Commit graph

3684 commits

Author SHA1 Message Date
Jeff Mitchell d77563994c Merge pull request #1346 from hashicorp/disable-all-caches
Disable all caches
2016-05-07 16:33:45 -04:00
Sean Chittenden f4d69e6d93 Bump Go to 1.6.1 2016-05-07 13:30:43 -07:00
Steve Jansen 597d59962c Adds sts:AssumeRole support to the AWS secret backend
Support use cases where you want to provision STS tokens
using Vault, but, you need to call AWS APIs that are blocked
for federated tokens.  For example, STS federated tokens cannot
invoke IAM APIs, such as  Terraform scripts containing
`aws_iam_*` resources.
2016-05-05 23:32:41 -04:00
Jeff Mitchell 75dbbff1a6 Merge branch 'master-oss' into cubbyhole-the-world 2016-05-05 20:45:36 -04:00
Jeff Mitchell c16b0a4f41 Switch whitelist to use longest max TTL 2016-05-05 20:44:48 -04:00
Jeff Mitchell 7a6c76289a Role tag updates 2016-05-05 15:32:14 -04:00
Jeff Mitchell b58ad615f2 Fix HMAC being overwritten. Also some documentation, and add a lock to role operations 2016-05-05 14:51:09 -04:00
Jeff Mitchell 0eddeb5c94 Guard tidy functions 2016-05-05 14:28:46 -04:00
Jeff Mitchell 2d4c390f87 More updates to mutexes and adjust blacklisted roletag default safety buffer 2016-05-05 14:12:22 -04:00
Jeff Mitchell 8fef6e3ac0 Rename identity whitelist and roletag blacklist api endpoints 2016-05-05 13:34:50 -04:00
Jeff Mitchell c69ba40d05 Move some mutexes around 2016-05-05 12:53:27 -04:00
Jeff Mitchell f689e4712d Update some mutexes in client config 2016-05-05 12:44:40 -04:00
Jeff Mitchell c15c227774 Fall back to non-base64 cert if it can't be decoded (it's checked later anyways) 2016-05-05 11:36:28 -04:00
Jeff Mitchell 25913fb18c Update commenting 2016-05-05 11:22:36 -04:00
Jeff Mitchell 15cbcedf1f Make the roletag blacklist the longest duration, not least 2016-05-05 11:00:41 -04:00
Jeff Mitchell e45d6c1120 Switch client code to shared awsutil code 2016-05-05 10:40:49 -04:00
Jeff Mitchell 4600ca8073 Merge branch 'master-oss' into aws-auth-backend 2016-05-05 10:36:06 -04:00
Jeff Mitchell f6f5889c8c changelog++ 2016-05-05 10:35:22 -04:00
Jeff Mitchell 125fb69d25 Merge pull request #1374 from hashicorp/aws-cred-chain
AWS cred chain helper
2016-05-05 10:34:07 -04:00
Jeff Mitchell 80407eeba8 Fix up commenting 2016-05-05 10:31:50 -04:00
Jeff Mitchell b6b9cd6f1f Merge remote-tracking branch 'origin/master' into aws-cred-chain 2016-05-05 10:31:12 -04:00
Jeff Mitchell c70c85b6c7 Merge pull request #1381 from hashicorp/util-update
Updates to policy and string helpers
2016-05-05 10:29:10 -04:00
vishalnayak 314a1f9406 Updates to policy and string helpers 2016-05-05 10:22:28 -04:00
Jeff Mitchell 3e71221839 Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
Jeff Mitchell 00e666425b Merge pull request #1380 from hashicorp/refactor-sanitize-ttl
Split SanitizeTTL method to support time.Duration parameters as well
2016-05-05 10:00:25 -04:00
vishalnayak 92fe94546c Split SanitizeTTL method to support time.Duration parameters as well 2016-05-05 09:45:48 -04:00
vishalnayak 0cec22d27a Lower case all policy values in ParsePolicies before processing 2016-05-05 05:22:59 -04:00
Jeff Mitchell 885cc73b2e Merge branch 'master-oss' into f-vault-service 2016-05-04 17:20:00 -04:00
Jeff Mitchell 09f06554cb Address some review feedback 2016-05-04 16:03:53 -04:00
Jeff Mitchell 99a5b4402d Merge branch 'master-oss' into cubbyhole-the-world 2016-05-04 14:42:14 -04:00
Jeff Mitchell bd6f1bbd08 Merge pull request #1376 from janstenpickle/patch-1
Add scala vault library to list of client libs
2016-05-04 14:40:19 -04:00
Chris Jansen ea21dec7b4 Add scala vault library to list of client libs 2016-05-04 18:04:28 +01:00
vishalnayak 4ede1d6f08 Add the steps to generate the CRL test's test-fixture files 2016-05-04 05:48:34 -04:00
Jeff Mitchell 3600b2573d Update website docs re token store role period parsing 2016-05-04 02:17:20 -04:00
vishalnayak b7c48ba109 Change image/ to a more flexible /role endpoint 2016-05-03 23:36:59 -04:00
Jeff Mitchell 47a7ada7e8 Fix number of recovery shares output during init 2016-05-03 23:07:09 -04:00
Jeff Mitchell 1b0df1d46f Cleanups, add shared provider, ability to specify http client, and port S3 physical backend over 2016-05-03 17:01:02 -04:00
Jeff Mitchell 7fbe5d2eaa Region is required so error in awsutil if not set and set if empty in client code in logical/aws 2016-05-03 15:25:11 -04:00
Jeff Mitchell 60a584a0a7 changelog++ 2016-05-03 15:12:08 -04:00
Jeff Mitchell d8220ccfec Merge pull request #1371 from hashicorp/auth-mount-tuning
Properly persist auth mount tuning
2016-05-03 15:11:20 -04:00
Jeff Mitchell a244ef8a00 Refactor AWS credential code into a function that returns a static->env->instance chain 2016-05-03 15:10:35 -04:00
Jeff Mitchell 034c2d93cd changelog++ 2016-05-03 14:42:31 -04:00
Jeff Mitchell 7ddf4c6250 Merge pull request #1372 from hashicorp/fix-sigint-sighup
Properly handle sigint/hup
2016-05-03 14:40:27 -04:00
Jeff Mitchell 2bbb39f4af Properly handle sigint/hup 2016-05-03 14:30:58 -04:00
Jeff Mitchell 1bc2abecd5 Properly persist auth mount tuning 2016-05-03 14:24:04 -04:00
Jeff Mitchell 28279d193e Update deps 2016-05-03 13:23:05 -04:00
Jeff Mitchell ff63e83ffa Merge pull request #1370 from hashicorp/go-rootcerts
Switch our tri-copy ca loading code to go-rootcerts
2016-05-03 13:11:10 -04:00
Jeff Mitchell 45a120f491 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell f21b88802f Add some more tests around deletion and fix upsert status returning 2016-05-03 00:19:18 -04:00
Jeff Mitchell 7e1bdbe924 Massively simplify lock handling based on feedback 2016-05-02 23:47:18 -04:00