luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
12256 commits 1 branch 0 tags 214 MiB
Commit graph

166 commits

Author SHA1 Message Date
Austin Gebauer 965f95239a
docs: clarify when plugin executables must also be given mlock syscall ability (#9275) 2020-06-22 10:05:15 -07:00
Johnathan Schmidt ab4e072bb6
Add the static-roles feature for MSSQL (#9062) 2020-06-19 23:01:06 -07:00
Scott Miller 632c86ecc1
Add new Telemetry config options (#9238) 
* Add new Telemetry config options

Add cluster_name, maximum_gauge_cardinality, and usage_gauge_period
configuration options to the config stanza.

Update unit tests.

Document.

Co-authored-by: Mark Gritter <mgritter@hashicorp.com>
 2020-06-17 10:07:33 -05:00
Jason O'Donnell e8db47f92d
docs/agent: add overview for consul template fetches (#9227) 
* docs/vault-k8s: add overview for consul template fetches

* Add dynamic role link

* move to agent documentation, add link

* fix typo in certificate doc

* fix note about leased secrets

* update secret vs token, add note to pki

* add more secret vs token notes

* add note about caching
 2020-06-15 15:49:35 -04:00
Austin Gebauer d9fbd04a33
docs: fix typo in gcp and gcpkms secrets (#9228) 2020-06-15 11:57:51 -07:00
Matt Whiteley 922f9374c6
Fix typo (#9217) 
correct parameter is `leader_ca_cert_file`
 2020-06-15 14:36:15 -04:00
Michael Golowka 1a8b7765bc
Add password policies to Active Directory secret engine (#9144) 
* Also updates AD docs to reflect password policies
 2020-06-15 10:36:17 -06:00
Jim Kalafut 320e9ecb92
Minor transform docs rewording (#9223) 2020-06-14 20:53:36 -07:00
Michael Golowka a89f09802d
Integrate password policies into RabbitMQ secret engine (#9143) 
* Add password policies to RabbitMQ & update docs
* Also updates some parts of the password policies to aid/fix testing
 2020-06-11 16:08:20 -06:00
ncabatoff 9cc77b94a8
Clarify cache setting. (#9204) 2020-06-11 16:20:36 -04:00
Andy Assareh e8a36eb752
replacing "a key usage mode" as it is confusing (#9194) 
Since the context of this page is transit and encryption keys, the use of the word "key" to mean effectively common seems ill advised. Proposing an alternative wording.
 2020-06-11 07:50:31 -04:00
Theron Voran e1a432a167
AWS: Add iam_groups parameter to role create/update (#8811) 
Allows vault roles to be associated with IAM groups in the AWS
secrets engine, since IAM groups are a recommended way to manage
IAM user policies. IAM users generated against a vault role will
be added to the IAM Groups. For a credential type of
`assumed_role` or `federation_token`, the policies sent to the
corresponding AWS call (sts:AssumeRole or sts:GetFederation) will
be the policies from each group in `iam_groups` combined with the
`policy_document` and `policy_arns` parameters.

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-06-09 16:56:12 -07:00
Rob Taylor 76e78605a9
Fixed minor typo in secrets documentation page (#8856) 2020-06-08 11:17:26 -04:00
Frederic Hemberger 4e13db3912
[docs/telemetry] Unnecessary comma in HCL example (#8817) 2020-06-08 11:07:28 -04:00
Rob Jackson 38ca50cdd9
update to include vault_format (#8876) 2020-06-08 10:40:03 -04:00
Calvin Leung Huang 0565e28592
docs: document raft and mlock interaction (#9093) 
* docs: document raft and mlock interaction

* docs: expand on mlock issue when raft is used

* Update website/pages/docs/configuration/index.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
 2020-06-05 15:02:55 -07:00
Scott Miller e2d5d92b77
Github markdown doesn't use "^" for superscript, have to be explicit (#9156) 2020-06-05 16:55:33 -05:00
Scott Miller f8f4ae4ab2
Document and give an example of the input size limits when using the FF3-1 transform. (#9151) 
* Document and give an example of the input size limits when using the FF3-1
transform.
 2020-06-05 07:45:18 -05:00
Jason O'Donnell e0e29a9586
docs/k8s: Add OpenShift K8s beta documentation (#9135) 
* doc/k8s: add OpenShift examples

* Update requirements

* Update website/pages/docs/platform/k8s/helm/openshift.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Fix ha example

* Fix ha doc

* Update image references

* Fix formatting

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2020-06-03 15:10:37 -04:00
Dave D'Amico a60ba90a20
updated 1.3.2 and 1.4.0 upgrade guides to note AWS STS region issue fixed in 1.4.1 (#9137) 2020-06-03 10:27:45 -07:00
Theron Voran 7622bee530
Docs updates for vault-helm 0.6.0 release (#9116) 
* Docs updates for vault-helm 0.6.0 release

* added openshift and postStart values

* noting that openshift support is a beta feature
 2020-06-03 11:44:32 -04:00
Theron Voran fa17e22050
Docs updates for vault-k8s 0.4.0 (#9107) 
* Adding changes for vault-k8s 0.4.0

* add note about run-as-same-user rejecting root
 2020-06-03 10:06:20 -04:00
Brian Kassouf fbd9fd4510
Fix upgrade guide (#9133) 2020-06-02 16:27:19 -07:00
Michael Golowka 5ca4d819d1
Update OpenLDAP Secrets Docs with Password Policies (#9088) 
* Update OpenLDAP docs to use password policies
 2020-06-02 11:34:01 -06:00
Michael Golowka bd587da491
Add docs for password policies (#8974) 
* Add docs for password policies
 2020-06-02 11:12:22 -06:00
Alexander Bezobchuk 9dd67cbeb6
Merge PR #9027: Integrated Storage (Raft): Add Support for max_entry_size Config 2020-06-01 10:17:24 -04:00
dddugan a098e313a9
correct sockaddr.is_contained example (#9104) 
Syntax for sockaddr.is_contained should be outer, inner - i.e. range, IP. See https://docs.hashicorp.com/sentinel/imports/sockaddr/ for reference.
 2020-05-29 10:51:31 -07:00
ncabatoff 9987b71a36
Update seal docs to reflect 1.3 changes. (#9086) 2020-05-29 13:28:03 -04:00
Christophe Drevet-Droguet 932c1834cc
ssh certificate signing: fix documentation of extensions (#8859) 2020-05-29 13:23:19 -04:00
Elthariel 3a07bd0bc4
doc: Add an example of templated policy using k8s metadata (#9101) 2020-05-28 17:54:56 -07:00
ncabatoff d8c52a4b44
Add note regarding LDAP regression. (#9038) 2020-05-27 12:29:30 -04:00
Thomas L. Kula 3ce9615992
Allow auto_auth with templates without specifying a sink (#8812) 
For situations where you want the Vault agent to handle one or more templates but do not require the acquired credentials elsewhere.

Modify the logic in SyncServer so that if there are no sinks, ignore any new credentials. Since SyncServer is responsible for shutting down the agent, make sure it still properly shuts down in this new situation.

Solves #7988
 2020-05-26 13:52:14 -04:00
Jim Kalafut a9d7d34ede
Update release notes (#9064) 2020-05-21 18:51:19 -07:00
Jeff Escalante 8eed94b072
🌷 Docs Website Maintenance (#8985) 
* website maintenance round
* improve docs, revert bug workaround as it was fixed
* boost memory
* remove unnecessary code
 2020-05-21 13:18:17 -04:00
Lauren Voswinkel 8fc08f8c91
Require TLS or plaintext flagging in MySQL configuration (#9012) 
* Adds a safety switch to configuration files.

This requires a user to either use TLS, or acknowledge that they are sending
credentials over plaintext.

* Warn if plaintext credentials will be passed

* Add true/false support to the plaintext transmission ack

* Updated website docs and ensured ToLower is used for true comparison
 2020-05-21 09:09:37 -07:00
Jason O'Donnell 4b2a72c616
doc: clarify token helper intro (#9058) 2020-05-21 10:11:32 -04:00
Jason O'Donnell 1845ef6d2e
doc: add environment variable template example (#9019) 
* doc: add environment variable template example

* Update website/pages/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
 2020-05-18 15:51:17 -04:00
Theron Voran b7a9fb8566
docs: updating helm configuration (#8973) 
Added helm configs that were changed/added in vault-helm
0.5.0. Also corrected the data type of a few config parameters.
 2020-05-18 11:08:40 -07:00
Tyler Reid fbbd4fcf2d
docs: fix agent listener link (#9003) 2020-05-15 06:51:52 -05:00
Scott Miller d1ba50384a
Soften the warning language on PKCS #1 v1.5 padding (#8988) 
* Soften the warning language on PKCS #1 v1.5 padding
 2020-05-14 12:29:21 -05:00
Jim Kalafut 5825b23013
Add 1.4.1 upgrade guide (#8981) 2020-05-13 16:55:32 -07:00
Jason O'Donnell f65cd64696
doc: add notes about injector annotations (#8992) 2020-05-13 16:43:34 -04:00
Clement Chauplannaz c33cd93b93
Typo in policies.mdx (#8850) 2020-05-13 15:17:41 -04:00
ncabatoff 98f32a94a9
Static roles aren't supported yet for atlas. (#8989) 2020-05-13 12:13:29 -04:00
Scott Miller 8805a7b45c
Warn in the documentation against the use of CKM_RSA_PKCS. (#8982) 
* Warn in the documentation against the use of CKM_RSA_PKCS

* tweak

* Roger roger.
 2020-05-12 10:56:41 -05:00
Vishal Nayak 72c4e3c7af
Doc: seal migration update (#8724) 
* Doc: seal migration update

* s/Auto Unseal/KMS Seal

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* s/Recovery/recovery

* remove 'at this point'

* Address review comments

* Address review feedback

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Update website/pages/docs/concepts/seal.mdx

Co-Authored-By: Meggie <meggie@hashicorp.com>

* Address review comments

Co-authored-by: Meggie <meggie@hashicorp.com>
 2020-05-12 01:02:59 -04:00
Nicole Forrester 77ad037d9c
Add vault docs redirects & remove deprecated database docs (#8922) 
* website: add redirects for old database docs
* delete deprecated database docs
 2020-05-11 14:20:40 -06:00
Aleksandr Yakimenko 182bfc86f8
Fix minor typos in docs (#8965) 2020-05-11 11:12:48 -04:00
Lauren Voswinkel a1f674c53c
Removing some unnecessary escape characters from Agent docs (#8957) 
* Fix formatting of the Vault Agent docs
 2020-05-09 12:52:13 -07:00
Jim Kalafut 446370d94c
Update Azure Auth docs (#8963) 2020-05-08 16:20:08 -07:00