luxolus
/
open-vault
2
0
Fork 0
Code Issues 1 Pull Requests Releases Activity
17,387 Commits 1 Branch 0 Tags 214 MiB
Commit Graph

1051 Commits

Author SHA1 Message Date
Nick Cabatoff e2aadfc157
Update docs for agent's new vault.retry stanza. (#11151) 2021-03-22 12:50:59 -04:00
Jason O'Donnell 921979a40f
docs: update vault-k8s to 0.9.0 (#11138) 
* docs: update vault-k8s to 0.9.0

* Fix typos

* Update website/content/docs/platform/k8s/injector/examples.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/injector/annotations.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add links for auto-auth

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-03-19 11:34:58 -04:00
Scott Miller 689dd3722f
Document mysql (#11112) 
* Document MySQL

* Document snapshot, restore, and export-decoded (#11110)

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Add parseTime note

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
 2021-03-19 10:34:41 -05:00
Josh Black 5fcc629847
Add log shipper configuration docs (#11014) 
* Add log shipper configuration docs

* Fix indentation issue

* Add telemetry

* Updates to logshipper docs

* Add CCC related replication config docs. (#11087)

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Correct formatting

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
 2021-03-18 16:41:13 -07:00
Clint 5353279e75
Add command to look up a lease by ID (#11129) 
* snapshot

* basic test

* update command and add documentation

* update help text

* typo

* add changelog for lease lookup command

* run go mod vendor

* remove tabs from help output
 2021-03-18 11:11:09 -05:00
aphorise eb36b68710
Corrected links for Consul Consistency Modes (#10862) 2021-03-17 16:05:30 -07:00
aphorise 5b6e2bb77a
Docs - Plugin register operator & example add (#10864) 2021-03-17 16:04:51 -07:00
Hridoy Roy 261e7c6b17
Docs: Key Rotation For Tokenization [VAULT-1482] (#10921) 
* first docs pass

* filled in read output

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes

* transform docs changes
 2021-03-17 14:29:13 -07:00
Hridoy Roy e9e83ff864
Add FF3-1 Tweak Guidance Docs [VAULT-1036] (#10978) 
* ff3 guidance docs

* docs upgrade

* address PR comments
 2021-03-16 07:57:50 -07:00
Alvaro Miranda Aguilera 3fb284c217
Update oracle.mdx (#11101) 2021-03-15 14:13:40 -06:00
Scott Miller da982c3982
Upgrade notes for the transform engine upgrade bug fix. (#11098) 
* Add upgrade notes for the Transform storage upgrade bug

* sidenav

* Reword to encourage upgrade when available
 2021-03-12 19:59:50 -06:00
Mark Gritter 8bbf92ef70
Fix typo in limits.mdx (#11103) 2021-03-12 15:46:41 -06:00
Scott Miller c4e8d51c9d
Add upgrade notes for the Transform storage upgrade bug (#11075) 
* Add upgrade notes for the Transform storage upgrade bug

* sidenav
 2021-03-11 11:23:19 -06:00
Jacob Friedman 5305c439d4
Update init.mdx (#11044) 
* Update init.mdx

Updated operator init documentation to try to avoid steering customers towards running Auto Unseal seals with recovery-shares=1 and recovery-threshold=1. This is a bad security posture, as it can allow a single user with access to that recovery share to create root tokens and do other very sensitive tasks.

Also rewrote parts of the HSM/KMS Options section to indicate that recovery-related options are not solely for HSM-mode Vault but are for ANY Auto Unseal seal.

* Update website/content/docs/commands/operator/init.mdx

Adding an appropriate number of recovery-pgp-keys

Co-authored-by: Yoko <yoko@hashicorp.com>

Co-authored-by: Yoko <yoko@hashicorp.com>
 2021-03-04 15:57:47 -08:00
Michele Degges 9741f51bee
Removing broken link (#11029) 2021-03-02 12:02:59 -08:00
Scott Miller 1e1f7eff46
Documentation for barrier autorotation (#11027) 
* Documentation for barrier autorotation

* changelog

* 1.7 upgrade notes
 2021-03-01 10:45:22 -06:00
Brian Kassouf a112161f60
expiration: Add a few metrics to measure revoke queue lengths (#10955) 
* expiration: Add a few metrics to measure revoke queue lengths

* Update the metric names

* Add appropriate cluster labels

* Add metrics to docs

* Update jobmanager.go
 2021-02-26 16:00:39 -08:00
Michael Golowka 302cc4870e
Add Username Templating Concepts page (#10935) 2021-02-26 16:04:12 -07:00
Tom Proctor 45d9efd0c2
Add notice about MongoDB Atlas whitelist deprecation (#10967) 2021-02-26 20:38:27 +00:00
Jim Kalafut e60cc11f33
Add configurable exponential backoff to Agent auto-auth (#10964) 2021-02-23 12:04:21 -08:00
Clint b0b121753a
update docs related to OCI alias changes (#10952) 
* update docs related to OCI alias changes

* covert CHANGELOG update to a changelog/ entry
 2021-02-23 10:08:15 -06:00
Jim Kalafut 4b1557e6ab
Minor update to Secrets engine overview docs (#10977) 
The reference to API calls and link to code isn't a good fit here.

Reverts eb3e34d
 2021-02-23 07:17:44 -08:00
Clint f998f96451
Add documentation for upcoming Terraform Cloud secret engine (#10823) 
* add side navigation for Terraform Cloud Secret Engine

* terraform cloud engine docs

* add api-docs for terraform cloud secret engine

* fix some typos and improve wording, now with less management

* fix capitalization

* change text->shell-session

* clarify rotating user roles returns an error
 2021-02-22 10:57:52 -06:00
Jim Kalafut 7e54bc15c2
Add TOTP support to Okta Auth (#10942) 2021-02-21 21:18:17 -08:00
Nick Cabatoff 81105274d1
Add docs for Agent's template_retry option added in #10644, based on those from consul-template configuration. Also fix some existing config docs that weren't adhering to our conventions. (#10911) 2021-02-18 11:24:36 -08:00
Brian Fox 7f6ec265a1
Update KV Secrets Engine index (#10933) 
Just a suggestion on how to perhaps improve the language as I found myself re-reading the sentences due to the missing "either ... or ..." having been _told_ that it `can be run in two modes`.
 2021-02-17 14:27:37 -08:00
Nick Cabatoff 1b789f5ae5
Note that all local mounts are impacted, including on primary. (#10807) 2021-02-16 10:37:37 -05:00
Rosemary Wang a48db957ca
docs: Update Azure AD OIDC documentation (#10853) 
Addresses #8191 with clearer external groups configuration.
 2021-02-12 17:28:00 -08:00
Mark Gritter a8d2e6e350
Added a table showing the entity alias name used by each auth method. (#10908) 
* Also corrected the text about token auth method.
 2021-02-11 18:34:45 -06:00
aphorise 17003328ab
Docs - Namespace monitoring corrected examples (#10863) 
Re-doing PR #10305
 2021-02-11 11:32:52 -06:00
Jim 7cb100e9a7
Update kubernetes.mdx (#10871) 
Add suggestion to validate K8S cluster address and TCP port using cluster-info command and update sample config (line 77) to prompt for validation. Feedback from prospect was that doc is misleading since our sample uses TCP 8443.
 2021-02-09 14:50:31 -05:00
Michael Golowka aaa51e975f
Add docs for OpenLDAP dynamic secrets (#10817) 2021-02-05 10:49:29 -07:00
Calvin Leung Huang b1c4b86d7f
approle: add ttl to the secret ID generation response (#10826) 
* approle: add ttl to the secret ID generation response

* approle: move TTL derivation into helper func

* changelog: add changelog entry

* docs: update approle docs and api-docs pages
 2021-02-03 16:32:16 -08:00
Jason O'Donnell 84cb949802
k8s doc: update for 0.9.1 and 0.8.0 releases (#10825) 
* k8s doc: update for 0.9.1 and 0.8.0 releases

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-02-02 16:37:34 -05:00
Josh Black 449b9ddedb
Clarify docs around using the Vault Agent as a windows service (#10519) 2021-02-01 10:03:42 -08:00
Nick Cabatoff 936ce3ba62
Document identity behaviour on local auth mounts. (#10805) 2021-01-28 11:45:53 -05:00
Hridoy Roy 17e20bdaa6
docs change for max request size community PR (#10723) 2021-01-27 10:02:00 -08:00
Aleksandr Bezobchuk 46c3f1f7bc
docs: update "Policy Syntax" section (#10590) 
Co-authored-by: mgritter <mgritter@hashicorp.com>
 2021-01-26 22:14:47 -06:00
Aleksandr Bezobchuk 2ec8f9a222
metrics: activity log (#10514) 
* core: add vault.identity.entity.active.monthly log
* Fixed end-of-month metrics and unit test.
* Added metric covering month-to-date (not broken down by namespace.)
* Updated documentation
* Added changelog.

Co-authored-by: mgritter <mgritter@hashicorp.com>
 2021-01-26 16:37:07 -06:00
Jim Kalafut fb049caa7f
Clarify agent lease renewal docs (#10772) 2021-01-26 12:07:59 -08:00
John Eikenberry 1ecd3464eb
fix deep links to consul-template docs (#10768) 2021-01-25 16:42:19 -08:00
Lauren Voswinkel 1ec64fd010
Update Snowflake docs (#10691) 
* Update Snowflake docs

Snowflake docs had an issue, `DEFAULT ROLE` should be `DEFAULT_ROLE`

* Update docs to show an actual username
 2021-01-13 14:59:16 -08:00
Eugene R 331529fc94
Aerospike storage backend (#10131) 
* add an Aerospike storage backend

* go mod vendor

* add Aerospike storage configuration docs

* review fixes

* bump aerospike client to v3.1.1

* rename the defaultHostname variable

* relocate the docs page
 2021-01-12 15:26:07 -08:00
Scott Miller 77d27cb968
Add NIST guidance on rotating keys used for AES-GCM encryption (#10612) 
* Add NIST guidance on rotating keys used for AES-GCM encryption

* Capture more places barrier encryption is used

* spacing issue

* Probabilistically track an estimated encryption count by key term

* Un-reorder imports

* wip

* get rid of sampling
 2021-01-07 15:37:37 -06:00
Theron Voran c788e98a16
Adding documentation for multiple vault-k8s replicas (#10659) 
Describes the setup and config for using multiple injector replicas
with auto and manual TLS.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
 2021-01-07 12:22:21 -08:00
Jim Kalafut 9064097c5d
Make example Okta creds more obviously fake (#10639) 2021-01-06 10:05:23 -08:00
Lauren Voswinkel ce90acd68d
Add Snowflake docs to the website (#10617) 
* Add snowflake docs to the website

* Update navs

* Add Snowflake to the DB Capabilities table
 2021-01-05 14:44:28 -08:00
Jason O'Donnell abfb92173c
docs: update Vault Helm to 0.9.0 (#10656) 
* docs: update vault-helm for 0.9.0

* Fix typo in leaderElector config

* Add default value to ttl

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

* Add affinity default for injector

* Update website/content/docs/platform/k8s/helm/configuration.mdx

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2021-01-05 16:46:20 -05:00
Nick Cabatoff 5c446d9d53
Clarify which seal/recovery config we mean. (#10634) 2021-01-04 10:31:36 -05:00
Nick Cabatoff 69e68c4d0d
Document constraints re primary vs secondary clusters. (#10527) 2021-01-04 08:35:17 -05:00
Jeff Escalante ec620a7765
Implement MDX Remote (#10581) 
* implement mdx remote

* fix an unfenced code block

* fix partials path

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-12-17 16:53:33 -05:00