Commit graph

333 commits

Author SHA1 Message Date
Dan Lafeir fe80e136da
Add a specific reference to AWS IAM Unique Identifiers (#8209)
* Add specification about AWS IAM Unique Identifiers

We experienced an issue where IAM roles resources were re-provisioned with the same ARNs and no change had been made to our vault role configuration but users lost access with `-method=aws`. It wasn't immediately clear to us how IAM Unique Identifiers where being used to avoid the same situations outlined in the AWS documentation. We eventually concluded that re-provisioning the roles in our auth/aws/auth would fetch the new IAM Unique Identifiers. 

I hope that this small amendment helps people avoid this problem in the future.
2020-02-04 15:31:48 -08:00
Jamie Finnigan fa2544cf5e
fix <name> entity encoding for Secrets Engines Metrics section (#8290) 2020-02-04 15:06:10 -08:00
glerb 4f25ed2b08
Improve clarity of IAM flow explanation (#8275) 2020-02-03 10:14:09 -08:00
ncabatoff 03b14d8a64
Upgrade okta sdk lib (#8143)
Upgrade to new official Okta sdk lib.  Since it requires an API token, use old unofficial okta lib for no-apitoken case. 

Update test to use newer field names.  Remove obsolete test invalidated by #4798.  Properly handle case where an error was expected and didn't occur.
2020-02-03 12:51:10 -05:00
Jason O'Donnell 8f2347f93a
docs: update vault k8s to 0.2.0 (#8269)
* doc: update vault-k8s to 0.2.0

* Add debugging note
2020-01-31 11:22:39 -05:00
Daniel Spangenberg 1c1d93a21c
Fix default max_open_connections for db plugins (#8262) 2020-01-30 17:33:04 +01:00
Sarai 74a6d02a89
Fix broken link (#8259)
- https://www.vaultproject.io/api/secret/pki/index.html#create-update-role
- https://www.vaultproject.io/api/secret/pki/index.html#createupdate-role
2020-01-30 08:12:24 -08:00
Raoof Mohammed 0b7afcc728
docs: fix api path for merge entity identity doc (#8258) 2020-01-29 08:56:36 -08:00
Michel Vocks f695eb737b
Add Consul TLS options to access API endpoint (#8253) 2020-01-29 09:44:35 +01:00
Michel Vocks 96a6857f0c
Docs: Add nomad TLS options (#8254) 2020-01-29 09:38:54 +01:00
Chris Hoffman 0ebf3c3e40
fixing static pdf compliance letter (#8248) 2020-01-27 15:40:55 -05:00
Theron Voran 890f4b63a6
Show bound_service_accounts in gce example (#8236)
Shows that the GCP auth option `bound_service_accounts` can be used
for gce-type roles as well as iam.
2020-01-27 11:48:21 -08:00
Daniel Spangenberg eea26c6af1
Clarify the k8s helm run docs (#8235) 2020-01-27 14:54:59 +01:00
Chris Hoffman efb2152759
Adding pricing module note for enterprise features (#8217)
* adding pricing module note for enterprise features

* fixing incorrectly committed go.mod
2020-01-24 19:18:22 -05:00
Becca Petrin fc09eb1e6b
Add Kerberos agent docs (#8220)
* add kerberos agent docs

* use relative doc link
2020-01-24 14:40:41 -08:00
Nicole Forrester c5cbb43f39 Website: Update diagram images (#8214) 2020-01-24 14:52:26 -05:00
Aaron Bedra ddf38d8391 Fix example url for sys/wrapping/rewrap (#8222) 2020-01-23 21:09:53 -08:00
Mike Ruth eb592f05fb Update API to include roleset TTL parameter (#8231)
Include documentation on including the TTL parameter for service account key rolesets. [Associated PR](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/54)
2020-01-23 17:54:28 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- 8a8f9029d6
Update Kubernetes docs to include Kubernetes Auth method (#8046)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Split examples into individual pages

* Add Kubernetes Auth Method example

* Remove old examples file

* Fix rebase fail

* Remove global section of yaml files that aren't needed

* Fix minor typos

* Fix typos that didn't get carried over from previous PR

* Re-copy from previous examples file to resolve rebase issues

* update dependencies

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-01-23 13:14:01 -07:00
Jeff Escalante 3511bf8293 [website] fix a couple broken links (#8190)
* fix a couple broken links

* extra redirect

* another shot at redirects
2020-01-22 12:31:42 -08:00
Jeff Escalante 0062ad382d [website] implement postgres/secrets redirect (#8208)
* add secrets/postgresql redirect

* change name of old path

* ensure deprecated pages are not indexed by search engines

* remove deprecated page from navigation
2020-01-22 12:29:37 -08:00
Jeff Escalante 4f87851926 [website] Link Cleaning (#8205)
* update dependencies

* remove hard-coded vaultproject.io on local links

* remove 'index.html' from internal links

* remove '.html' at end of internal links

* manual review cleanup

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-22 12:05:41 -08:00
Clint 3b39b30e12
cleanup formatting on database index doc (#8207) 2020-01-22 09:57:03 -06:00
Calvin Leung Huang ffd90709f3
docs: update entropy augmentation page (#8185)
* docs: update entropy augmentation page

* remove .html extension in links

* remove .html extension in links
2020-01-21 15:05:53 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- d9ed6b845c
Improve Helm chart example for standalone with TLS configuration (#8022)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Fix typos, formatting, and other minor issues

* Use correct header depth for Helm Configuration

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-01-21 15:44:14 -07:00
Clint b7c2acccd9
Website: Fix configuration links from Helm run docs (#8201) 2020-01-21 13:30:35 -06:00
DDd d1b4082fb3 Fix k8s docs for running standalone (#8199)
* instruction for HA was actually for standalone.
2020-01-21 19:46:33 +01:00
Clint 6b16f7521a
update 'learn about the configuration options' link (#8146) 2020-01-21 12:06:42 -06:00
Mikko Ekström 1f034ee380 Fix typo in YAML markup (#8194) 2020-01-20 16:39:51 +01:00
Jim Kalafut fdb7416b02
Fix typo (#8192)
Fixes #8189
2020-01-18 20:18:57 -08:00
Daniel Spangenberg c64c2bf512
Fix k8s injector examples (#8179) 2020-01-18 14:47:18 +01:00
Becca Petrin aebfdc7516
Strip unnecessary payload in AD root cred rotation example (#8160)
* strip unnecessary payload in example

* strip other unnecessary payload
2020-01-17 16:49:36 -08:00
Jeff Escalante df34412570 New Website! (#8154)
* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes
2020-01-17 16:18:09 -08:00