tdsacilowski
887e77c2ae
Agent JWT auto auth remove_jwt_after_reading
config option ( #11969 )
...
Add a new config option for Vault Agent's JWT auto auth
`remove_jwt_after_reading`, which defaults to true. Can stop
Agent from attempting to delete the file, which is useful in k8s
where the service account JWT is mounted as a read-only file
and so any attempt to delete it generates spammy error logs.
When leaving the JWT file in place, the read period for new
tokens is 1 minute instead of 500ms to reflect the assumption
that there will always be a file there, so finding a file does not
provide any signal that it needs to be re-read. Kubernetes
has a minimum TTL of 10 minutes for tokens, so a period of
1 minute gives Agent plenty of time to detect new tokens,
without leaving it too unresponsive. We may want to add a
config option to override these default periods in the future.
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2022-07-25 07:42:09 -06:00
Jason O'Donnell
140406143e
command/server: add dev-tls flag ( #16421 )
...
* command/server: add dev-tls flag
* Add website documentation
* changelog
* Lower file permissions
* Update cert gen per review
* Add dev-tls-cert-dir flag and cert clean up
* fmt
* Update cert generation per review
* Remove unused function
* Add better error messages
* Log errors in cleanup, fix directory not existing bug
* Remove hidden flag from -dev-tls-cert-dir
* Add usage
* Update 16421.txt
* Update variable names for files
* Remove directory on cleanup
2022-07-22 14:04:03 -04:00
Matt Schultz
31151671ab
Transform tokenization key auto-rotate docs ( #16410 )
...
* Document auto rotate fields for transform tokenization endpoints.
* Update Transform tokenization docs to mention key auto-rotation.
2022-07-21 15:48:58 -05:00
Steven Zamborsky
c0b0c4fde7
Add an "Important Note" regarding EKS CSR approval. ( #16406 )
2022-07-21 13:34:03 -07:00
Austin Gebauer
5062502756
auth/oidc: documents the client_nonce parameter ( #16403 )
2022-07-21 09:34:46 -07:00
Rachel Culpepper
133535fabe
add paths for import endpoints ( #16401 )
2022-07-21 11:19:13 -05:00
Wojtek Czekalski
d05e8d1222
Fix typo in the docs ( #16323 )
...
It's very confusing, `Volumes` are very similar to `volumes` and can cause confusion 😄
2022-07-21 10:42:46 -04:00
Francois BAYART
24b9fa39bc
Update s3.mdx ( #13630 )
...
fix IAM requirements to use KMS key
2022-07-21 10:41:33 -04:00
Jason Peng
08b0cf40d5
Update reload.mdx ( #14207 )
...
To match with the API version of docs- https://www.vaultproject.io/api-docs/system/plugins-reload-backend#sys-plugins-reload-backend .
2022-07-21 10:39:25 -04:00
Barak BD
164d37b11a
Add section for Engine V2 requests ( #14381 )
...
This may be a related issue: https://github.com/hashicorp/vault/issues/7161
2022-07-21 10:38:57 -04:00
Pratik Khasnabis
3e4f4fdd55
Change AWS to Azure in Tutorial section ( #15206 )
...
* Change AWS to Azure in Tutorial section
* trigger ci
Co-authored-by: taoism4504 <loann@hashicorp.com>
2022-07-21 10:36:27 -04:00
Florent Tatard
9dc861a8b3
Missing word ( #16269 )
...
Can't believe this went unnoticed for 5 years :)
2022-07-20 08:54:10 -07:00
Loann Le
58a646c726
updated note ( #16372 )
2022-07-19 16:52:41 -07:00
Andy Assareh
1313a53702
formatting issue - missing list bullet ( #16352 )
2022-07-19 15:51:36 -07:00
Loïc Saint-Roch
3d978605f8
Add HashiBox to community tools ( #16150 )
2022-07-19 11:37:58 -07:00
Rodolfo Castelo Méndez
b44d0ab1df
Information about aws_s3_server_side_encryption ( #16253 )
...
Add when cannot use the combination of parameters.
2022-07-19 11:18:19 -07:00
Jakob Beckmann
d72064cb81
[Kubernetes Secret Engine]: Role namespace configuration possible via LabelSelector ( #16240 )
...
* docs(#16222 ): add documentation for changes in PR hashicorp/vault-plugin-secrets-kubernetes#10
* docs(#16222 ): add changelog entry
* docs(#16222 ): improve documentation to make the use case of setting both allowed_kubernetes_namespaces and allowed_kubernetes_namespace_selector parameters for role configuration
2022-07-19 13:11:45 -05:00
Tom Proctor
460388d957
Docs: Add release notes for MSSQL TDE ( #16326 )
2022-07-19 11:52:59 +01:00
Austin Gebauer
1a71678954
docs/plugin-portal: adds missing HashiCorp supported plugins ( #16346 )
2022-07-18 22:42:49 -07:00
Mạnh Tử
6b3cc4adc0
docs(plugin-portal): added Harbor Robot Account plugin ( #16320 )
2022-07-18 18:03:32 -07:00
Yoko Hyakuna
745ea70434
Fix the contribution guide link ( #16344 )
2022-07-18 16:37:31 -07:00
Robert
8169940284
docs: fix consul secrets feature version ( #16304 )
...
* Move consul_namespace into Consul v1.7 instead of v1.8
2022-07-18 13:03:45 -05:00
Nestor Reyes
e3ce0f0d1d
Update policies.mdx ( #16312 )
...
548 From "builtin" to "built-in" to be consistent with the previous sentence.
589 from "can not" to "cannot"
2022-07-15 15:28:49 -07:00
Kit Haines
a4b5813817
append slash to consul path in doc ( #15260 )
...
Co-authored-by: Chulki Lee <chulki.lee@gmail.com>
2022-07-14 12:27:31 -07:00
Alexander Scheel
0113f8c586
Update localhost:3000 links to be correct ( #16301 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-07-14 12:08:28 -07:00
Yoko Hyakuna
cf0cb3be49
Update the policy examples ( #16297 )
...
* Update the policy examples
* Adjusted the examples
2022-07-14 08:01:22 -07:00
Loann Le
e6b24b09f0
update sys-mfa-doc ( #16291 )
2022-07-13 10:36:52 -07:00
Yoko Hyakuna
485b7b0abe
Remove the callout note about Ent ( #16288 )
2022-07-13 09:00:11 -07:00
Alexander Scheel
662395be90
Back out panic message, add new warning to FIPS docs ( #16243 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-07-12 17:05:45 -04:00
VAL
90bef11019
Fix import statements for auth submodules ( #16278 )
2022-07-12 12:06:44 -07:00
Lucy Davinhart || Strawb System
ebd0da3201
Clarification for local mounts in the context of DR ( #16218 )
...
* Clarification for local mounts in the context of DR
The docs were unclear on this point, so @russparsloe and I looked into it.
Local mounts are indeed replicated to DR secondaries.
This is the opposite of what it says on https://developer.hashicorp.com/vault/tutorials/enterprise/performance-replication#disaster-recovery
> Local backend mounts are not replicated and their use will require existing DR mechanisms if DR is necessary in your implementation.
So that page will also need updating
* changelog
* fix changelog syntax for local mount with DR (#16218 )
2022-07-12 10:17:12 -07:00
Austin Gebauer
4dda00ee1a
auth/oidc: Adds documentation for SecureAuth IdP ( #16274 )
2022-07-12 08:11:55 -07:00
Vishal Nayak
c9e17d6219
Document autopilot config differences at a high level ( #15000 )
...
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2022-07-11 14:37:44 -07:00
Joel Kenny
2f1502556a
docs/configuration: document CockroachDB HA mode ( #16202 )
...
HA support for CockroachDB was added in #12965 . This commit updates the docs
to reflect that support.
2022-07-11 12:00:51 -07:00
Austin Gebauer
647c2eba42
auth/oidc: splits IdP setup guides into separate pages ( #16167 )
2022-07-11 10:20:24 -07:00
Austin Gebauer
c00e605b48
secrets/k8s: updates API docs for kubernetes_host with correct env var ( #16251 )
2022-07-08 08:52:42 -07:00
Steven Clark
d04b143bd5
pki: When a role sets key_type to any ignore key_bits value when signing a csr ( #16246 )
...
* pki: When a role sets key_type to any ignore key_bits value when signing
- Bypass the validation for the role's key_bits value when signing CSRs
if the key_type is set to any. We still validate the key is at least
2048 for RSA backed CSRs as we did in 1.9.x and lower.
2022-07-08 10:56:15 -04:00
Loann Le
e942fae6cc
Vault documentation: added info about new policy flag ( #16244 )
...
* added info about new policy flag
* updated wording
2022-07-07 12:54:27 -07:00
Loann Le
9ebaab28c2
added content for network guidance ( #16242 )
2022-07-07 11:18:45 -07:00
Yoko Hyakuna
c54d33608c
Update 'master key' -> 'root key' ( #16226 )
2022-07-06 16:03:08 -07:00
akshya96
c70a2cd198
Minor grammar correction in help for login command ( #16211 )
...
* Minor grammar correction in help for login command
* Fix login command help
Co-authored-by: Pero P <ppejovic@users.noreply.github.com>
2022-07-06 09:17:11 -07:00
Loann Le
752c7374a9
vault documentation: updated examples to use volumes ( #16175 )
...
* updated examples to use volumes
* Update website/content/docs/platform/k8s/helm/examples/ha-with-consul.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/helm/examples/standalone-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/helm/run.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/content/docs/platform/k8s/helm/run.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2022-07-05 08:32:51 -07:00
Michael Hofer
96e52760e3
docs(seal): improve readability, fix master key occurrence and typos ( #16220 )
2022-07-01 10:21:49 -07:00
Cristian Iaroi
5727762ce5
Adding Vault HydrantID Pki Plugin ( #16058 )
...
repository: https://github.com/PaddyPowerBetfair/vault-plugin-hydrant-pki
raised issue: #16011
also updated docs (link to page for PR)
2022-07-01 07:55:17 -07:00
aphorise
8b5f7da595
Docs/ekm sql provider corrections and troubleshooting ( #15968 )
2022-07-01 10:47:03 +01:00
Alexander Scheel
60add7d2be
Document additional FIPS restrictions ( #16208 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-06-30 16:14:07 -05:00
Alexander Scheel
d4cdafc314
Document PKI root rotation, replacement paths ( #16206 )
...
See also: https://discuss.hashicorp.com/t/missing-pki-secret-engine-api-documentation-for-root-rotate-and-root-replace-endpoints/41215
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2022-06-30 10:45:49 -07:00
AnPucel
7a5d3e80dd
Developer Quickstart docs improvements ( #16199 )
...
- Make the dev quick start link readily available on the client library documentation page
- Move the full code samples to the top of the dev quickstart page so that they're easily accessible.
- Update the api/readme to have a link to the dev quickstart
2022-06-30 08:50:35 -07:00
AnPucel
3215cdbd32
Dynamic parameter for mountpaths in OpenApi Spec generation( #15835 )
...
"generic_mount_paths" query parameter for OpenApiSpec generation
2022-06-30 07:43:04 -07:00
AnPucel
ed9ae70822
Add curl commands to Dev Quickstart guide ( #16176 )
2022-06-29 15:50:48 -07:00