Chris Hoffman
94d119d979
changelog++
2017-12-11 13:29:12 -05:00
Brian Shumate
a8932fbcbd
Docs: Update PKI URL config examples to FQDN — addresses #3606 ( #3647 )
2017-12-11 13:25:59 -05:00
Chris Hoffman
3b0ba609b2
Converting key_usage and allowed_domains in PKI to CommaStringSlice ( #3621 )
2017-12-11 13:13:35 -05:00
Paulo Ribeiro
0ee55dde52
Remove duplicate link in ToC ( #3671 )
2017-12-11 12:52:58 -05:00
Brian Shumate
07a0d25aeb
Docs: Update PKI output examples - addresses #3606 ( #3628 )
2017-12-11 11:57:07 -05:00
Jeff Mitchell
b5d21ebdae
Cross reference pki/cert in a few places.
2017-12-11 11:10:28 -05:00
Jeff Mitchell
98faa8e406
changelog++
2017-12-09 10:47:35 -05:00
Jeff Mitchell
a5d93cbc43
changelog++
2017-12-09 10:45:48 -05:00
Jeff Mitchell
d70db5df9b
Update go-ldap with our patch for control packets. ( #3670 )
...
Fixes #3656
Fixes #3625
Fixes #3402
2017-12-09 10:45:03 -05:00
Jeff Mitchell
87154b1562
changelog++
2017-12-07 14:19:40 -05:00
Brad Sickles
295e11d40d
Adding mfa support to okta auth backend. ( #3653 )
2017-12-07 14:17:42 -05:00
Brian Shumate
a0d1092420
Conditionally set file audit log mode ( #3649 )
2017-12-07 11:44:15 -05:00
Mohsen
2aa576149c
Small typo relating to no_store in pki secret backend ( #3662 )
...
* Removed typo :)
* Corrected typo in the website related to no_store
2017-12-07 10:40:21 -05:00
Vishal Nayak
0928a65c38
remove unused function ( #3657 )
2017-12-06 18:55:43 -05:00
Vishal Nayak
48ac5caaa9
Transit: Refactor internal representation of key entry map ( #3652 )
...
* convert internal map to index by string
* Add upgrade test for internal key entry map
* address review feedback
2017-12-06 18:24:00 -05:00
Jeff Mitchell
3e64757013
changelog++
2017-12-06 16:51:08 -05:00
Dominik Müller
bc523fc294
add allowed_names to cert-response ( #3654 )
2017-12-06 16:50:02 -05:00
Brian Kassouf
34f5d1e637
Remove the note about GKE from the Kubernetes docs ( #3658 )
2017-12-06 13:38:00 -05:00
Chris Hoffman
8732603a4f
changelog++
2017-12-06 12:32:00 -05:00
Chris Hoffman
f966d20225
Adding ability to cache core values, cache transaction improvements ( #3640 )
2017-12-06 12:25:17 -05:00
Calvin Leung Huang
02706d62db
changelog++
2017-12-05 15:44:08 -05:00
Calvin Leung Huang
41f03b466a
Support MongoDB session-wide write concern ( #3646 )
...
* Initial work on write concern support, set for the lifetime of the session
* Add base64 encoded value support, include docs and tests
* Handle error from json.Unmarshal, fix test and docs
* Remove writeConcern struct, move JSON unmarshal to Initialize
* Return error on empty mapping of write_concern into mgo.Safe struct
2017-12-05 15:31:01 -05:00
Calvin Leung Huang
8f87854b86
Clarify api_addr related errors on VaultPluginTLSProvider ( #3620 )
...
* Mention api_addr on VaultPluginTLSProvider logs, update docs
* Clarify message and mention automatic api_address detection
* Change error message to use api_addr
* Change error messages to use api_addr
2017-12-05 12:01:35 -05:00
Jeff Mitchell
8f159b12b1
allowed/disallowed_policies as TypeCommaStringSlice ( #3641 )
...
Our docs apparently claim that this is a list, but the code is
string-only. This fixes that discrepancy.
2017-12-04 12:47:05 -05:00
Laura Uva
892a0cb5e0
Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key ( #3632 )
2017-12-04 12:12:58 -05:00
Brian Shumate
5a9d8c60ac
Docs: Update /sys/policies/ re: beta refs to address #3624 ( #3629 )
2017-12-04 12:10:26 -05:00
Jeff Mitchell
e301ebe91b
Update secrets page
...
Fixes #3623
2017-12-04 12:05:34 -05:00
Jeff Mitchell
f762d0615e
Remove beta notice
2017-12-04 08:25:16 -08:00
Chris Hoffman
b17fb19b52
Expanding on the quick start guide with how to set up an intermediate authority ( #3622 )
2017-12-04 11:23:58 -05:00
Brian Shumate
ac69680d7b
Docs: mlock() notes, fixes #3605 ( #3614 )
2017-12-04 10:56:16 -05:00
crdotson
fd2464c410
Fix spelling ( #3609 )
...
changed "aomma" to "comma"
2017-12-04 10:53:58 -05:00
Chris White
80745793ea
Add command to example to register plugin ( #3601 )
...
The example command to register the plugin into the plugin catalog was missing the command.
2017-12-04 10:52:30 -05:00
csawyerYumaed
605efa37e9
update relatedtools, add Goldfish UI. ( #3597 )
...
Add link to Goldfish a web UI for Vault.
2017-12-04 10:51:16 -05:00
Paul Pieralde
ff2c8d4865
Fix docs for Transit API ( #3588 )
2017-12-04 10:34:05 -05:00
Jeff Mitchell
d81a39ab99
Update cassandra docs with consistency value.
...
Fixes #3361
2017-12-02 14:18:23 -05:00
Marc Sensenich
92f937c021
Remove Trailing White space in Kubernetes Doc ( #3360 )
...
Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example
```
vault write auth/kubernetes/role/demo \
bound_service_account_names=vault-auth \
bound_service_account_namespaces=default \
policies=default \
ttl=1h
```
2017-12-02 14:12:39 -05:00
immutability
74bd27bdb5
Missing command for vault PUT operation ( #3355 )
2017-12-02 13:43:37 -05:00
Jeff Mitchell
f79a15ddcd
Update some rekey docs
...
Fixes #3306
2017-12-02 13:34:52 -05:00
Jeff Mitchell
f8a7f4b7d9
changelog++
2017-12-01 17:11:58 -05:00
Jeff Mitchell
20320cd71e
Move location of quit channel closing in exp manager ( #3638 )
...
* Move location of quit channel closing in exp manager
If it happens after stopping timers any timers firing before all timers
are stopped will still run the revocation function. With plugin
auto-crash-recovery this could end up instantiating a plugin that could
then try to unwrap a token from a nil token store.
This also plumbs in core so that we can grab a read lock during the
operation and check standby/sealed status before running it (after
grabbing the lock).
* Use context instead of checking core values directly
* Use official Go context in a few key places
2017-12-01 17:08:38 -05:00
Jeff Mitchell
bfc37f0847
Re-add some functionality lost during last dep update ( #3636 )
2017-12-01 10:18:26 -05:00
Jeff Mitchell
548629e8ef
Port over some changes
2017-11-30 09:43:07 -05:00
Jeff Mitchell
45d4facb29
Add some delay to postgres create user test to verify expiration isn't immediate
2017-11-30 09:35:47 -05:00
Nicolas Corrarello
b5fd1ce953
Adding SealWrap configuration, protecting the config/access path
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 21:53:21 +00:00
Nicolas Corrarello
7b14f41872
Fix docs up to current standards
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:53:42 +00:00
Nicolas Corrarello
b3799697a2
Rename policy into policies
2017-11-29 16:31:17 +00:00
Nicolas Corrarello
0d8f812dc8
Checking if client is not nil before deleting token
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:23:03 +00:00
Nicolas Corrarello
239a9a9985
%q quotes automatically
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:19:31 +00:00
Nicolas Corrarello
62fe10204a
Refactoring check for empty accessor as per Vishals suggestion
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:58:39 +00:00
Nicolas Corrarello
a6d3119e3e
Pull master into f-nomad
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:56:37 +00:00