Nicolas Corrarello
5a317a1a32
Updated documentation
2017-11-06 15:13:50 +00:00
Calvin Leung Huang
93917743df
Update SSH list roles docs ( #3536 )
2017-11-03 18:00:46 -04:00
Vishal Nayak
e4e4a7ba67
Capabilities responds considering policies on entities and groups ( #3522 )
...
* Capabilities endpoint will now return considering policies on entities and groups
* refactor the policy derivation into a separate function
* Docs: Update docs to reflect the change in capabilities endpoint
2017-11-03 11:20:10 -04:00
Vishal Nayak
06923430cc
docs: s/persona/alias ( #3529 )
2017-11-03 11:17:59 -04:00
Vishal Nayak
52df62d4ff
Encrypt/Decrypt/Sign/Verify using RSA in Transit backend ( #3489 )
...
* encrypt/decrypt/sign/verify RSA
* update path-help and doc
* Fix the bug which was breaking convergent encryption
* support both 2048 and 4096
* update doc to contain both 2048 and 4096
* Add test for encrypt, decrypt and rotate on RSA keys
* Support exporting RSA keys
* Add sign and verify test steps
* Remove 'RSA' from PEM header
* use the default salt length
* Add 'RSA' to PEM header since openssl is expecting that
* export rsa keys as signing-key as well
* Comment the reasoning behind the PEM headers
* remove comment
* update comment
* Parameterize hashing for RSA signing and verification
* Added test steps to check hash algo choice for RSA sign/verify
* fix test by using 'prehashed'
2017-11-03 10:45:53 -04:00
Vishal Nayak
a7acc23034
docs: Add config/ca delete operation ( #3525 )
2017-11-03 06:19:21 -04:00
Chris Hoffman
3d8d887676
Add ability to require parameters in ACLs ( #3510 )
2017-11-02 07:18:49 -04:00
Nicolas Corrarello
d540985926
Unifying Storage and API path in role
2017-10-31 21:06:10 +00:00
Nicolas Corrarello
0fc65cabc7
Minor/Cosmetic fixes
2017-10-31 19:11:24 +00:00
Nathan Valentine
0345dca20f
Should these names not reference Vault? ( #3506 )
...
Since we are in the Vault docs, should these names not reference Vault instead of Nomad?
2017-10-30 11:04:38 -05:00
Jeff Mitchell
963f516ac9
Fix C&P in docs.
...
Fixes #3454
2017-10-27 16:43:26 -04:00
Vishal Nayak
b16084fdaf
aws-ec2: Avoid audit logging of custom nonces ( #3381 )
2017-10-27 11:23:15 -04:00
smeach
c575435040
Updated cli arg to reflect text description ( #3487 )
2017-10-27 09:44:56 -05:00
AJ Bourg
a71add2973
Add a doc for the token helper ( #3411 )
...
* Add token helper docs.
* Update it so the new token helpers page appears in the navigation.
2017-10-27 09:42:33 -05:00
Christophe Tafani-Dereeper
5ff1485a3e
Correct typos in the sys/raw documentation ( #3484 )
2017-10-24 10:33:57 -04:00
Seth Vargo
83b1eb900a
More naming cleanup
2017-10-24 09:35:03 -04:00
Seth Vargo
a07c7d7368
Update guides to use new CLI commands
2017-10-24 09:34:30 -04:00
Seth Vargo
53f26e6bd7
Update getting started walkthrough
2017-10-24 09:34:30 -04:00
Seth Vargo
7463ba73a5
Oops typo
2017-10-24 09:34:30 -04:00
Seth Vargo
6c1411447c
Remove more references to auth backend
2017-10-24 09:34:12 -04:00
Seth Vargo
926ca5c125
Update k8s documentation
2017-10-24 09:34:12 -04:00
Seth Vargo
51a27b758b
Resolve the most painful merge conflict known on earth
2017-10-24 09:34:12 -04:00
Seth Vargo
2982fdf7ca
Remove ?list examples
...
They are documented in the overall API section, but people should get used to seeing LIST as a verb
2017-10-24 09:32:15 -04:00
Seth Vargo
a85d3c6270
Remove smaller font on embedded code snippets
2017-10-24 09:32:15 -04:00
Seth Vargo
c5665920f6
Standardize on "auth method"
...
This removes all references I could find to:
- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend
in favor of the unified:
- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo
3bbeace911
Audit backend -> device
2017-10-24 09:30:52 -04:00
Seth Vargo
f7310eac04
Add new commands to the sidebar
2017-10-24 09:30:52 -04:00
Seth Vargo
aa34fb17c7
Absorb help and read-write into index
2017-10-24 09:30:52 -04:00
Seth Vargo
162c525159
Add "write" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
6fa133852e
Add "unwrap" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4d80ccbb4c
Add "token" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
51e185b9a2
Add "status" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4634949b9b
Add "ssh" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
a106350950
Add "server" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
28fa271c4e
Add "secrets" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
bcf6657e9c
Add "read" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
c743167f4c
Add "policy" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
54f8e0adb2
Update "path-help" documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
f48bc06d93
Add "operator" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
a81ff9a97c
Add "login" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
50d6c9a642
Add "list" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
57c0d53121
Add "lease" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
d31bccccdf
Add "delete" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
48e84342c2
Add "auth" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
0fa0a5ca41
Add "audit" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
3c43409e6c
Add "token revoke" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
6d150b5228
Add "token renew" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
cac3515379
Add "token lookup" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
ffe608d535
Add "token create" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
61edbf3325
Add "token capabilities" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
529b9bd224
Add "secrets tune" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
40b8f3c204
Add "secrets move" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f2bbb3cc18
Add "secrets list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c782b25e7c
Add "secrets enable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
087a87c59e
Add "secrets disable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6995d1e06b
Add "policy write" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
79b3f7d8fe
Add "policy read" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
e29e78eb7d
Add "policy list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6522bd12d5
Add "policy fmt" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
b735d70922
Add "policy delete" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c9d74f77e4
Add "operator unseal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f15eddf299
Add "operator step-down" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c62de019dd
Add "operator seal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c2f31c503a
Add "operator rotate" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
310d4adc87
Add "operator rekey" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
83df4a8c4c
Add "operator key-status" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c35d67c9e3
Add "operator init" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
ed15b273ca
Add "operator generate-root" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
baf2edbc57
Add "lease revoke" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
a1de44f93c
Add "lease renew" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
21e74d73dd
Add "auth tune" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
7d880e3154
Add "auth list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
01780e9b75
Add "auth help" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
e04fb8423a
Add "auth enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
95af51f279
Add "auth disable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
89e23d0e84
Add "audit list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
04ee9ce40a
Add "audit enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
fd2a12bce4
Add "audit disable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
0afff80b5e
Document mount types/values
2017-10-24 09:28:05 -04:00
Seth Vargo
44851f992e
Expand root generation guide with a PGP example
2017-10-24 09:28:05 -04:00
Chris Hoffman
e4065e33d2
copying general purpose tools from transit backend to /sys/tools ( #3391 )
2017-10-20 10:59:17 -04:00
Chris Hoffman
df29bc4fc0
updating mssql docs ( #3477 )
2017-10-19 11:21:29 -04:00
Brian Shumate
d150f374fd
Match plugin name from releases ( #3453 )
2017-10-19 11:10:42 -04:00
blazindragon
6c6e2a3baa
Correct typo: DELET to DELETE ( #3452 )
2017-10-13 10:11:04 -04:00
Brian Kassouf
fdd76563eb
Add a note about the instant client libraries ( #3434 )
...
* Add a note about the instant client libraries
* Update oracle.html.md
2017-10-12 09:40:06 -04:00
Jeremy Voorhis
af24163abd
Implement signing of pre-hashed data ( #3448 )
...
Transit backend sign and verify endpoints now support algorithm=none
2017-10-11 11:48:51 -04:00
Martins Sipenko
a2808db1af
Fix docs ( #3449 )
2017-10-11 11:29:26 -04:00
Brendan
d5decccbfe
Update index.html.md ( #3433 )
...
Fixed typo in json property used to create custom secret_id
2017-10-11 09:25:43 -04:00
emily
cbe41b590f
add GCP APIs that need to be enabled to GCP auth docs, small doc fixes ( #3446 )
2017-10-11 09:18:32 -04:00
Nicolas Corrarello
3380fd647d
Adding Nomad docs to the nav. Minor cosmetics fixes
2017-10-06 16:03:06 +01:00
David Dixon
cfd27317d8
Small typo corrections for policies doc ( #3413 )
2017-10-06 09:38:00 -04:00
Nicolas Corrarello
d7bb311db3
A few simple fixes for the Github API docs ( #3432 )
2017-10-06 06:13:47 -04:00
Daniel DeFisher
974332c2c5
upgrade ldap api docs to refrect 0.8.3 change to returned json of policies ( #3421 )
2017-10-04 15:40:28 -04:00
Jeff Mitchell
e3ce60eb1f
Allow entering PKI URLs as arrays. ( #3409 )
...
Fixes #3407
2017-10-03 16:13:57 -04:00
Oluwafemi Sule
b6ec6351af
fix spellings errors ( #3400 )
2017-09-29 11:52:42 -04:00
Nicolas Corrarello
b207b76f14
Updated API Docs with the Global Token Parameter
2017-09-29 11:23:47 +01:00
Alex Dadgar
f56e191020
Fix spelling errors ( #3390 )
2017-09-28 07:54:40 -04:00
Paulo Ribeiro
43540e9c32
Fix grammatical error ( #3395 )
...
Also changed capitalization for consistency.
2017-09-28 06:28:48 -04:00
Brian Kassouf
b1db3765ca
Kubernetes Docs Update ( #3386 )
...
* Update Kubnernetes Docs
* Add a note about alpha clusters on GKE
* Fix JSON formatting
* Update kubernetes.html.md
* Fix a few review comments
2017-09-27 14:02:18 -07:00
Vishal Nayak
abcf4b3bb2
docs: Added certificate deletion operation API ( #3385 )
2017-09-26 20:28:52 -04:00
Jeff Mitchell
17a15cd594
Add option to disable client certificate requesting. ( #3373 )
...
Fixes #3372
2017-09-25 14:41:46 -04:00
Nicolas Corrarello
2b4561dccb
Adding Nomad Secret Backend API documentation
2017-09-21 09:18:35 -05:00
Nicolas Corrarello
5178e5f5f2
Adding Nomad secret backend documentation
2017-09-20 17:31:28 -05:00
Dave Pedu
19e4d8b6c3
Spelling fix ( #3351 )
2017-09-19 15:25:39 -04:00
Brian Kassouf
9b0d594d02
Kubernetes auth ( #3350 )
...
* Import the kubernetes credential backend
* Add kubernetes docs
* Escape * characters
* Revert "Import the kubernetes credential backend"
This reverts commit f12627a9427bcde7e73cea41dea19d0922f94789.
* Update the vendored directory
2017-09-19 09:27:26 -05:00
Calvin Leung Huang
d4a5362835
Clarify backup data that is being stored ( #3345 )
2017-09-19 07:44:34 -05:00
emily
ed3d75d0b1
Add GCE docs for GCP Auth Backend ( #3341 )
2017-09-19 07:44:05 -05:00
Bruno Miguel Custódio
2abddb248e
Fix a few quirks in the GCP auth backend's docs. ( #3322 )
2017-09-19 07:41:41 -05:00
Vishal Nayak
e99640f462
Add 'pid_file' config option ( #3321 )
...
* add pid_file config option
* address review feedback
* address review comments
2017-09-16 17:09:37 -04:00
Laura Uva
8529972bfb
Updated https://www.vaultproject.io/api/system/replication-dr.html#generate-dr-secondary-token to be a POST rather than GET. This was reported by a customer and I confirmed that this should be a logical.UpdateOperation rather than ReadOperation ( 24f2b961fd/vault/replication_api.go (L121)
). ( #3342 )
2017-09-15 16:19:16 -04:00
Chris Hoffman
1029ad3b33
Rename "generic" secret backend to "kv" ( #3292 )
2017-09-15 09:02:29 -04:00
Chris Hoffman
a2d2f1a543
Adding support for base_url for Okta api ( #3316 )
...
* Adding support for base_url for Okta api
* addressing feedback suggestions, bringing back optional group query
* updating docs
* cleaning up the login method
* clear out production flag if base_url is set
* docs updates
* docs updates
2017-09-15 00:27:45 -04:00
Chris Hoffman
9d73c81f38
Disable the sys/raw
endpoint by default ( #3329 )
...
* disable raw endpoint by default
* adding docs
* config option raw -> raw_storage_endpoint
* docs updates
* adding listing on raw endpoint
* reworking tests for enabled raw endpoints
* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
Chris Hoffman
2e60b20eae
update enterprise urls /docs/vault-enterprise -> /docs/enterprise ( #3333 )
2017-09-13 15:37:40 -04:00
Paul Pieralde
2c640950e0
Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing ( #3331 )
...
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
2017-09-13 11:59:27 -07:00
Jeff Mitchell
cb6ac1e926
Change behavior of TTL in sign-intermediate ( #3325 )
...
* Fix using wrong public key in sign-self-issued
* Change behavior of TTL in sign-intermediate
This allows signing CA certs with an expiration past the signer's
NotAfter.
It also change sign-self-issued to replace the Issuer, since it's
potentially RFC legal but stacks won't validate it.
Ref: https://groups.google.com/d/msg/vault-tool/giP69-n2o20/FfhRpW1vAQAJ
2017-09-13 11:42:45 -04:00
Chris Hoffman
cfa74e6a95
remove token header from login samples ( #3320 )
2017-09-11 18:14:05 -04:00
Bruno Miguel Custódio
886a0acee6
Fix navigation and prameters in the 'gcp' auth backend docs. ( #3317 )
2017-09-11 15:26:24 -04:00
Jose Diaz-Gonzalez
12cde76112
fix: add missing comma to payload ( #3308 )
2017-09-11 12:03:43 -04:00
Dan Urson
57a7002210
Update AWS CloudHSM comparison. ( #3311 )
...
* Update AWS CloudHSM comparison.
* Update hsm.html.md
* Update hsm.html.md
2017-09-10 12:54:05 -04:00
Calvin Leung Huang
c747caac2a
Fix cassandra tests, explicitly set cluster port if provided ( #3296 )
...
* Fix cassandra tests, explicitly set cluster port if provided
* Update cassandra.yml test-fixture
* Add port as part of the config option, fix tests
* Remove hostport splitting in cassandraConnectionProducer.createSession
* Include port in API docs
2017-09-07 23:04:40 -04:00
Adam Duke
a3f97c5e3e
fix typo in policies documentation ( #3302 )
2017-09-07 11:55:24 -04:00
Paul Pieralde
567f2ce1f1
Fix docs for Certificate authentication ( #3301 )
...
Fix discrepencies in the documentation for TLS Certificate
authentication. The Delete CRL method has a misleading title and
description.
2017-09-07 10:28:14 -04:00
Paul Pieralde
25976b340e
Fixed small typo in RabbitMQ secret backend. ( #3300 )
...
Fixed `name` param for the Delete Role API in the RabbitMQ secret backend.
2017-09-07 10:00:32 -04:00
Jeff Mitchell
44bf03e3b6
Fix compile after dep update
2017-09-05 18:18:34 -04:00
Eugene Bekker
e85e22b00e
Fixing the response sample for reading a plugin ( #3278 )
...
The plugin config data properties are returned immediately within the response's `data` object.
2017-09-01 08:34:54 -04:00
Jeff Mitchell
9578361513
Massive update to response-wrapping concept page
2017-09-01 08:32:55 -04:00
Jeff Mitchell
abb2ab2918
Add pki/root/sign-self-issued. ( #3274 )
...
* Add pki/root/sign-self-issued.
This is useful for root CA rolling, and is also suitably dangerous.
Along the way I noticed we weren't setting the authority key IDs
anywhere, so I addressed that.
* Add tests
2017-08-31 23:07:15 -04:00
Calvin Leung Huang
6f417d39da
Normalize plugin_name option for mount and enable-auth ( #3202 )
2017-08-31 12:16:59 -04:00
Chris Hoffman
194491759d
Updating Okta lib for credential backend ( #3245 )
...
* migrating to chrismalek/oktasdk-go Okta library
* updating path docs
* updating bool reference from config
2017-08-30 22:37:21 -04:00
Jeff Mitchell
8acef196a8
Add 'discard' target to file audit backend ( #3262 )
...
Fixes #seth
2017-08-30 19:16:47 -04:00
Joel Thompson
caf90f58d8
auth/aws: Allow wildcard in bound_iam_principal_id ( #3213 )
2017-08-30 17:51:48 -04:00
stephan stachurski
e396d87bc5
add support to use application default credentials to gcs storage backend ( #3257 )
2017-08-30 15:42:02 -04:00
Seth Vargo
9f80099fae
Remove fake news about custom plugins
...
This also adds a redirect from the old page to the new one
2017-08-30 12:57:45 -04:00
Christopher Pauley
eccbb21ce8
stdout support for file backend via logger ( #3235 )
2017-08-29 14:51:16 -04:00
djboris9
21a15204bd
Fix API/AUTH/AppRole doc issue concerning bound_cidr_list ( #3205 )
...
This patch fixes a little documentation issue.
bind_cidr_list doesn't exist as parameter to AppRole creation. It should be "bound_cidr_list".
In "path-help" it is documented correctly.
2017-08-29 12:37:20 -04:00
Hamza Tümtürk
525c124d69
Add missing code ending to Sample Payload ( #3239 )
2017-08-25 12:34:12 -04:00
Jon Benson
d88aefc64f
Fix typo ( #3237 )
2017-08-25 09:51:33 -04:00
Brian Kassouf
23089dafbc
Add basic autocompletion ( #3223 )
...
* Add basic autocompletion
* Add autocomplete to some common commands
* Autocomplete the generate-root flags
* Add information about autocomplete to the docs
2017-08-24 15:23:40 -07:00
Chris Hoffman
bf9658ec61
fix docs formatting
2017-08-24 11:23:26 -04:00
Serg
66b178f969
Update index.html.md ( #3233 )
2017-08-24 10:08:35 -04:00
Chris Hoffman
27598ce960
Add GET variant on LIST endpoints ( #3232 )
2017-08-23 17:59:22 -04:00
Seth Vargo
ec9e187ce4
Thread stderr through too ( #3211 )
...
* Thread stderr through too
* Small docs typo
2017-08-21 17:23:29 -04:00
Seth Vargo
1f45a6c96e
Addd more SSH CA troubleshooting ( #3201 )
...
* Add notes about pty and other permit-* extensions
* Update troubleshooting
* Add an example of JSON for sign
* Fix a bug about what keys to push up
2017-08-21 17:22:54 -04:00
Yaroslav Lukyanov
da19d2941f
add new php client to the doc ( #3206 )
2017-08-21 13:07:03 -04:00
Calvin Leung Huang
73fd103456
Update gcp auth backend docs ( #3209 )
...
* Update gcp auth backend docs
* Minor formatting and wording fixes
* Minor formatting fixes
2017-08-18 16:25:52 -04:00
Paulo Ribeiro
ba98b60e41
Fix typo in AppRole API page ( #3207 )
2017-08-18 10:46:29 -04:00
Chris Maki
7b5978634f
Update policies.html.md
...
Using the latest vault release, I was getting the following error when the policy used `write`:
Error: Error making API request.
URL: PUT http://0.0.0.0:8200/v1/sys/policy/secret
Code: 400. Errors:
* Failed to parse policy: path "secret/*": invalid capability 'write'
I think `create` is the correct new Capability.
2017-08-17 12:26:29 -07:00
Seth Vargo
b4bec62d47
Typo fix
2017-08-16 18:38:35 -04:00
Seth Vargo
7b1e013511
Refactor SSH CA backend docs
2017-08-16 18:38:35 -04:00