Commit graph

283 commits

Author SHA1 Message Date
Hridoy Roy 1fc0a699d9
Docs for counting non-entity tokens in the Activity Log (#13007)
* docs for counting tokens without entities

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: swayne275 <swayne275@gmail.com>

* remove parens in docs

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* update documentation to be consistent with the non-entity token terminology

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* Update website/content/docs/concepts/client-count.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* add line about client ids to the api docs

* syntax and grammar

Co-authored-by: swayne275 <swayne275@gmail.com>
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-12 09:59:50 -08:00
swayne275 12faa5227b
define batch token interaction with lease count quota (#13127) 2021-11-11 16:09:44 -07:00
Loann Le 6a5fc75ff5
fixed link error (#13103) 2021-11-10 09:38:02 -08:00
swayne275 0604c12f27
Namespace API Lock docs (#13064)
* add api lock doc

* add docs nav data

* Update website/content/api-docs/system/namespaces.mdx

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>

* update command doc

* clarify locked http status code

* add example exempt path

* further exempt clarification

* link api locked response

* add x-vault-namespace api example

* Update website/content/docs/concepts/namespace-api-lock.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* review suggestions

* few other small tweaks

Co-authored-by: Chris Capurso <christopher.capurso@gmail.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-11-09 15:43:17 -07:00
Daniel Nathan Gray 26711ab017
Documentation consistency GPG keys are PGP keys. (#13073)
* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: GPG keys are PGP keys

* Consistency: s/GPG/PGP keys, use GPG's proper name

* Use GPG's proper name GnuPG

* Use GPG's proper name GnuPG

* Consistency: GPG keys are PGP keys

* Fix typo
2021-11-08 10:04:59 -08:00
Meggie bb6ba32f65
Add note that monitor command may truncate logs (#13079)
* Add note that monitor command may truncate logs

* Apply suggestions from code review

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2021-11-08 12:52:42 -05:00
Jason O'Donnell 16bc065c48
secrets/azure: add doc for rotate-root and AAD migration (#13066)
* secrets/azure: add doc for rotate-root and AAD migration

* Formatting

* Fix bad link, update warnings
2021-11-05 13:04:25 -04:00
castironclay c2e7aca9ca
Address algorithm not supported (#12852)
error seen on host /var/log/auth.log:
  userauth_pubkey: certificate signature algorithm ssh-rsa: signature algorithm not supported [preauth]
2021-11-04 18:07:46 -04:00
Loann Le a6432ca770
added new code samples (#13030) 2021-11-03 10:10:28 -07:00
Nick Cabatoff ddf89f2708
Add more detail to recovery mode docs. (#12984) 2021-11-03 10:22:00 -04:00
Gary Frederick f16f3efed5
add missing back tick (#12941) 2021-11-02 14:06:17 -07:00
akshya96 8b89a14f13
Local auth mount documentation (#12970)
* adding documentation changes

* adding requested changes

* adding suggested changes
2021-11-02 13:23:29 -07:00
Theron Voran 3277b8441e
docs: agent cache config requirements (#13006)
Added a note that agent cache requires at least one listener or template
to be defined in the config, and a couple spelling corrections.

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2021-11-02 11:29:40 -07:00
Victor Rodriguez f6e35369f0
VAULT-444: Add PKI tidy-status endpoint. (#12885)
VAULT-444: Add PKI tidy-status endpoint.

Add metrics so that the PKI tidy status can be monitored using telemetry as well.

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2021-11-02 11:12:49 -04:00
Alexander Scheel ecfc679283
TLS Documentation Changes (#12940)
* Add note to TLS cipher suite configuration

Ordering is no longer respected and the tls_max_version flag must be
used for this list to be relevant (as TLSv1.3 will ignore the cipher
suite list entirely).

See blog post linked in the docs for more information.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Note that server cipher suite flag is ignored

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add upgrade note about TLS cipher suites

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2021-11-01 18:14:41 -04:00
Meggie 7ca83828c4
Note on pending etcd v2 API deprecation (#12935)
* Note on pending etcd v2 API deprecation

* Updating etcd guidance to include migration
2021-11-01 11:46:28 -04:00
Yoko Hyakuna a681b363ca
Fix reported error (#12973) 2021-10-29 17:05:24 -07:00
Jim Kalafut ee6b81eb43
Add known issue about MSSQL panic (#12961) 2021-10-28 14:46:14 -07:00
Alexander Scheel 5579394b48
go-kms-wrapping update for Azure Key Vault's Managed HSM offering (#12934)
* Update to hashicorp/go-kms-wrapping@v0.6.8

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add documentation around Managed HSM KeyVault

This introduces the "resource" config parameter and the
AZURE_AD_RESOURCE environment variable from the updated go-kms-wrapping
dependency.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Add changelog entry for g-k-w changes

Includes changes from @stevendpclark.

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

Co-authored-by: Rachel Culpepper <84159930+rculpepper@users.noreply.github.com>
2021-10-27 12:07:18 -04:00
Chris Capurso 7dcae18641
Update kv custom metadata docs (#12920)
* fix json code block in kv api docs

* add custom_metadata to GET, PUT, PATCH in kv api docs

* add custom_metadata to get, put, and patch in kv CLI docs
2021-10-26 15:41:40 -04:00
Guillaume b9b7f5a9a3
Added support for a LDAP user search filter. Documentation, tests and UI included (#11000) 2021-10-26 10:39:12 -07:00
Chris Capurso 509eabbff6
add custom-metadata flag docs for 'vault kv metadata put' cmd (#12729) 2021-10-25 14:08:48 -04:00
Tom Proctor 9ad06611a4
agent: Docs for auto-auth and limited-use tokens (#12918)
There are a number of auth methods that support creating tokens with a limited number of uses. However, Vault Agent doesn't track the uses remaining for its auto-auth token, so it may result in flaky permission denied responses if that limit is hit and Vault Agent remains unaware.
2021-10-25 18:25:24 +01:00
Theron Voran 96c49ee528
docs: updates for vault-k8s and vault-helm (#12901)
Documentation updates for vault-k8s 0.14.0 and vault-helm 0.17.0
releases.
2021-10-22 14:26:13 -07:00
Chris Capurso 9c8fe62818
add patch section to kv-v2 api and CLI docs (#12689)
* add data patch section to kv-v2 api docs

* fix trucated output for kv put command with cas cmd in kv-v2 docs

* wip vault kv patch CLI docs

* add new flags to 'vault kv patch' CLI command docs

* fix cas_required formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* fix cas formatting

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

* additional format fixes

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-22 15:31:03 -04:00
Andreas Gruhler 8f6e4f1923
Clarify docs for CSI provider secretArgs (#12570) 2021-10-22 16:27:24 +01:00
Nick Cabatoff d66fd98d4a
Add support for go-sockaddr templated addresses in config. (#9109) 2021-10-21 10:10:48 -04:00
Meggie fe3abd7e53
Adding upgrade note about request counters API (#12858)
* Adding upgrade note about request counters API

* Note on internal and new behavior
2021-10-21 09:58:28 -04:00
Dave Du Cros ceac6e913d
operator generate-root -decode: allow token from stdin (#12881)
* operator generate-root -decode: allow token from stdin

Allow passing "-" as the value for -decode, causing the encoded token to
be read from stdin. This is intended to prevent leaking the encoded
token + otp into process logs in enterprise environments.

* add changelog entry for PR12881

* add check/test for empty decode value passed via stdin
2021-10-20 12:29:17 -04:00
Daniel Kimsey f9100dfb42
Add documentation for vault-plugin-auth-jwt skip_browser CLI option (#12833) 2021-10-19 15:55:24 -07:00
Loann Le 1347d4c534
Vault documentation: created new identity concepts page (#12825)
* created draft PR for identity doc

* relocated identity page

* fixed error in side nav

* Fix table format

* Add Learn tutorial link

* fixed typo

* Update identity.mdx

fixed typo

* modified intro

* Removed duplicated description about entity (#12861)

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2021-10-19 10:56:15 -07:00
Steven Clark b75e990cb6
Update website docs regarding ssh role allowed_extensions parameter (#12857)
* Update website docs regarding ssh role allowed_extensions parameter

 - Add note within the upgrading to 1.9.0 about behaviour change
 - Prefix the important note block within the main documentation about
   signed ssh certificates that it applies pre-vault 1.9
 - Update api docs for the allowed_extensions parameter within the ssh
   role parameter.

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-19 09:30:06 -04:00
Victor Rodriguez 70a9636575
Update docs with Transform FPE advanced I/O handling features (#12744) 2021-10-15 14:51:53 -04:00
hghaf099 d016fafdf8
Documentation for custom http response headers (#12524)
* Documentation for custom http response headers

* Adding more explanation of what custom headers are and when to use them

* Header in the config takes precedence

* Update website/content/docs/configuration/listener/tcp.mdx

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>

* Adding more information on how to use custom response headers

* adding an API link to the ui

Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
2021-10-14 16:04:35 -04:00
Pratyoy Mukhopadhyay 148109b8ed
[VAULT-3252] Disallow alias creation if entity/accessor combination exists (#12747)
* Disallow alias creation if entity/accessor combination exists

* Add changelog

* Address review comments

* Add handling to aliasUpdate, some field renaming

* Update tests to work under new entity-alias constraint

* Add check to entity merge, other review fixes

* Log duplicated accessors only once

* Fix flaky test

* Add note about new constraint to docs

* Update entity merge warn log
2021-10-14 09:52:07 -07:00
Nick Cabatoff 4b847446f3
Document autopilot metrics (#12612) 2021-10-14 09:03:17 -04:00
Alex Cahn d28370747d
Docs/vip update (#12826) 2021-10-13 18:05:19 -07:00
Alex Cahn 1fd0e65fc0
Docs/vip update (#12818)
* Update the Vault Integration program page

This includes now support for HCP Vault as well as general updates to the program

* Updated process flow image

* Adding HCP V image

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

* Update website/content/docs/partnerships.mdx

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-13 13:06:09 -07:00
Loann Le ce0091f5ee
Vault Documentation: Modified What is Vault description (#12783)
* modified vault description

* modified paragraph based on feedback

* Update what-is-vault.mdx

Removed characters that were arbitrarily added.

* Update what-is-vault.mdx

changed markdown syntax for 'secret's
2021-10-13 07:48:00 -07:00
DJCrabhat 810282d469
Add nonce configuration parameter to agent AWS auto-auth documentation (#10926)
* Update aws.mdx

Was looking how to give the vault agent with AWS auth-auth the same nonce, but saw it wasn't documented.  Dove through the code, found https://github.com/hashicorp/vault/blob/master/command/agent/auth/aws/aws.go#L139 and https://github.com/hashicorp/vault/blob/master/command/agent/auth/aws/aws.go#L215 

(tried to call out the importance and point to docs, know setting `nonce` poorly could be very bad!)

* add line breaks

* Apply suggestions from code review

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>

Co-authored-by: hghaf099 <83242695+hghaf099@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
2021-10-13 10:45:34 -04:00
dr-db ee3b1ac4c1
Update index.mdx (#12395)
Typo fix.
2021-10-12 18:50:20 -07:00
Mike Green c99865d970
Clarify max TTL and system max TTL behavior (#12391) 2021-10-12 13:24:07 +01:00
vinay-gopalan ef103cc618
Fix connection_url in AzureSQL Config Example in Secret Engine Docs (#12803)
* remove newline in azuresql example conn url

* add changelog

* remove changelog
2021-10-11 14:11:24 -07:00
Jason O'Donnell 8b5d386537
docs: add additional resources for vault agent templating language (#12798)
* docs: add templating language links

* docs: add templating language links
2021-10-11 14:31:50 -04:00
Loann Le 964a0f3b15
Vault documentation: added new code sample to Kubernetes documentation (#12774)
* added new code sample for k8s auth

* Update kubernetes.mdx

removed spacing
2021-10-08 14:57:53 -07:00
Loann Le 833b51dbba
Documentation: added new c# code samples to Vault documentation (#12769)
* added new code sample for C-sharp

* Update aws.mdx

Removed extra spacing

* added more code samples

* Update gcp.mdx

removed spacing

* Update aws.mdx

remove spacing
2021-10-08 08:54:26 -07:00
Rowan Smith 893a4b9051
raft auto_join_scheme documentation update (#12701) 2021-10-08 08:32:50 -04:00
Jim Kalafut 65d0718a17
Update docs to reference paths filters instead of mount filters (#12717) 2021-10-07 22:53:07 -07:00
Jason O'Donnell 403595fa9f
docs: add note for rolesets to avoid globs in policies (#12756)
* docs: add note for rolesets to avoid wildcards in policies

* Add note about not using example

* Change wildcard to glob

* Update website/content/docs/upgrading/upgrade-to-1.8.0.mdx

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>

* Update documentation per review

* Update per review

* Update website/content/docs/upgrading/upgrade-to-1.8.0.mdx

Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>

Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
2021-10-07 15:35:56 -04:00
Rowan Smith f21be1ed1c
updated vault.core.license.expiration_time_epoch (#12760) 2021-10-07 07:14:25 -04:00