Commit graph

448 commits

Author SHA1 Message Date
Jeff Mitchell 8fa7d3bd0b Add revoke-self to docs 2015-09-24 12:05:00 -04:00
Dominic Luechinger 89511e6977 Fixes docs for new JWT secret backend 2015-09-24 16:47:17 +02:00
Spencer Herzberg 54c62fe5aa docs: pg username not prefixed with vault-
due to
05fa4a4a48,
vault no longer prefixes the username with `vault-`
2015-09-22 10:14:47 -05:00
Jeff Mitchell a5f52f43b1 Minor doc update to SSH 2015-09-21 16:26:07 -04:00
Jeff Mitchell 29c722dbb6 Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values 2015-09-21 16:14:30 -04:00
Jeff Mitchell 3eb38d19ba Update transit backend documentation, and also return the min decryption
value in a read operation on the key.
2015-09-21 16:13:43 -04:00
Jeff Mitchell ca33cd8423 Add API endpoint documentation to cubbyhole 2015-09-21 16:13:36 -04:00
Jeff Mitchell 273f13fb41 Add API endpoint documentation to generic 2015-09-21 16:13:29 -04:00
Jeff Mitchell 59ba17c601 Add clarity to the lease concepts document. 2015-09-21 08:56:26 -04:00
Jeff Mitchell 801e531364 Enhance transit backend:
* Remove raw endpoint from transit
* Add multi-key structure
* Add enable, disable, rewrap, and rotate functionality
* Upgrade functionality, and record creation time of keys in metadata. Add flag in config function to control the minimum decryption version, and enforce that in the decrypt function
* Unit tests for everything
2015-09-18 14:41:05 -04:00
Jeff Mitchell 8f79e8be82 Add revoke-self endpoint.
Fixes #620.
2015-09-17 13:22:30 -04:00
Jonathan Klein dff6e468f9 Grammar fix 2015-09-15 15:53:27 -04:00
Jeff Mitchell 538852d6d6 Add documentation for cubbyhole 2015-09-15 13:50:37 -04:00
vishalnayak 142cb563a6 Improve documentation of token renewal 2015-09-11 21:08:32 -04:00
Jeff Mitchell ace611d56d Address items from feedback. Make MountConfig use values rather than
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
Jeff Mitchell 488d33c70a Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00
Jeff Mitchell 4239f9d243 Add DynamicSystemView. This uses a pointer to a pointer to always have
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.

Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
Jeff Mitchell f4239556d2 Merge pull request #508 from mfischer-zd/webdoc_environment
docs: Document environment variables
2015-09-09 11:29:10 -04:00
Jeff Mitchell 1a8bcfe18d Merge pull request #592 from blalor/patch-1
Remove unused param to 'vault write aws/roles/deploy'
2015-09-09 11:28:15 -04:00
Michael S. Fischer 24a5127fab docs: Document environment variables 2015-09-08 11:59:58 -07:00
Neo 4e3e9c38a2 Typo fix 2015-09-08 02:43:01 +02:00
Brian Lalor 2ae48fa586 Remove unused param to 'vault write aws/roles/deploy'
The name is taken from the path, not the request body.  Having the duplicate key is confusing.
2015-09-06 06:57:39 -04:00
Armon Dadgar 4eaacaf546 Merge pull request #590 from MarkVLK/patch-1
Update mysql docs markdown to fix grammar error
2015-09-04 19:13:50 -07:00
MarkVLK fae51d605f Update transit docs markdown to add missing word
Added the presumably missing *decrypt* from "encrypt/data" in the first sentence.
2015-09-04 17:11:34 -07:00
MarkVLK cd292d5372 Update mysql docs markdown to fix grammar error
Changed "... used to **generated** those credentials" to "... used to **generate** those credentials."
2015-09-04 17:05:45 -07:00
Seth Vargo 6f248425a6 Update documentation around cookies 2015-09-03 10:36:59 -04:00
Vishal Nayak d4609dea28 Merge pull request #578 from hashicorp/exclude-cidr-list
Vault SSH: Added exclude_cidr_list option to role
2015-08-28 07:59:46 -04:00
vishalnayak b12a2f0013 Vault SSH: Added exclude_cidr_list option to role 2015-08-27 23:19:55 -04:00
Jeff Mitchell a4fc4a8e90 Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470. 2015-08-27 12:24:37 -07:00
vishalnayak fbff20d9ab Vault SSH: Docs for default CIDR value 2015-08-27 13:10:15 -04:00
vishalnayak 702a869010 Vault SSH: Provide key option specifications for dynamic keys 2015-08-27 11:41:29 -04:00
Jeff Mitchell 8669a87fdd When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes. 2015-08-26 07:59:50 -07:00
Jeff Mitchell b940d214bd Merge pull request #568 from ctennis/add_some_s3_info
Make it clear for physical S3 backend we support instance profiles as well.
2015-08-26 09:03:38 -04:00
Jeff Mitchell cc232e6f79 Address comments from review. 2015-08-25 15:33:58 -07:00
Jeff Mitchell 0b580d0521 Update website documentation for init and rekey with secret_pgp_keys API option 2015-08-25 14:52:13 -07:00
Caleb Tennis 6c30f9a0f9 Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required 2015-08-25 06:47:07 -07:00
Armon Dadgar 88a7b57491 Merge pull request #558 from captainill/master
make sure header is below clickable area that hides sidebar
2015-08-21 10:21:40 -07:00
Jeff Mitchell ea9fbb90bc Rejig Lease terminology internally; also, put a few JSON names back to their original values 2015-08-20 22:27:01 -07:00
Jeff Mitchell 0fa783f850 Update help text for TTL values in generic backend 2015-08-20 17:59:30 -07:00
captainill ad9e00b166 make sure header is below clickable area that hides sidebar 2015-08-20 17:22:48 -07:00
Jeff Mitchell b57ce8e5c2 Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4.
Fixes #528.
2015-08-20 16:41:25 -07:00
Vishal Nayak beca9f1596 Merge pull request #385 from hashicorp/vishal/vault
SSH Secret Backend for Vault
2015-08-20 10:03:15 -07:00
Bernhard K. Weisshuhn 86cde438a5 avoid dashes in generated usernames for cassandra to avoid quoting issues 2015-08-20 11:15:28 +02:00
vishalnayak 76ed3bec74 Vault SSH: 1024 is default key size and removed 4096 2015-08-19 12:51:33 -07:00
vishalnayak 1f5062a6e1 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-08-19 12:16:37 -07:00
David Winterbottom 9fd6837d7b Fix typo in ACL doc 2015-08-19 07:36:16 +01:00
Armon Dadgar f351cd5ee0 Merge pull request #531 from mfischer-zd/fix_doc_tls
Clarify availability of tls_min_version
2015-08-18 19:01:28 -07:00
vishalnayak b5cda4942b Vault SSH: doc update 2015-08-18 11:50:32 -07:00
vishalnayak b91ebbc6e2 Vault SSH: Documentation update and minor refactoring changes. 2015-08-17 18:22:03 -07:00
vishalnayak 9db318fc55 Vault SSH: Website page for SSH backend 2015-08-14 12:41:26 -07:00
Michael S. Fischer 0e0cdeed75 Clarify availability of tls_min_version
`tls_min_version` doesn't work in the current Vault release;
make that clear.
2015-08-13 08:35:09 -07:00
vishalnayak 93dfa67039 Merging changes from master 2015-08-12 09:28:16 -07:00
vishalnayak 0abf07cb91 Vault SSH: Website doc v1. Removed path_echo 2015-08-12 09:25:28 -07:00
Erik Kristensen 2233f993ae initial pass at JWT secret backend 2015-08-06 17:49:44 -06:00
Armon Dadgar f58f46c243 Merge pull request #439 from geckoboard/feature-tls-mysql
Using SSL to encrypt connections to MYSQL
2015-08-05 14:52:43 -07:00
Armon Dadgar 4d08cfdf6f Merge pull request #469 from kgutwin/f-config-defaultlease
Add configuration options for default lease duration and max lease duration
2015-08-04 10:06:41 -07:00
Vivien Schilis 9db7426002 Add documentation for the tls_ca_file option 2015-08-04 05:10:33 +00:00
Rusty Ross 719ac6e714 update doc for app-id
make clearer in doc that user-id can accept multiple app-id mappngs as comma-separated values
2015-08-03 09:44:26 -07:00
Armon Dadgar 473668a1a0 Merge pull request #482 from chiefy/master
Adding vaulted nodejs library to libraries section in docs.
2015-07-31 15:13:44 -07:00
Long Nguyen e666b5c624 added golang client 2015-07-31 17:10:38 -04:00
Christopher Najewicz c5c7926af6 Adding vaulted nodejs library to libraries section in docs. 2015-07-31 14:31:26 -04:00
Armon Dadgar 03728af495 Merge pull request #464 from bgirardeau/master
Add Multi-factor authentication with Duo
2015-07-30 17:51:31 -07:00
Bradley Girardeau aa55d36f03 Clean up naming and add documentation 2015-07-30 17:36:40 -07:00
Karl Gutwin 4bad987e58 PR review updates 2015-07-30 13:21:41 -04:00
Karl Gutwin 151ec72d00 Add configuration options for default lease duration and max lease duration. 2015-07-30 09:42:49 -04:00
Armon Dadgar 1535a21198 Merge pull request #384 from dkaffee92/feature/storage-backend-consul-configuration
allow specifying certificates used to talk to consul for storage backend
2015-07-29 14:41:53 -07:00
Fabian Ruff 41106d9b69 fix doc for pki/revoke API 2015-07-29 14:28:12 +02:00
Kevin Fishner 9fe25414aa update analytics 2015-07-28 16:05:27 -07:00
Bradley Girardeau 112f98d86f mfa: cleanup website documentation 2015-07-28 12:25:01 -07:00
Bradley Girardeau 6c24a000a3 mfa: add website documentation 2015-07-28 11:00:57 -07:00
Daniel Kaffee a6f828ba0a made documentation a bit more clear 2015-07-28 15:50:43 +03:00
Daniel Kaffee 4146be770c refactor code 2015-07-28 14:55:33 +03:00
Armon Dadgar 83729a3bd9 website: fixing details about HA backends 2015-07-24 12:11:45 -07:00
Armon Dadgar 80e59089ba Merge pull request #449 from JustinLaRose/master
Cassandra secret backend doc update for connection config
2015-07-23 13:42:59 -07:00
Armon Dadgar eeb623bca0 Merge pull request #447 from kgutwin/f-tlsvers
Specify Vault listener minimum TLS version
2015-07-23 13:42:42 -07:00
Armon Dadgar 9ec3cefea9 Merge pull request #433 from infame-io/feature/s3_sts
Granting S3 backend temporary access
2015-07-23 13:33:58 -07:00
Karl Gutwin 3a5e036727 Document warning for using lower TLS versions 2015-07-23 11:54:45 -04:00
Lauro Balderas 436dfd464d S3 backend session token documentation updated 2015-07-23 22:53:20 +10:00
Justin LaRose 361f10f79e Cassandra secret backend doc update for connection config - "hosts" instead of "host" 2015-07-23 03:07:29 -04:00
Karl Gutwin 1096f5a53e Avoid unnecessary abbreviation 2015-07-22 23:28:46 -04:00
Karl Gutwin 9c963a0632 TLS minimum version documentation 2015-07-22 23:21:18 -04:00
Armon Dadgar 63fcb61145 Merge pull request #419 from nbrownus/telemetry_names
Disable hostname prefix for runtime telemetry
2015-07-22 15:38:23 -07:00
Armon Dadgar 01147622ce Merge pull request #420 from bgirardeau/master
LDAP Auth - Add per-user policies and option to login with userPrincipalName
2015-07-22 14:35:21 -07:00
Bradley Girardeau e8d26d244b ldap: change setting user policies to setting user groups 2015-07-20 11:33:39 -07:00
Seth Vargo 564f6d3743 Small tutorial fixes and tweaks 2015-07-19 16:52:11 -04:00
Daniel Somerfield 30920dc751 Finished draft of api tutorial and worked it into the flow. 2015-07-19 12:29:06 -07:00
Daniel Somerfield 89e0ed22db More work on apis doc. 2015-07-16 06:29:52 -07:00
Daniel Somerfield 3f45692500 Added start of page in intro that explains / demos the REST apis 2015-07-15 06:28:04 -07:00
Bradley Girardeau 1e1d4ba66d ldap: add documentation for setting policies based on user 2015-07-14 16:13:40 -07:00
Nate Brown 65dc78ba35 Docs for the telemetry object 2015-07-14 15:45:45 -07:00
Bradley Girardeau 0e2edc2378 ldap: add ability to login with a userPrincipalName (user@upndomain) 2015-07-14 15:37:46 -07:00
Armon Dadgar 3042452def website: fixing lots of references to vault help 2015-07-13 20:12:09 +10:00
Armon Dadgar 7be012b8b6 website: help command is now path-help 2015-07-13 20:03:29 +10:00
Armon Dadgar 26937498f6 physical/zk: Fixing node representation. Fixes #416 2015-07-13 19:33:23 +10:00
Armon Dadgar 8dd9478e14 website: fixing documentation errors. Fixes #412 2015-07-13 19:10:44 +10:00
Armon Dadgar 2da54da6ed website: update HA status, discourage ZK 2015-07-13 19:01:32 +10:00
Matt Button 76bc988e50 Remove documentation that was copied from the terraform project 2015-07-12 16:52:24 +00:00
mootpt 872593d1e1 fixed secrets backend url
minor doc fix
2015-07-06 11:11:58 -07:00
mootpt f782e7382e pointed authentication backend to proper location
pointed authentication backend to proper location
2015-07-06 10:42:14 -07:00
Armon Dadgar 70cd3d1206 Merge pull request #400 from hashicorp/f-glob
Change ACL semantics, use explicit glob and deny has highest precedence
2015-07-06 11:15:49 -06:00