Commit graph

6903 commits

Author SHA1 Message Date
Seth Vargo 4efcfe03d1
Add an auto-unseal page to the docs
This helps with SEO and also is where I'd expect auto unsealing to be referenced.
2017-11-14 13:12:20 -05:00
Seth Vargo b09d042173
Use super to show enterprise 2017-11-14 13:11:55 -05:00
Jeff Mitchell 8ba71a67e5 Minor website wording updates 2017-11-14 12:34:28 -05:00
Jeff Mitchell 40e3883788 Fix some broken links 2017-11-14 12:32:03 -05:00
Jeff Mitchell fc9525c727
Cut version 0.9.0 2017-11-14 11:57:40 -05:00
Jeff Mitchell 8677ae2f7a changelog++ 2017-11-14 11:56:05 -05:00
Jeff Mitchell 7ac167f8a4 Sync docs 2017-11-14 06:13:11 -05:00
Jeff Mitchell 77442f8640 Prep for 0.9.0 2017-11-14 06:08:56 -05:00
Jeff Mitchell eef6afec3e
Fix mount path for credential values in aliases (#3580) 2017-11-14 01:31:10 -05:00
Jeff Mitchell f6cb7e9975 Bump go version in Dockerfile 2017-11-14 01:16:59 -05:00
Calvin Leung Huang 2f9ff5c062 Acquire state lock at the start of UnsealWithRecoveryKeys (#3579)
* Acquire state lock from the start of UnsealWithRecoveryKeys, add metrics

* Change metrics variable
2017-11-13 22:05:22 -05:00
Vishal Nayak 5d976794d4
API refactoring and doc updates (#3577)
* Doc updates and API refactoring

* fix tests

* change metadata fieldtype to TypeKVPairs

* Give example for TypeKVPairs in CLI for metadata

* Update API docs examples to reflect the native expected value for TypeKVPairs

* Don't mention comma separation in the docs for TypeCommaStringSlice

* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias

* Address review feedback

* Fix formatting

* fix sidebar links
2017-11-13 20:59:42 -05:00
Brian Kassouf 58dc99ac95 Update the path for generating DR Operation tokens (#3578) 2017-11-13 20:28:34 -05:00
Vlad Ungureanu 2ff547196f Remove unused recovery field in dynamodb backend (#3569) 2017-11-13 15:46:02 -05:00
Chris Hoffman 9e79e9b397
generate token functions to share common names (#3576) 2017-11-13 15:44:26 -05:00
Joel Thompson 6f5aeeeae2 auth/aws: Check credential availability before auth (#3465)
Checks to ensure we can get a valid credential from the credential chain
when using the vault CLI to do AWS auth.

Fixes #3383
2017-11-13 15:43:24 -05:00
Jeff Mitchell ccfcac17fe grpclogfaker should use or, not and, to check whether to log 2017-11-13 15:37:00 -05:00
Jeff Mitchell 2b78bc2a9b
Port over bits (#3575) 2017-11-13 15:31:32 -05:00
Laura Uva 96e80e38e8 Updated the Replication guide to make it clear that it is focused on Performance Replication. Added a link to our general info page for information on DR Replication. Removed some statements about DR not being available yet. (#3502) 2017-11-13 11:55:04 -05:00
Jeff Mitchell d55f94f4a3
Plumb more seal wrap stuff through and move to outside layer of mount options (#3572) 2017-11-13 11:22:22 -05:00
Jeff Mitchell e4750fc793 Fix typo in test (and failure) 2017-11-13 10:35:36 -05:00
Brian Shumate 697a506b7b DOCS: Update telemetry docs - fixes #3557 (#3571) 2017-11-13 09:58:04 -05:00
Jeff Mitchell 57f60c4f9f Fix client test 2017-11-12 12:34:56 -05:00
Calvin Leung Huang 87feab4492
Docs update related to new top-level config values (#3556)
* Add new top level config value docs, add VAULT_API_ADDR, purge old references

* Fix indentation

* Update wording on ha.html

* Add section on split data/HA mode

* Fix grammar
2017-11-10 20:06:07 -05:00
Jeff Mitchell e0b13134e2 changelog++ 2017-11-10 18:18:07 -05:00
Jeff Mitchell 8efa6756c3
Make -client-cert and -client-key work when the server doesn't know (#3568)
about the CA used to sign the cert.

Stop swallowing an error in meta.

Fixes #2946
2017-11-10 18:16:50 -05:00
Jeff Mitchell 0798ccdd7c Populate config error in three node test function 2017-11-10 17:44:25 -05:00
Vishal Nayak 8654c06b26
avoid empty group alias names (#3567) 2017-11-10 16:51:37 -05:00
Jeff Mitchell a5c821532c Don't output log level twice in three node mode 2017-11-10 16:33:16 -05:00
Jeff Mitchell e66c4b11d5 Add core numbers to output in dev three node 2017-11-10 16:21:46 -05:00
Brian Kassouf ab3b625a3b
Add API methods for creating a DR Operation Token and make generate root accept strategy types (#3565)
* Add API and Command code for generating a DR Operation Token

* Update generate root to accept different token strategies
2017-11-10 10:19:42 -08:00
Jeff Mitchell c3b382d010 If kv entry is sealwrapped and is response-wrapped ensure it carries through 2017-11-10 12:56:31 -05:00
Brian Shumate a7af6c4cb7 Debug level logging of socket audit backend config at startup (#3560) 2017-11-10 12:08:36 -05:00
vishalnayak e1a55161a8 changelog++ 2017-11-10 11:39:20 -05:00
Vishal Nayak 61d617df81
Avoid race conditions in AppRole (#3561)
* avoid race conditions in approle

* return a warning from role read if secondary index is missing

* Create a role ID index if a role is missing one

* Fix locking in approle read and add test

* address review feedback
2017-11-10 11:32:04 -05:00
Vishal Nayak 645c068011
transit doc update (#3564) 2017-11-09 16:17:54 -05:00
Jeff Mitchell 18f76d0909 Change test cluster to request client cert rather than verify if given 2017-11-09 15:55:23 -05:00
Jeff Mitchell fdaed84e82
Add ability to send seal wrap response info into cubbyhole request. (#3562)
Ref 84f80db4bf499ce7345615cc2def77e7d48bc690
2017-11-09 12:47:42 -05:00
Jeff Mitchell 922ac56222
Seal wrap requesting in logical.Request wrapinfo (#3559) 2017-11-09 10:32:49 -05:00
Jeff Mitchell 6b72b90efa Remove allow_base_domain from PKI role output.
It was never used in a release, in favor of allow_bare_domains.

Fixes #1452 (again)
2017-11-09 10:24:36 -05:00
James Soubry f2a98cc662 Fix curl commands (#3558)
Curl commands require HCL within JSON to work.
2017-11-09 10:16:09 -05:00
Vishal Nayak 660c9ab382
Merge identity alias lookups into either entity or group lookup endpoints (#3538)
* merge identity alias lookups into either entity or group lookups

* Address review feedback

* address review feedback
2017-11-09 01:29:19 -05:00
Jeff Mitchell 3555a17d52 Don't read out an internal role member in PKI 2017-11-08 18:20:53 -05:00
Chris Hoffman a7f510c9b4 converting identity metadata to use TypeKVPairs (#3549) 2017-11-08 14:51:40 -05:00
Calvin Leung Huang b7deec2bec Add docs for /sys/rekey-recovery-key (#3520) 2017-11-08 14:22:30 -05:00
Calvin Leung Huang 882f85740b Move HA-related config values to top level (#3550)
* Move HA-related config values to top level

* Add config2.hcl test-fixture
2017-11-08 14:19:41 -05:00
Jeff Mitchell dd551eb12f Put back original test cluster client redirect behavior 2017-11-08 10:15:56 -05:00
Bharath B ab9111827d Remove symbols from vault binary (#3369) 2017-11-08 07:53:08 -05:00
Jeff Mitchell 0c9e692414
Minor mount logic updates (#3553) 2017-11-07 20:30:02 -05:00
Calvin Leung Huang 6aa12999aa
Use RFC3339Nano for AuditRequestEntry.Time (#3551) 2017-11-07 18:09:54 -05:00