luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
9267 commits 1 branch 0 tags 214 MiB
Commit graph

379 commits

Author SHA1 Message Date
Geoff Meakin 3085c53ffe Update relatedtools.html.md (#5287) 
Add ansible-modules-hashivault to the list of third-party tools
 2018-09-06 08:37:03 -07:00
Jeff Mitchell c9b06f3b62
Remove certificates from store if tidying revoked certificates (#5231) 
This will cause them to be removed even if they have not expired yet,
whereas before it would simply leave them in the store until they were
expired, but remove from revocation info.
 2018-09-05 11:47:27 -04:00
Jeff Mitchell 761f06d3a3
Update index.html.md 2018-09-04 12:15:05 -04:00
Chris Hoffman 774359f3b5
adding namespaces example 2018-08-29 11:26:23 -04:00
Brian Kassouf 85f06f7e88
Add Performance Standby Docs (#5214) 
* Add Performance Standby Docs

* Review updates
 2018-08-28 12:48:02 -07:00
Jeff Mitchell 5cf0e3e87e
Update API section index file with fixes, updates, and namespace info. (#5213) 2018-08-28 12:33:19 -07:00
Jim Kalafut abe86a48f4 Fix Azure Secrets API example 2018-08-27 20:44:00 -06:00
Becca Petrin 55b3dfbcc0
use ldaps in docs (#5180) 2018-08-24 10:36:20 -07:00
Laura Gjerman-Uva 70bf87c25b Update ad/creds/:rolename endpoint to include the table with method/path for consistency/clarity. Also, remove payload.json from example, since this endpoint doesn't take a payload. (#5172) 2018-08-24 09:19:51 -07:00
Jim Kalafut 7eb0403ad2
Fix Azure Secrets docs error 2018-08-23 14:27:47 -07:00
Becca Petrin fb6a06a3fe
Alibaba auth docs (#5132) 2018-08-22 10:23:33 -07:00
Hugo Wood 203269a5d4 JWT/OIDC documentation fixes (#5157) 
* Fix argument name in JWT/OIDC login CLI example

* Fix groups_claim documented as required when creating roles for JWT/OIDC
 2018-08-22 10:44:08 -04:00
Jeff Mitchell e58a8a63a7
Add the ability to specify token CIDR restrictions on secret IDs. (#5136) 
Fixes #5034
 2018-08-21 11:54:04 -04:00
Jeff Mitchell 051bb9fc13
Two PKI improvements: (#5134) 
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
 2018-08-21 11:20:57 -04:00
Chris Hoffman 4d574c1d6c
adding namespace docs (#5133) 2018-08-17 12:17:11 -04:00
Chris Hoffman d25b7fa477
Add additional clarification 2018-08-17 08:55:49 -04:00
Raja Nadar 797141f8ae vaultsharp - multi platform capabilities (#5127) 2018-08-17 08:47:16 -04:00
Clint 96d8bd4bf7 [WIP] Support custom max Nomad token name length [supersedes https://github.com/hashicorp/vault/pull/4361] (#5117) 
* Nomad: updating max token length to 256

* Initial support for supporting custom max token name length for Nomad

* simplify/correct tests

* document nomad max_token_name_length

* removed support for max token length env var. Rename field for clarity

* cleanups after removing env var support

* move RandomWithPrefix to testhelpers

* fix spelling

* Remove default 256 value. Use zero as a sentinel value and ignore it

* update docs
 2018-08-16 15:48:23 -04:00
Jim Kalafut 4ced3b0f77
Initial Azure Secrets docs (#5121) 2018-08-16 12:10:56 -07:00
Joel Thompson 0941c7a24a Make AWS credential types more explicit (#4360) 
* Make AWS credential types more explicit

The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.

With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.

Fixes #4229
Fixes #3751
Fixes #2817

* Add missing write action to STS endpoint

* Allow unsetting policy_document with empty string

This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.

* Respond to some PR feedback

* Refactor and simplify role reading/upgrading

This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.

* Eliminate duplicated AWS secret test code

The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.

* Switch to use AWS ARN parser
 2018-08-16 06:38:13 -04:00
Jim Kalafut 92f0e1a39e Revert "Add ttl parameter to pki api docs (#5063)" 
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
 2018-08-13 09:34:05 -07:00
Jim Kalafut 7b7f1cc7ff
Add ttl parameter to pki api docs (#5063) 2018-08-08 09:12:14 -07:00
Jeff Escalante 2a21e85580 html syntax corrections (#5009) 2018-08-07 10:34:35 -07:00
Olivier Lemasle fcb82c2444 Fix two errors in docs (#5042) 
Two small errors in documentation
 2018-08-03 14:26:46 -07:00
Raja Nadar 56fcd2e7b3 .net 2.0 standard leap (#5019) 
2.0 is more conducive for consumers
 2018-08-01 08:57:49 -04:00
Sean Malloy 7e9ec5afb4 Fix GCP auth docs typo (#5017) 
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
 2018-07-31 10:57:34 -04:00
Chris Hoffman 083157cb24
adding environment to azure auth docs (#5004) 2018-07-27 08:33:20 -04:00
Chris Hoffman d02284657e
adding missing properties (#5003) 2018-07-27 08:19:12 -04:00
Chris Hoffman b37c05cf64
updating azure auth plugin and docs (#4975) 2018-07-23 10:00:44 -04:00
Tomohisa Oda 9ff2081e8b add sequelize-vault to third-party tools (#4945) 2018-07-17 21:45:37 -07:00
dmicanzerofox a3d067c00b PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired (#4916) 2018-07-13 09:32:32 -04:00
Seth Vargo a379989da4 Update GCP docs (#4898) 
* Consistently use "Google Cloud" where appropriate

* Update GCP docs

This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
 2018-07-11 15:52:22 -04:00
Jeff Mitchell 2322eabc68
Add jwt auth docs (#4891) 2018-07-11 15:08:49 -04:00
Jeff Mitchell 935c045cfa
Fix permitted dns domain handling (#4905) 
It should not require a period to indicate subdomains being allowed

Fixes #4863
 2018-07-11 12:44:49 -04:00
Seth Vargo 408fc1eac0 Properly capitalize H in GitHub (#4889) 
It's really bothering me, sorry.
 2018-07-10 08:11:03 -07:00
Jeff Mitchell bfb7ba3843 Remove vault.rocks from some that were missed 2018-07-10 10:47:30 -04:00
Jeff Mitchell 8f45bc69ba Fix tuning visibility in CLI (#4827) 
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
 2018-07-02 12:13:25 -04:00
Chris Hoffman 6f5b8c0e6f
adding sample request to key status api docs (#4853) 2018-06-29 09:17:51 -04:00
Becca Petrin 73cbbe2a9f Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00
Becca Petrin d9ac83569b
clarify aws role tag doc (#4797) 2018-06-19 15:59:57 -07:00
Becca Petrin 71977637d4
Update Active Directory secret engine docs (#4788) 
* active directory rotate root docs

* update doc
 2018-06-19 09:11:46 -07:00
Jeff Mitchell cffb1183a8
Database updates (#4787) 
* Database updates

* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted

Fixes #3544
Fixes #4782

* Add create/update info to docs
 2018-06-19 11:24:28 -04:00
Mr Talbot 5551a63221 pki: add ext_key_usage to mirror key_usage and add to sign-verbatim (#4777) 
* pki: add ext_key_usage parameter to role

* pki: add key_usage and ext_key_usage parameter to sign-verbatim

* pki: cleanup code as per comments
 2018-06-15 18:20:43 -04:00
Jeff Mitchell 91ca3d4b7f
Add URI SANs (#4767) 2018-06-15 15:32:25 -04:00
Jeff Mitchell 43d9ae5c0a
Update index.html.md 
Fixes #4763
 2018-06-14 10:19:38 -04:00
Brian Kassouf 1b77db5138
Update replication status (#4761) 
* Update replication-performance.html.md

* Update replication-dr.html.md

* Update replication.html.md

* Update replication-dr.html.md

* Update replication-dr.html.md

* Update replication-performance.html.md

* Update replication.html.md
 2018-06-13 16:43:39 -07:00
Eli Oxman 68ce3bed34 Add async python client to docs (#4698) 2018-06-05 10:23:56 -04:00
Becca Petrin 9228659c5c
add formatter to ad docs (#4653) 2018-05-29 16:47:46 -07:00
Jeff Mitchell bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification 
Rekey verification, allowing new key shares to be confirmed before committing the new key.
 2018-05-29 15:00:07 -04:00
Becca Petrin 606889f005
Docs for the upcoming Active Directory secrets engine (#4612) 2018-05-29 08:49:09 -07:00
Jeff Mitchell bd0ac25eb9
Merge branch 'master' into rekey-verification 2018-05-29 10:19:57 -04:00
Becca Petrin 12976bf60e add userpass note on bound cidrs (#4610) 2018-05-25 14:35:09 -04:00
Jeff Mitchell 52cb8234a6 Changelogify and fix some minor website bits 2018-05-25 10:39:23 -04:00
Nicholas Jackson 17460461a0 Breakout parameters for x.509 certificate login (#4463) 2018-05-25 10:34:46 -04:00
nelson 196d054f70 Update kv-v2.html.md (#4614) 
correct the payload format for "Configure the KV Engine" and "Update Metadata"
 2018-05-24 12:44:44 -04:00
Chris Hoffman d066c4a2a8
remove incorrect parameter 2018-05-23 08:58:27 -04:00
Jeff Mitchell 635fd18bf6 Minor website doc updates 2018-05-22 15:12:12 -04:00
Chris Hoffman ae43f2c25e
adding options information to mount endpoint (#4606) 2018-05-21 16:39:43 -04:00
Jeff Mitchell 3e0dbc5ea7 Remove dupe website text 2018-05-21 16:30:45 -04:00
Jeff Mitchell 8ad0bbbc44 Address feedback 2018-05-21 16:13:38 -04:00
Jeff Mitchell 27ab8d1a20 Add verification documentation 2018-05-21 12:00:36 -04:00
Jeff Mitchell c737778c8d Make description of prehashed a bit more friendly 2018-05-21 09:08:22 -04:00
Jeff Mitchell 3a568b6175 Update key_type parameter description 2018-05-19 12:20:37 -04:00
Kevin Paulisse 6d93ea4d77 Docs: Clarify that revoking token revokes dynamic secrets (#4592) 2018-05-18 23:27:53 -07:00
Jeff Mitchell 5a35dac726 Add missing drsecondarycode to health API docs 2018-05-18 12:39:13 -04:00
Jeff Mitchell 30dc66221c Flip documented resolve_aws_unique_id value 
Fixes #4583
 2018-05-18 12:05:52 -04:00
Jim Kalafut 5dcfc63ee6
Fix GCP API parameter docs 2018-05-17 08:54:25 -07:00
Andrew Slattery 3bd38517eb Update KV response code (#4568) 
Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.
 2018-05-17 08:46:19 -07:00
Jeff Mitchell ec876c21b3 Update website ldap url text 2018-05-16 11:58:10 -04:00
Seth Vargo a4fa046730 Update GCP secrets to be example-driven (#4539) 
👍
 2018-05-10 16:58:22 -04:00
Becca Petrin 76c717b081
Restrict cert auth by CIDR (#4478) 2018-05-09 15:39:55 -07:00
Jeff Mitchell 274732733e Clarify that rotate requires sudo 2018-05-09 10:19:35 -04:00
Jacob Friedman 67b8d3dc40 Changed DR docs page to fix generating secondary DR token (#4521) 
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
 2018-05-08 13:35:48 -07:00
vishalnayak f95a913bd5 docs: s/entity/group-alias 2018-05-08 16:32:35 -04:00
Jeff 9b9be9622a Typo (#4505) 2018-05-03 13:37:44 -07:00
Laura Uva cef1b3b75c Payload key should be dr_operation_token (#4498) 2018-05-02 18:35:51 -07:00
Nándor István Krácser 9cf56fe0df Fix mapping read paths (#4448) 2018-04-25 09:22:30 -04:00
vishalnayak 94f28e3c24 Merge branch 'master-oss' into approle-local-secretid 2018-04-24 16:17:56 -04:00
Brian Shumate c35fe4e6f0 Update curl commands / replace invalid '--payload' flag (#4440) 2018-04-24 11:20:29 -04:00
vishalnayak 6b7a042003 error on enable_local_secret_ids update after role creation 2018-04-23 17:05:53 -04:00
vishalnayak 97d146ca69 update docs 2018-04-23 16:54:23 -04:00
Jeff Mitchell 6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. (#4412) 
Fixes #815
 2018-04-21 10:49:16 -04:00
vishalnayak da1d68969c docs: update accessor lookup response 2018-04-17 11:52:58 -04:00
vishalnayak 6e827d2b27 docs: update token lookup response 2018-04-17 11:40:00 -04:00
Sohex efd0023d89 Update index.html.md (#4372) 
Remove duplicate of max_ttl description from end of period description under create role parameters.
 2018-04-17 11:05:50 -04:00
Calvin Leung Huang 7ba953b969
Add docs for internal UI mounts endpoint (#4369) 
* Add docs for internal UI mounts endpoint

* Update description section
 2018-04-16 12:13:58 -04:00
Jeff Mitchell 530121c655
Add ability to disable an entity (#4353) 2018-04-13 21:49:40 -04:00
Jeff Mitchell 99cf5c6054 Fix token store role documentation around explicit max ttl 2018-04-13 09:59:12 -04:00
Brian Kassouf a8b8ca136e
KV: Update 'versioned' naming to 'v2' (#4293) 
* Update 'versioned' naming to 'v2'

* Make sure options are set

* Fix description of auth flag

* Review feedback
 2018-04-09 09:39:32 -07:00
Chris Hoffman f6a3a76f25
Docs for configuration UI headers (#4313) 
* adding /sys/config/ui headers

* adding /sys/config/ui headers
 2018-04-09 12:21:02 -04:00
Chris Hoffman 19f9f6ee89
Root Credential Rotation Docs (#4312) 
* updating root credential docs

* more docs updates

* more docs updates
 2018-04-09 12:20:29 -04:00
Matthew Irish cff34e983f
UI - pki updates (#4291) 
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
 2018-04-08 21:09:29 -05:00
Brian Kassouf 62ce5ec91d
Versioned K/V docs (#4259) 
* Work on kv docs

* Add more kv docs

* Update kv docs

* More docs updates

* address some review coments
 2018-04-03 23:22:41 -07:00
Jeff Mitchell f5ba4796f5
Case insensitive behavior for LDAP (#4238) 2018-04-03 09:52:43 -04:00
Vishal Nayak 96fc0c2509
Update group alias by ID (#4237) 
* update group alias by id

* update docs
 2018-04-02 10:42:01 -04:00
Vishal Nayak ab3579aeb6
add entity merge API to docs (#4234) 2018-04-01 12:59:57 -04:00
Jeff Mitchell 2f90e0c2e1 Merge branch 'master-oss' into 0.10-beta 2018-03-27 12:40:30 -04:00
Yoko d03056eed3
Update Github auth method API reference (#4202) 
* Update Github auth method API reference

* Replaced vault.rocks in API
 2018-03-26 16:56:14 -07:00
Seth Vargo 0b827774ae Drop vault.rocks (#4186) 2018-03-23 11:41:51 -04:00
Chris Hoffman b7ef4a3a6f
adding Azure docs (#4185) 
Adding Azure Auth Method docs
 2018-03-22 18:28:42 -04:00