FPE api-docs point to path `/transform/transformations/:name` instead it should be `/transform/transformation/:name`
2021-06-01 17:56:26 -05:00
Mark Lewis 3e79e8252a
Update security.mdx (#11725) 2021-05-29 16:15:41 -07:00
Mark Lewis 76ee252953
Update architecture.mdx (#11724) 2021-05-29 16:14:21 -07:00
Scott Miller cff7a2c589
Clarify the accuracy of estimated encryption counts wrt cluster nodes (#11561) 2021-05-27 12:30:47 -05:00
Tom Proctor 96278a33d8
Clarify supported TCP listener config options for Agent (#11714) 2021-05-27 15:47:45 +01:00
Jason O'Donnell cd5ee2a6ee
docs/k8s: update for latest releases (#11701) 2021-05-25 15:13:00 -04:00
Anthony Burke 4e23452620
Changes role/roles (#11655) 2021-05-24 09:19:14 -07:00
Patrick Picard 4f587ad91f
Update index.mdx (#11644) 2021-05-24 08:43:53 -07:00
Theron Voran 6bdfe4d600
docs: small fixes in k8s docs (#11679)
indentation and spelling
2021-05-20 14:37:49 -07:00
Marc Falzon 31386218de
Add Exoscale plugins to the list of partner plugins (#11592)
This change adds the Exoscale auth/secrets plugins to the list of
partner plugins on the website "Plugin Portal" page.
2021-05-19 11:35:19 -07:00
Mark Lewis 322261c037
Update policies.mdx (#11618)
Suggested PR to use more inclusive language.
2021-05-18 13:02:40 -07:00
Vishal Nayak 549f1c7917
Minor fix to the docs (#11489) 2021-05-17 16:35:52 -04:00
Ricardo Cardenas d02a20bd2b
feat(aws): add ability to provide a role session name when generating STS credentials (#11345)
* feat(aws): add ability to provide a sessionName to sts credentials

Co-authored-by: Brad Vernon <bvernon@nvidia.com>
Co-authored-by: Jim Kalafut <jim@kalafut.net>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-05-17 11:03:09 -07:00
Josh Black 641a81b74b
Provide a new API endpoint for retrieving signed licenses (#11543) 2021-05-12 12:19:25 -07:00
Austin Gebauer 872a4bd25f
Update GCP auth docs for signJwt transition to Service Account Credentials API (#11568) 2021-05-11 16:57:12 -07:00
Meggie ffda908b15
Add functional to logical description (#11263)
Based on the gap analysis.
2021-05-11 10:41:52 -04:00
Dave D'Amico 1d5d576a3e
SIGHUP syntax to update log level (#10972) 2021-05-07 08:30:11 -04:00
Daniela Lavric 48ce69057e
Docs - auth username characters (#11558)
Document acceptable chars for usernames.
2021-05-07 08:17:51 -04:00
Zachary Shilton 3fad03e9ff
website: support hidden pages in nav-data (#11528)
* website: bump to docs-page prerelease, support hidden pages

* website: switch to hidden pages approach for docs and api-docs

* website: remove temporary fix for hidden pages, and related check

* website: fix content structure issue with docs/auth/jwt

* website: bump to latest pre-release

* website: bump to stable docs-page, w next-mdx-remote bump

* website: bump to latest markdown-page
2021-05-06 13:32:25 -04:00
Nick Cabatoff 67374ba14d
Document the sync option for revoke/revoke-prefix. (#11538) 2021-05-06 10:18:46 -04:00
Jason O'Donnell 41ead5fb69
docs: remove duplicate config from csi (#11529) 2021-05-04 16:28:12 -04:00
Hridoy Roy 2945d95cb6
fix ff3 link (#11524) 2021-05-04 09:47:13 -07:00
Jason O'Donnell 194f1b3937
docs: add missing csi mount config (#11518) 2021-05-03 16:54:20 -04:00
Meggie 5d4341e4d6
docs: adding a storage concepts page (#9155)
* Adding a storage concepts page

It very briefly covers some considerations for taking backups.

* Apply suggestions from code review

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

* Updated with some additional comments

* Attempt to further clarify sensitivity

* Update storage.mdx

* More on "Why backup?"

Added HashiConf talk link.

* Update website/content/docs/concepts/storage.mdx

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2021-04-28 10:51:36 -04:00
Artur Frysiak 3da7cdffc7
Fix endpoint path in example (#11437) 2021-04-27 14:53:19 -05:00
Jason O'Donnell ddfe5342c5
docs: add missing configurations for CSI documentation (#11236) 2021-04-26 17:32:00 +01:00
Yoko bc91eef281
[Docs] Add relevant Learn tutorial links (#11440)
* Add cross-links to matching Learn tutorials

* Undo automatic format update by Atom

* Fix a typo

* Fix a grammartical error
2021-04-22 10:09:31 -07:00
Michael Golowka 29d91d09ff
Add note about root_rotation_statements workaround for special chars (#11378) 2021-04-21 12:58:48 -07:00
Nick Cabatoff a62202eb87
Document unauth pprof and the new pprof endpoints. (#11413) 2021-04-21 15:21:59 -04:00
Austin Gebauer 81744c4094
Updates docs for G Suite config in JWT/OIDC auth method (#11418) 2021-04-21 10:59:37 -07:00
Josh Black 06809930a3
Add HTTP response headers for hostname and raft node ID (if applicable) (#11289) 2021-04-20 15:25:04 -07:00
claire bontempo 1f6633fd56
Grammar typo fix (#11357)
* fixes are/is typo

* reverts change - need to checkout to new branch

* fixes is/are typo
2021-04-20 10:11:35 -05:00
xka5h 034442b9ee
Update index.mdx to fix link to vault agent as a windows service link (#11356)
* Update index.mdx

fixed link for windows agent

* removing the 's' in agents

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>

Co-authored-by: Bryce Kalow <bkalow@hashicorp.com>
2021-04-19 11:36:43 -07:00
Noah Fontes 0f45cd37ea
Add community-maintained OAuth 2.0/OIDC secrets plugin to plugin portal docs (#11280) 2021-04-19 11:20:50 -07:00
Calvin Leung Huang a8cafab083
pki: fix tidy removal on revoked entries (#11367)
* pki: fix tidy removal on revoked entries

* add CL entry
2021-04-19 09:40:40 -07:00
Nick Cabatoff 50a471a5e1
Add config docs for leader_tls_servername. (#11369) 2021-04-16 09:40:42 -04:00
Nick Cabatoff 4312c2381e
Clarify non-explicit cloud auth for autosnapshots. (#11370) 2021-04-16 09:14:52 -04:00
Jason O'Donnell cc107171e2
docs: update vault-helm to 0.11.0 (#11355)
* docs: update vault-helm to 0.11.0

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-04-14 11:20:26 -04:00
Tom Proctor 1139ce7cce
Add documentation for vault-csi-provider namespace config (#11344) 2021-04-14 14:53:15 +01:00
Jason O'Donnell 0363fcd3fb
docs: update vault-k8s to 0.10.0 (#11354) 2021-04-14 09:46:28 -04:00
Tom Proctor f932999bda
Add TFE/TFC auth plugin to plugin portal (#11348)
* Add TFE/TFC auth plugin to plugin portal

As requested in #11202, this is an auth plugin designed to be run within TFE/TFC.

* Expand acronyms
2021-04-13 10:22:38 -07:00
Jason O'Donnell 11d779154d
docs: add persistent cache (#11272)
* docs: add persistent cache

* Clarify documentation

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/agent/caching/persistent-caches/kubernetes.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update index.mdx

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/content/docs/agent/caching/index.mdx

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>

* Update index.mdx

* Update kubernetes.mdx

* Resolve conflicts

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2021-04-08 10:19:17 -04:00
Andreas Gruhler 5c35d55b2f
replace reference to version 1.6.4 with 1.7 (#11223)
Co-authored-by: Scott Miller <smiller@hashicorp.com>
2021-04-07 16:39:59 -05:00
Roger Berlind 2762c45c9b
add Vault Enterprise license page (#11261)
* add Vault Enterprise license page

* move license to index.mdx

* Remove `.mdx` from the hyperlink URL

Co-authored-by: Yoko <yoko@hashicorp.com>
2021-04-07 14:31:06 -07:00
Bryce Kalow d5deb4ba79
website: fix incorrectly formatted frontmatter (#11290) 2021-04-06 15:37:13 -07:00
Nick Cabatoff 70cf7579de
How to create clusters with integrated storage, TLS, and dynamic nodes (#10865) 2021-04-06 17:25:22 -04:00
Bryce Kalow b76a56d40c
feat(website): migrates nav data format and updates docs pages (#11242)
* migrates nav data format and updates docs pages

* removes sidebar_title from content files
2021-04-06 13:49:04 -04:00
Meggie 8898f84a1e
No version reference here (#11237) 2021-03-30 11:44:47 -04:00
Jim Kalafut 11f43ef6a6
Update upgrade guide and changelog with AWS Auth deprecations (#11201) 2021-03-26 15:32:15 -07:00
Jason O'Donnell 6a92a8bd78
docs: add CSI documentation (#11203)
* docs: add CSI documentation

* Fix typos

* Improvements

* Improvements

* Update website/content/docs/platform/k8s/csi/installation.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/configurations.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/configurations.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/examples.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* review feedback

* Fix typo

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/csi/index.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-03-26 11:08:55 -04:00
Kyle MacDonald a3272e7276
website: revert …/integrated-storage path (#11204)
this path was recently changed to /integratedstorage but broke some existing links.
2021-03-25 16:31:20 -04:00
Alex Cahn 284af1cf4b
Adding HSM PKI plugin (#11207)
Adding a newly discovered community plugin
2021-03-25 12:13:37 -07:00
Hridoy Roy 69bde9ec9b
website: fix for ff3-1 doc formatting (#11206) 2021-03-25 14:56:47 -04:00
Jason O'Donnell 081d3e9f03
docs: update vault-helm to 0.10.0 (#11200)
* docs: update vault-helm to 0.10.0

* Missing codeblock

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-03-25 14:53:45 -04:00
Meggie 335dc8423a
Fixing some typos (#11195) 2021-03-25 10:51:31 -04:00
Baljeet Singh 646bddd89a
update transform.mdx (#11105)
Typo on path of creating/updating transformation in api docs. 
Fixed by updating `transform/transformation` to `transform/transformations`
2021-03-24 20:10:27 -05:00
Meggie 11f9c4156f
Update website for 1.7.0 (#11193)
* Stub upgrade guide and version update

* Finalizing upgrade notes

* Fixing clobbered barrier notes
2021-03-24 17:32:23 -04:00
Darshana Sivakumar 5f2995f66b
Create 1.7.0.mdx (#11185)
* Create 1.7.0.mdx

Release notes for Vault 1.7

* Added sidebar, headings

We needed the sidebar and I thought the headings looked better than the
bold text.

* Updated per a note from Darshana

Co-authored-by: Meggie Ladlow <meggie@hashicorp.com>
2021-03-24 17:13:28 -04:00
Alex Milowski ffad2c6eb2
Added Redis Enterprise database plugin (#11111)
Added the link to the Redis Enterprise database plugin GitHub repository.
2021-03-24 12:17:37 -07:00
Nick Cabatoff dbce98c1bb
Client controlled consistency docs (#10990) 2021-03-24 15:09:01 -04:00
Vishal Nayak 2c161a6f6b
Autopilot Docs (#11167) 2021-03-24 10:29:10 -04:00
Austin Gebauer 1eee383ecf
Updates documentation for key management secrets engine (#11172) 2021-03-23 14:14:25 -07:00
Jim Kalafut a9dfaeb765
Update AWS Auth docs for deprecated terms and endpoints (#11146) 2021-03-22 14:15:19 -07:00
Nick Cabatoff e2aadfc157
Update docs for agent's new vault.retry stanza. (#11151) 2021-03-22 12:50:59 -04:00
Vishal Nayak 04876c05fe
Update raft api docs (#10893)
* Update raft api docs

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/content/api-docs/system/storage/raft.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2021-03-20 00:46:08 -04:00
Jason O'Donnell 921979a40f
docs: update vault-k8s to 0.9.0 (#11138)
* docs: update vault-k8s to 0.9.0

* Fix typos

* Update website/content/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/injector/annotations.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add links for auto-auth

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-03-19 11:34:58 -04:00
Scott Miller 689dd3722f
Document mysql (#11112)
* Document MySQL

* Document snapshot, restore, and export-decoded (#11110)

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Add parseTime note

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-03-19 10:34:41 -05:00
Josh Black 5fcc629847
Add log shipper configuration docs (#11014)
* Add log shipper configuration docs

* Fix indentation issue

* Add telemetry

* Updates to logshipper docs

* Add CCC related replication config docs. (#11087)

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Correct formatting

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-03-18 16:41:13 -07:00
Scott Miller 535bcf289e
Fix handling of minimum operations, and forward rotate/config requests to Primary (#11116)
* Boost max_operations to the greater of that specified or absoluteMinOperations

* Forward rotation config requests to the primary

* Reject rotation configs outside the min/max range

* Minor wording fix
2021-03-18 15:08:47 -05:00
Clint 5353279e75
Add command to look up a lease by ID (#11129)
* snapshot

* basic test

* update command and add documentation

* update help text

* typo

* add changelog for lease lookup command

* run go mod vendor

* remove tabs from help output
2021-03-18 11:11:09 -05:00
aphorise eb36b68710
Corrected links for Consul Consistency Modes (#10862) 2021-03-17 16:05:30 -07:00
aphorise 5b6e2bb77a
Docs - Plugin register operator & example add (#10864) 2021-03-17 16:04:51 -07:00
Hridoy Roy 261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] (#10921)
* first docs pass

* filled in read output

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes
2021-03-17 14:29:13 -07:00
Brad 266582628a
Add missing option to raft storage docs (#11041) 2021-03-17 17:25:28 -04:00
Andy Assareh 4ce8896b29
Add note that static role is rotated upon creation (#11126)
It does not appear to be documented that Vault must rotate the password upon static role creation in order to know the password, as it is not provided.
2021-03-17 11:27:04 -05:00
Austin Gebauer f5e7c2d9a8
Updates docs for jwt_supported_algs in JWT/OIDC auth method (#11115) 2021-03-16 14:17:53 -07:00
Hridoy Roy e9e83ff864
Add FF3-1 Tweak Guidance Docs [VAULT-1036] (#10978)
* ff3 guidance docs

* docs upgrade

* address PR comments
2021-03-16 07:57:50 -07:00
Alvaro Miranda Aguilera 3fb284c217
Update oracle.mdx (#11101) 2021-03-15 14:13:40 -06:00
Scott Miller da982c3982
Upgrade notes for the transform engine upgrade bug fix. (#11098)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav

* Reword to encourage upgrade when available
2021-03-12 19:59:50 -06:00
Mark Gritter 8bbf92ef70
Fix typo in limits.mdx (#11103) 2021-03-12 15:46:41 -06:00
Scott Miller c4e8d51c9d
Add upgrade notes for the Transform storage upgrade bug (#11075)
* Add upgrade notes for the Transform storage upgrade bug

* sidenav
2021-03-11 11:23:19 -06:00
Jacob Friedman 5305c439d4
Update init.mdx (#11044)
* Update init.mdx

Updated operator init documentation to try to avoid steering customers towards running Auto Unseal seals with recovery-shares=1 and recovery-threshold=1. This is a bad security posture, as it can allow a single user with access to that recovery share to create root tokens and do other very sensitive tasks.

Also rewrote parts of the HSM/KMS Options section to indicate that recovery-related options are not solely for HSM-mode Vault but are for ANY Auto Unseal seal.

* Update website/content/docs/commands/operator/init.mdx

Adding an appropriate number of recovery-pgp-keys

Co-authored-by: Yoko <yoko@hashicorp.com>

Co-authored-by: Yoko <yoko@hashicorp.com>
2021-03-04 15:57:47 -08:00
Michele Degges 9741f51bee
Removing broken link (#11029) 2021-03-02 12:02:59 -08:00
swayne275 d74f82346b
Add Partial Month Client Count API for Activity Log (#11022)
* sketch out partial month activity log client API

* unit test partialMonthClientCount

* cleanup api

* add api doc, fix test, update api nomenclature to match existing

* cleanup

* add PR changelog file

* integration test for API

* report entities and tokens separately
2021-03-01 16:15:59 -07:00
Brian Kassouf 1bc410783d OSS/ENT Drift 2021-03-01 10:51:04 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027)
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
2021-03-01 10:45:22 -06:00
Brian Kassouf a112161f60
expiration: Add a few metrics to measure revoke queue lengths (#10955)
* expiration: Add a few metrics to measure revoke queue lengths

* Update the metric names

* Add appropriate cluster labels

* Add metrics to docs

* Update jobmanager.go
2021-02-26 16:00:39 -08:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Tom Proctor 45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation (#10967) 2021-02-26 20:38:27 +00:00
Lauren Voswinkel 075898cf73
Add IAM tagging support for iam_user roles in AWS secret engine (#10953)
* Added support for iam_tags for AWS secret roles

This change allows iam_users generated by the secrets engine
to add custom tags in the form of key-value pairs to users
that are created.
2021-02-25 16:03:24 -08:00
Jim Kalafut e60cc11f33
Add configurable exponential backoff to Agent auto-auth (#10964) 2021-02-23 12:04:21 -08:00
Clint b0b121753a
update docs related to OCI alias changes (#10952)
* update docs related to OCI alias changes

* covert CHANGELOG update to a changelog/ entry
2021-02-23 10:08:15 -06:00
Jim Kalafut 4b1557e6ab
Minor update to Secrets engine overview docs (#10977)
The reference to API calls and link to code isn't a good fit here.

Reverts eb3e34d
2021-02-23 07:17:44 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823)
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
2021-02-22 10:57:52 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Austin Gebauer 0017b78919
Adds API docs for max_age role parameter of JWT/OIDC auth method (#10916) 2021-02-19 13:39:58 -08:00
Nick Cabatoff 81105274d1
Add docs for Agent's template_retry option added in #10644, based on those from consul-template configuration. Also fix some existing config docs that weren't adhering to our conventions. (#10911) 2021-02-18 11:24:36 -08:00
Brian Fox 7f6ec265a1
Update KV Secrets Engine index (#10933)
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.
2021-02-17 14:27:37 -08:00
Nick Cabatoff 1b789f5ae5
Note that all local mounts are impacted, including on primary. (#10807) 2021-02-16 10:37:37 -05:00
Rosemary Wang a48db957ca
docs: Update Azure AD OIDC documentation (#10853)
Addresses #8191 with clearer external groups configuration.
2021-02-12 17:28:00 -08:00
Mark Gritter a8d2e6e350
Added a table showing the entity alias name used by each auth method. (#10908)
* Also corrected the text about token auth method.
2021-02-11 18:34:45 -06:00
aphorise 17003328ab
Docs - Namespace monitoring corrected examples (#10863)
Re-doing PR #10305
2021-02-11 11:32:52 -06:00
Tom Proctor 5f9891f992
auth/kubernetes docs: Correct default issuer (#10900)
As per 207d1b4c1c/path_login.go (L24), the default issuer when none is set is `kubernetes/serviceaccount`.
2021-02-11 15:26:34 +00:00
Vishal Nayak 53cb1deb38
Revert "Read-replica instead of non-voter (#10875)" (#10890)
This reverts commit fc745670cf34821f5834357d9caebc3351dbc1e7.
2021-02-10 16:41:58 -05:00
Vishal Nayak a2394e7353
Read-replica instead of non-voter (#10875) 2021-02-10 09:58:18 -05:00
Jim 7cb100e9a7
Update kubernetes.mdx (#10871)
Add suggestion to validate K8S cluster address and TCP port using cluster-info command and update sample config (line 77) to prompt for validation. Feedback from prospect was that doc is misleading since our sample uses TCP 8443.
2021-02-09 14:50:31 -05:00
jonZlotnik 541079dec3
both serviceaccount and namespace can be splat (#10829)
Needs to be changed in the docs.
Please see commit 70bc47384bedfc895d08d1df17a45b0c4ea8b6de
2021-02-09 11:14:13 -08:00
Scott Miller ad1621dd5f
Add documentation about the horizontal cluster scalability of PKI secret engine operations (#10745)
* Add documentation about the horizontal cluster scalability of PKI secret engine operations

* Mention generate_lease

* cluster terminology

* Discuss generate_lease

* active again

* One more go
2021-02-09 11:00:24 -06:00
Michael Golowka aaa51e975f
Add docs for OpenLDAP dynamic secrets (#10817) 2021-02-05 10:49:29 -07:00
Calvin Leung Huang b1c4b86d7f
approle: add ttl to the secret ID generation response (#10826)
* approle: add ttl to the secret ID generation response

* approle: move TTL derivation into helper func

* changelog: add changelog entry

* docs: update approle docs and api-docs pages
2021-02-03 16:32:16 -08:00
Jason O'Donnell 84cb949802
k8s doc: update for 0.9.1 and 0.8.0 releases (#10825)
* k8s doc: update for 0.9.1 and 0.8.0 releases

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-02-02 16:37:34 -05:00
Josh Black 449b9ddedb
Clarify docs around using the Vault Agent as a windows service (#10519) 2021-02-01 10:03:42 -08:00
Mark Gritter 3ec15c4927
Fix use of identity/group endpoint to edit group by name (#10812)
* Updates identity/group to allow updating a group by name (#10223)
* Now that lookup by name is outside handleGroupUpdateCommon, do not
use the second name lookup as the object to update.
* Added changelog.

Co-authored-by: dr-db <25711615+dr-db@users.noreply.github.com>
2021-01-29 16:50:08 -06:00
Mike Green 588ce498d3
clarify space limits in bytes (#10811) 2021-01-29 14:43:48 -05:00
Nick Cabatoff 936ce3ba62
Document identity behaviour on local auth mounts. (#10805) 2021-01-28 11:45:53 -05:00
Hridoy Roy 17e20bdaa6
docs change for max request size community PR (#10723) 2021-01-27 10:02:00 -08:00
Hridoy Roy 537189cab8
make token create case insensitive [VAULT-1021] (#10743)
* make token create case insensitive

* changelog

* comment update
2021-01-27 09:56:54 -08:00
Hridoy Roy d1241b5286
changelog for entropy augmentation PR [VAULT-1179] (#10755)
* changelog for entropy augmentation

* docs upgrade

* docs upgrade

* docs upgrade

* docs upgrade
2021-01-26 21:06:38 -08:00
Aleksandr Bezobchuk 46c3f1f7bc
docs: update "Policy Syntax" section (#10590)
Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 22:14:47 -06:00
Aleksandr Bezobchuk 2ec8f9a222
metrics: activity log (#10514)
* core: add vault.identity.entity.active.monthly log
* Fixed end-of-month metrics and unit test.
* Added metric covering month-to-date (not broken down by namespace.)
* Updated documentation
* Added changelog.

Co-authored-by: mgritter <mgritter@hashicorp.com>
2021-01-26 16:37:07 -06:00
Jim Kalafut fb049caa7f
Clarify agent lease renewal docs (#10772) 2021-01-26 12:07:59 -08:00
John Eikenberry 1ecd3464eb
fix deep links to consul-template docs (#10768) 2021-01-25 16:42:19 -08:00
Mike Green b0d5660765
Clarify slash is needed on gcs and azure (#10710)
Clarify user question, unexpected behavior with no slash on gcs.
2021-01-21 12:32:24 -05:00
Lauren Voswinkel 086e8bbb74
Updates api-docs for static role deletion (#10736)
We now specify that the user will remain unless cleaned up manually
2021-01-20 12:57:00 -08:00
Nick Cabatoff b93c5ff304
Spell out how to configure credentials for GCS. (#10589) 2021-01-20 09:09:23 -05:00
Lauren Voswinkel 1ec64fd010
Update Snowflake docs (#10691)
* Update Snowflake docs

Snowflake docs had an issue, `DEFAULT ROLE` should be `DEFAULT_ROLE`

* Update docs to show an actual username
2021-01-13 14:59:16 -08:00
Eugene R 331529fc94
Aerospike storage backend (#10131)
* add an Aerospike storage backend

* go mod vendor

* add Aerospike storage configuration docs

* review fixes

* bump aerospike client to v3.1.1

* rename the defaultHostname variable

* relocate the docs page
2021-01-12 15:26:07 -08:00
Scott Miller 77d27cb968
Add NIST guidance on rotating keys used for AES-GCM encryption (#10612)
* Add NIST guidance on rotating keys used for AES-GCM encryption

* Capture more places barrier encryption is used

* spacing issue

* Probabilistically track an estimated encryption count by key term

* Un-reorder imports

* wip

* get rid of sampling
2021-01-07 15:37:37 -06:00
Theron Voran c788e98a16
Adding documentation for multiple vault-k8s replicas (#10659)
Describes the setup and config for using multiple injector replicas
with auto and manual TLS.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-01-07 12:22:21 -08:00
Mark Gritter d076d95d37
Feature flags API (#10613)
* Added sys/internal/ui/feature-flags endpoint.
* Added documentation for new API endpoint.
* Added integration test.
Co-authored-by: swayne275 <swayne@hashicorp.com>
2021-01-06 16:05:00 -06:00
Jim Kalafut 9064097c5d
Make example Okta creds more obviously fake (#10639) 2021-01-06 10:05:23 -08:00
Lauren Voswinkel ce90acd68d
Add Snowflake docs to the website (#10617)
* Add snowflake docs to the website

* Update navs

* Add Snowflake to the DB Capabilities table
2021-01-05 14:44:28 -08:00
Jason O'Donnell abfb92173c
docs: update Vault Helm to 0.9.0 (#10656)
* docs: update vault-helm for 0.9.0

* Fix typo in leaderElector config

* Add default value to ttl

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add affinity default for injector

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2021-01-05 16:46:20 -05:00
Nick Cabatoff 5c446d9d53
Clarify which seal/recovery config we mean. (#10634) 2021-01-04 10:31:36 -05:00
Nick Cabatoff 69e68c4d0d
Document constraints re primary vs secondary clusters. (#10527) 2021-01-04 08:35:17 -05:00
Jeff Escalante ec620a7765
Implement MDX Remote (#10581)
* implement mdx remote

* fix an unfenced code block

* fix partials path

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-12-17 16:53:33 -05:00