Commit graph

384 commits

Author SHA1 Message Date
Hridoy Roy 1fc0a699d9
Docs for counting non-entity tokens in the Activity Log (#13007)
* docs for counting tokens without entities

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: swayne275 <swayne275@gmail.com>

* remove parens in docs

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* update documentation to be consistent with the non-entity token terminology

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* add line about client ids to the api docs

* syntax and grammar

Co-authored-by: swayne275 <swayne275@gmail.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-12 09:59:50 -08:00
swayne275 12faa5227b
define batch token interaction with lease count quota (#13127) 2021-11-11 16:09:44 -07:00
Loann Le 6a5fc75ff5
fixed link error (#13103) 2021-11-10 09:38:02 -08:00
swayne275 0604c12f27
Namespace API Lock docs (#13064)
* add api lock doc

* add docs nav data

* Update website/content/api-docs/system/namespaces.mdx

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>

* update command doc

* clarify locked http status code

* add example exempt path

* further exempt clarification

* link api locked response

* add x-vault-namespace api example

* Update website/content/docs/concepts/namespace-api-lock.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* review suggestions

* few other small tweaks

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-09 15:43:17 -07:00
Rémi Lapeyre ae0b5e41e0
Add read support to sys/mounts/:path (#12792)
* Add read support to sys/mounts/:path

Closes https://github.com/hashicorp/vault/issues/12349

* Add changelog entry

* Empty commit to trigger CI

* Empty commit to trigger CI
2021-11-08 10:32:01 -08:00
Daniel Nathan Gray 26711ab017
Documentation consistency GPG keys are PGP keys. (#13073)
* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: s/GPG/PGP keys, use GPG's proper name

* Use GPG's proper name GnuPG

* Use GPG's proper name GnuPG

* Consistency: GPG keys are PGP keys

* Fix typo
2021-11-08 10:04:59 -08:00
Meggie bb6ba32f65
Add note that monitor command may truncate logs (#13079)
* Add note that monitor command may truncate logs

* Apply suggestions from code review

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-11-08 12:52:42 -05:00
Jason O'Donnell 16bc065c48
secrets/azure: add doc for rotate-root and AAD migration (#13066)
* secrets/azure: add doc for rotate-root and AAD migration

* Formatting

* Fix bad link, update warnings
2021-11-05 13:04:25 -04:00
castironclay c2e7aca9ca
Address algorithm not supported (#12852)
error seen on host /var/log/auth.log:
  userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]
2021-11-04 18:07:46 -04:00
John-Michael Faircloth fde5bb2e72
Docs: OIDC flow endpoints (#12942)
* add docs for OIDC provider and scopes

* fix json formatting

* add oidc docs path to nav data

* create provider with scope

* update client ids description

* update provider and scope docs

* add issuer string additional docs info

* OIDC: docs for oidc flow endpoints

* fix formatting and wording

* improve headings, formatting; fix wording

Co-authored-by: Vinay Gopalan <vinay@hashicorp.com>
2021-11-04 16:03:56 -05:00
Loann Le a6432ca770
added new code samples (#13030) 2021-11-03 10:10:28 -07:00
Nick Cabatoff ddf89f2708
Add more detail to recovery mode docs. (#12984) 2021-11-03 10:22:00 -04:00
Gary Frederick f16f3efed5
add missing back tick (#12941) 2021-11-02 14:06:17 -07:00
akshya96 8b89a14f13
Local auth mount documentation (#12970)
* adding documentation changes

* adding requested changes

* adding suggested changes
2021-11-02 13:23:29 -07:00
Theron Voran 3277b8441e
docs: agent cache config requirements (#13006)
Added a note that agent cache requires at least one listener or template
to be defined in the config, and a couple spelling corrections.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-11-02 11:29:40 -07:00
vinay-gopalan ebb904031f
[VAULT-3969] Document CRUD APIs for OIDC client and assignment (#12939) 2021-11-02 11:01:28 -07:00
Victor Rodriguez f6e35369f0
VAULT-444: Add PKI tidy-status endpoint. (#12885)
VAULT-444: Add PKI tidy-status endpoint.

Add metrics so that the PKI tidy status can be monitored using telemetry as well.

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2021-11-02 11:12:49 -04:00
Pratyoy Mukhopadhyay d37da52974
Add docs update for counter forwarding to oss (#12998)
* Add docs update for counter forwarding to oss

* Update website/content/api-docs/system/internal-counters.mdx

Co-authored-by: swayne275 <swayne275@gmail.com>

* Revert "Update website/content/api-docs/system/internal-counters.mdx"

This reverts commit 4c433726427c74e1ceef2378413cfe1eced92e9d.

* Revert "Revert "Update website/content/api-docs/system/internal-counters.mdx""

This reverts commit 0d89d734ad56a0943ad138fabbc7ce03f488176c.

Co-authored-by: swayne275 <swayne275@gmail.com>
2021-11-01 21:48:08 -07:00
Alexander Scheel ecfc679283
TLS Documentation Changes (#12940)
* Add note to TLS cipher suite configuration

Ordering is no longer respected and the tls_max_version flag must be
used for this list to be relevant (as TLSv1.3 will ignore the cipher
suite list entirely).

See blog post linked in the docs for more information.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Note that server cipher suite flag is ignored

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add upgrade note about TLS cipher suites

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2021-11-01 18:14:41 -04:00
John-Michael Faircloth 00a1bf37eb
docs: fix mongodb atlas username template doc (#12992) 2021-11-01 15:17:55 -05:00
Scott Miller 33edf1f556
Flip the semantics of the matching key algorithms in sign-self-issued. (#12988)
* Document allow_different_signature_algorithm param

* Flip the semantics of different key types for sign self issued

* More language tweaks

* Fix the field definition description

* Rework differenttype test for the new flag

* typo
2021-11-01 14:42:25 -05:00
Victor Rodriguez c83289f238
Document default value of encode_format field for Transform templates. (#12983) 2021-11-01 13:47:37 -04:00
Meggie 7ca83828c4
Note on pending etcd v2 API deprecation (#12935)
* Note on pending etcd v2 API deprecation

* Updating etcd guidance to include migration
2021-11-01 11:46:28 -04:00
Yoko Hyakuna a681b363ca
Fix reported error (#12973) 2021-10-29 17:05:24 -07:00
Guillaume 353e8a312f
Fixed parameter name to match AppRole code (#12963) 2021-10-29 10:10:06 -07:00
Jim Kalafut ee6b81eb43
Add known issue about MSSQL panic (#12961) 2021-10-28 14:46:14 -07:00
vinay-gopalan cacc2d00bd
[VAULT-3967] Document CRUD APIs for OIDC provider and scope (#12924) 2021-10-28 10:33:51 -07:00
Alexander Scheel 5579394b48
go-kms-wrapping update for Azure Key Vault's Managed HSM offering (#12934)
* Update to hashicorp/go-kms-wrapping@v0.6.8

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation around Managed HSM KeyVault

This introduces the "resource" config parameter and the
AZURE_AD_RESOURCE environment variable from the updated go-kms-wrapping
dependency.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry for g-k-w changes

Includes changes from @stevendpclark.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
2021-10-27 12:07:18 -04:00
Chris Capurso 7dcae18641
Update kv custom metadata docs (#12920)
* fix json code block in kv api docs

* add custom_metadata to GET, PUT, PATCH in kv api docs

* add custom_metadata to get, put, and patch in kv CLI docs
2021-10-26 15:41:40 -04:00
Guillaume b9b7f5a9a3
Added support for a LDAP user search filter. Documentation, tests and UI included (#11000) 2021-10-26 10:39:12 -07:00
Chris Capurso 509eabbff6
add custom-metadata flag docs for 'vault kv metadata put' cmd (#12729) 2021-10-25 14:08:48 -04:00
Tom Proctor 9ad06611a4
agent: Docs for auto-auth and limited-use tokens (#12918)
There are a number of auth methods that support creating tokens with a limited number of uses. However, Vault Agent doesn't track the uses remaining for its auto-auth token, so it may result in flaky permission denied responses if that limit is hit and Vault Agent remains unaware.
2021-10-25 18:25:24 +01:00
Theron Voran 96c49ee528
docs: updates for vault-k8s and vault-helm (#12901)
Documentation updates for vault-k8s 0.14.0 and vault-helm 0.17.0
releases.
2021-10-22 14:26:13 -07:00
Chris Capurso 9c8fe62818
add patch section to kv-v2 api and CLI docs (#12689)
* add data patch section to kv-v2 api docs

* fix trucated output for kv put command with cas cmd in kv-v2 docs

* wip vault kv patch CLI docs

* add new flags to 'vault kv patch' CLI command docs

* fix cas_required formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* fix cas formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* additional format fixes

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-22 15:31:03 -04:00
Angel Garbarino a71938dddf
Update KV V2 docs to remove default on max_versions for config (#12845)
* remove default to ten

* explain default

* language change:
2021-10-22 10:17:36 -06:00
Andreas Gruhler 8f6e4f1923
Clarify docs for CSI provider secretArgs (#12570) 2021-10-22 16:27:24 +01:00
Nick Cabatoff 83076bb58d
Set Cassandra connect timeout, not just regular timeout (#12903) 2021-10-22 11:02:28 -04:00
Oliver fa5ea438c1
Fix header for Login's Parameters (#9731)
The header for parameters was the same as "Sample Payload"
2021-10-21 13:15:42 -07:00
Nick Cabatoff d66fd98d4a
Add support for go-sockaddr templated addresses in config. (#9109) 2021-10-21 10:10:48 -04:00
Meggie fe3abd7e53
Adding upgrade note about request counters API (#12858)
* Adding upgrade note about request counters API

* Note on internal and new behavior
2021-10-21 09:58:28 -04:00
vinay-gopalan 840af2ee36
[Docs] Update MSSQL DB Engine API docs with new contained_db field (#12889) 2021-10-20 13:18:36 -07:00
Dave Du Cros ceac6e913d
operator generate-root -decode: allow token from stdin (#12881)
* operator generate-root -decode: allow token from stdin

Allow passing "-" as the value for -decode, causing the encoded token to
be read from stdin. This is intended to prevent leaking the encoded
token + otp into process logs in enterprise environments.

* add changelog entry for PR12881

* add check/test for empty decode value passed via stdin
2021-10-20 12:29:17 -04:00
Daniel Kimsey f9100dfb42
Add documentation for vault-plugin-auth-jwt skip_browser CLI option (#12833) 2021-10-19 15:55:24 -07:00
Philipp Hossner 824f097a7d
Let allowed_users template mix templated and non-templated parts (#10886)
* Let allowed_users template mix templated and non-templated parts (#10388)

* Add documentation

* Change test function names

* Add documentation

* Add changelog entry
2021-10-19 15:00:15 -07:00
Loann Le 1347d4c534
Vault documentation: created new identity concepts page (#12825)
* created draft PR for identity doc

* relocated identity page

* fixed error in side nav

* Fix table format

* Add Learn tutorial link

* fixed typo

* Update identity.mdx

fixed typo

* modified intro

* Removed duplicated description about entity (#12861)

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-10-19 10:56:15 -07:00
Steven Clark b75e990cb6
Update website docs regarding ssh role allowed_extensions parameter (#12857)
* Update website docs regarding ssh role allowed_extensions parameter

 - Add note within the upgrading to 1.9.0 about behaviour change
 - Prefix the important note block within the main documentation about
   signed ssh certificates that it applies pre-vault 1.9
 - Update api docs for the allowed_extensions parameter within the ssh
   role parameter.

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-19 09:30:06 -04:00
Victor Rodriguez 70a9636575
Update docs with Transform FPE advanced I/O handling features (#12744) 2021-10-15 14:51:53 -04:00
saltperfect 66369469d9
Removed unpublished:true for sys/internal/* endpoints (#12713)
* removed unpublished:true for sys/internal/* endpoints

* added changelog file

* updated change log and added placeholder summary as these endpoints are not mentioned in docs.

* added documentation for internal/ui/namspaces and resultant-acl

* updated log configs
2021-10-15 14:50:14 -04:00
Brian Candler 58ec5e41c3
SSH: report signing error reason, and clarify docs re. non-RSA CA keys (#11036)
* SSH: report signing error reason, and clarify docs re. non-RSA CA keys

See #10067

* Update website/content/api-docs/secret/ssh.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-15 10:01:10 -04:00
hghaf099 d016fafdf8
Documentation for custom http response headers (#12524)
* Documentation for custom http response headers

* Adding more explanation of what custom headers are and when to use them

* Header in the config takes precedence

* Update website/content/docs/configuration/listener/tcp.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Adding more information on how to use custom response headers

* adding an API link to the ui

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-10-14 16:04:35 -04:00