* DB root credential rotation guide
* Fixed typos
* Added a note about creating a dedicated superuser
* Incorporated Chris's feedback
* Added a reference to DB root credential rotation
* Rephrase some of the languages
* Minor re-wording of a sentence
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
* WIP - Spring Cloud Vault Java demo
* Added 'Reloading the Static Secrets' step
* Fixed a typo
* Minor wording change
Remove redundant "a".
* Typos and grammar
Fixed a few misspellings ("spring") and the odd "a", "the", or "an".
Previous version used `read` in stead of `get` for everything but the code block examples.
It's a minor oversight, and most of us are going to skim to the code blocks anyway. But maybe it'll help.
* Update download page to include community resources
+ Added “downloads powered by” text to Fastly icon
+ changed to horizontal grid for download list (vs vertical list)
+ added community resources below page
* Reverting changes from earlier
* Added community links to downloads page
+ added community and getting-started links to sidebar as well
* Updated hero with current logo
* Updated logos in these artifact images as well
* Added Branded Logo
with HashiCorp
* Updated logo with branded logo
(HashiCorp in the name)
* typo
* Wrong spot
* Updated logo
The indentation of the code block in the Consul Secrets Engine doc was
removed in #4224, but the closing backticks remained indented one level,
resulting in the block swallowing all text after it. Removing the
indentation from the closing backticks fixes this.
* WIP - Teddy's webinar
* WIP
* Added more details with diagram
* Fixed a typo
* Added a note about terraform bug with 0.11.4 & 0.11.5
* Minor adjustment
* Fixed typos
* Added matching CLI commands
* Added extra speace for readability
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
* WIP
* Added auto unseal
* Converting to a guide
* Added little more explanations
* Minor fixes
* Fixed a typo
* Fixed a typo
* Changed auto unseal to auto-unseal
* Found more typo... fixed
It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.
* Vault HA guide draft
* Fixed node_id to say node_name based on Brian's input
* Fixed the unwanted hyperlink
* Vault HA guide
* Updated the description of the Vault HA guide
* Typo fixes
* Added a reference to Vault HA with Consule guide
* Incorporated Teddy's feedback
* Fixed an env var name
* Vault configuration has been updated: 'api_addr'
We ran into some confusion about what we should be setting the api_addr config value to. I feel this general recommendation should nudge any others into a better understanding of what this value should point to.
* Adding new guides
* Replaced backend with engine
* Grammar for the encryption guide
* Grammar and Markdown style for the Transite Rewrap guide
See
https://github.com/hashicorp/engineering-docs/blob/master/writing/markdown.md
for notes on numbered Markdown lists.
* grammar and wording updates for ref arch guide
* Updating replication diagram
* Removing multi-tenant pattern guide
* Added a note 'Enterprise Only'
* Removing multi-tenant pattern guide
* Modified the topic order
* Grammar and Markdown formatting
* Grammar, Markdown syntax, and phrasing
* Grammar and Markdown syntax
* Replaced 'backend' with appropriate terms
* Added a note clarifying that replication is an enterprise-only feature
* Updated the diagram & added additional resource links
* update some grammar and ordering
* Removed the inaccurate text in index for EaaS
* Update aws auth docs with new semantics
Moving away from implicitly globbed bound_iam_role_arn and
bound_iam_instance_profile_arn variables to make them explicit
* Refactor tests to reduce duplication
auth/aws EC2 login tests had the same flow duplicated a few times, so
refactoring to reduce duplication
* Add tests for aws auth explicit wildcard constraints
* Remove implicit prefix matching from AWS auth backend
In the aws auth backend, bound_iam_role_arn and
bound_iam_instance_profile_arn were ALWAYS prefix matched, and there was
no way to opt out of this implicit prefix matching. This now makes the
implicit prefix matching an explicit opt-in feature by requiring users
to specify a * at the end of an ARN if they want the prefix matching.
* auth/aws: Allow binding by EC2 instance IDs
This allows specifying a list of EC2 instance IDs that are allowed to
bind to the role. To keep style formatting with the other bindings, this
is still called bound_ec2_instance_id rather than bound_ec2_instance_ids
as I intend to convert the other bindings to accept lists as well (where
it makes sense) and keeping them with singular names would be the
easiest for backwards compatibility.
Partially fixes#3797
If you try to use role authorization to get an STS token, you'll get this error:
* Error generating STS keys: AccessDenied: Cannot call GetFederationToken with session credentials
In the authentication section of the getting started doc, the token used
to login doesn't match with the one displayed as the command result.
This commit makes sure that both tokens correspond to avoid distracting
newcomers.
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs
* docs: Add ttl params to auth enable endpoint
* Rewording of go string to simply string
* Add audit hmac keys as CLI flags on auth/secrets enable
* Fix copypasta mistake
* Add audit hmac keys to auth and secrets list
* Only set config values if they exist
* Fix http sys/auth tests
* More auth plugin_name test fixes
* Pass API values into MountEntry's config when creating auth/secrets mount
* Update usage wording
