Commit graph

2390 commits

Author SHA1 Message Date
Roman Iuvshyn 0832153f7d fixes file path option in samples (#5377)
fixes file path option in samples
2018-09-20 15:55:20 -07:00
Yoko 3600f3dfa5
[Guide] Tokens & Leases guide **Correction** (#5375)
* Added Azure Key Vault

* Corrected the info about orphan token creation
2018-09-20 13:58:29 -07:00
Calvin Leung Huang 189b893b35
Add ability to provide env vars to plugins (#5359)
* Add ability to provide env vars to plugins

* Update docs

* Update docs with examples

* Refactor TestAddTestPlugin, remove TestAddTestPluginTempDir
2018-09-20 10:50:29 -07:00
Brian Shumate 74ec835b3b Docs: update Tidy API (#5374)
- Add a sample response to /auth/token/tidy API docs
- Document /auth/approle/tidy/secret-id API docs
2018-09-20 13:25:33 -04:00
Laura Gjerman-Uva 6fcf6ea6fe Add -dr-token flag to commands to generate OTP and decode with OTP (required on DR secondary as of 0.11) (#5368) 2018-09-20 09:19:01 -07:00
Richard Lane 43837ecdf1 Documentation correction - update list identity whitelist sample request (#5369)
Path was incorrectly referencing the roletag-blacklist

Updated the sample to match the correct path
2018-09-19 21:21:57 -07:00
Becca Petrin d05484b586
AliCloud Secrets Docs (#5351) 2018-09-19 08:42:59 -07:00
Jeff Mitchell 43aebacfa8 Fix default_max_request_duration HCL name and update docs (#5321)
* Fix default_max_request_duration HCL name and update docs

* Update tcp.html.md
2018-09-18 14:30:21 -07:00
Yoko 512b64ad77
[Guide] Secure Introduction - Update (#5323)
* Adding Vault Agent to the Secure Intro guide

* Incorporated the feedback

* Deleted extra spaces

* methods -> approaches
2018-09-14 13:51:23 -07:00
Yoko 2cc8610abb
[Guide] Namespaces policy (#5296)
* Added policy info

* Fixed the API URL

* Added webinar recording as a reference material
2018-09-14 11:23:46 -07:00
Evan Grim 7f5c193ace Fix small grammatical error in plugin docs (#5334) 2018-09-13 14:23:24 -07:00
Yoko 04a0dd6d0e
ACL Policy Templating -> ACL Policy Path Templating (#5330) 2018-09-12 16:14:31 -07:00
Clint 5f5af90dfe
Update AWS auth backend iam_request_headers to be TypeHeader (#5320)
Update AWS Auth backend to use TypeHeader for iam request headers

- Remove parseIamRequestHeaders function and test, no longer needed with new TypeHeader
- Update AWS auth login docs
2018-09-12 16:16:16 -05:00
Becca Petrin b2ff87c9c2
Poll for new creds in the AWS auth agent (#5300) 2018-09-12 13:30:57 -07:00
Brian Shumate 168b956fbb Docs: clarify max_ttl in Database Secrets Create (#5311)
- Clarify max_ttl on Database Secrets Create API
- Crosslink to TTL general case docs
2018-09-11 19:55:15 -04:00
Jeremy Gerson 7c51265de9 Update pki-engine.html.md (#5322) 2018-09-11 19:49:31 -04:00
Yoko 7683aa3e57
[Guide] Performance Standby Nodes (#5272)
* Performance Standby Nodes guide

* Added a link in the Vault HA guide

* Added links

* Clarified the node selection info

* Incorporated feedback

* Added 'when the Enterprise license includes this feature'

* Fixed the label: server 8 -> VM8

* Incorporated the feedback
2018-09-11 15:22:36 -07:00
Jeff Mitchell d96d10957c Update some text around encrypting with agent 2018-09-11 15:05:44 -04:00
Becca Petrin 625592c5e6
update to match aws (#5315) 2018-09-11 11:10:50 -07:00
Brian Shumate 67bd5e460b Docs: namespaces edit lookup subcommand text (#5310)
* Docs: namespaces edit lookup subcommand text

* precise
2018-09-10 11:56:01 -04:00
Jeff Mitchell f61a3709ee Finish updating jwt auth docs 2018-09-10 11:46:50 -04:00
mg db56672529 resolve incorrect scope (#5307)
https://github.com/terraform-providers/terraform-provider-azurerm/issues/943

> Turns out the problem is that the scope was invalid. There was a missing s on resourceGroup. The error message though is absolutely awful for detecting that.
2018-09-07 16:56:02 -07:00
Joakim Bakke Hellum 6331f8bdf3 Fix typos in Azure Secrets Engine docs (#5295) 2018-09-06 15:31:19 -07:00
Geoff Meakin 3085c53ffe Update relatedtools.html.md (#5287)
Add ansible-modules-hashivault to the list of third-party tools
2018-09-06 08:37:03 -07:00
Andy Manoske 79f707edd2
Create partnerships.html.erb 2018-09-05 17:06:49 -07:00
Andy Manoske c97428a0cb
Update community.html.erb 2018-09-05 16:44:46 -07:00
Jeff Mitchell c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly (#5280)
* Allow most parts of Vault's logging to have its level changed on-the-fly

* Use a const for not set
2018-09-05 15:52:54 -04:00
Steven Black 0a482e9bd2 Fix misspelling (#5279) 2018-09-05 15:40:01 -04:00
Brian Shumate 76293834cc Update terminology (#5225)
- Change "key ring" references to "key" to match Transit API docs
2018-09-05 12:05:02 -04:00
Becca Petrin 7e0e49656a Add AliCloud auth to the Vault Agent (#5179) 2018-09-05 11:56:30 -04:00
Seth Vargo 81e9efb658 Fix resource binding examples (#5273) 2018-09-05 11:55:45 -04:00
Dan Brown 19406ecd32 EA validation of material against Vault 0.11 (#5276)
* Validate RA against Vault 0.11

* Validate DG against Vault 0.11
2018-09-05 11:55:27 -04:00
Jeff Mitchell c9b06f3b62
Remove certificates from store if tidying revoked certificates (#5231)
This will cause them to be removed even if they have not expired yet,
whereas before it would simply leave them in the store until they were
expired, but remove from revocation info.
2018-09-05 11:47:27 -04:00
RobinsonWM cf525cb934 Documentation: Corrected typo in CLI init doc (#5269) 2018-09-04 15:44:41 -06:00
Jeff Mitchell 761f06d3a3
Update index.html.md 2018-09-04 12:15:05 -04:00
Dan Brown d7d6c295b4 Update Azure VM sizes in Reference Architecture (#5251) 2018-09-03 20:24:27 -07:00
Yoko 0da1c762cb
[Guide] Updates on Namespaces guide (#5243)
* Added 'Additional Discussion' section

* s/at the root/in the root namespace/

* one more place that I said 'at the root' - fixed
2018-08-31 18:24:07 -07:00
Chris Hoffman 218ca527be
adding known issue 2018-08-31 17:29:21 -04:00
Yoko 5cfc84238d
Fixed the incomplete sentense (#5240) 2018-08-31 11:37:28 -07:00
Yoko c52f3c5a24
[Guide] ACL Templating (#5226)
* WIP - ACL Templating

* WIP

* WIP - ACL Templating

* WIP

* Updated

* ACL Policy Templating guide

* Updated to use kv-v2 instead of kv

* Fixed the incomplete sentense and cleaned it up a little

* WIP Formatting and grammar

* Minor fixes
2018-08-31 09:06:43 -07:00
Chris Hoffman 3f56e989a3
adding known issues section 2018-08-30 19:09:30 -04:00
Yoko 2e7e2778e1
[Guide] Update for Vault HA (0.11) (#5104)
* For 0.11 - Performance Nodes

* Added the doc link

* Performance Node -> Performance Standby Nodes

* Updated to say 'most read-only requests'
2018-08-30 14:45:34 -07:00
Andy Manoske e8ef5afb5f
namespace docs updates
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
Yoko cc8eceb849
[Guide] Fixed the reported issue (#5230)
* Fixed the message

* Fixed the message
2018-08-30 09:45:18 -07:00
Jeff Mitchell b1f462d7f9 Fix up sidebar JWT description 2018-08-30 12:00:20 -04:00
Jeff Mitchell 5da6fc2f77 Remove some confusing language on perf standby page 2018-08-29 19:51:23 -04:00
Brian Shumate eeb3b71fc0 Minor edits (#5221)
- Correct typo
- Remove trailing spaces
2018-08-29 12:01:33 -04:00
Chris Hoffman 774359f3b5
adding namespaces example 2018-08-29 11:26:23 -04:00
Jeff Mitchell 24946fe43e
Add namespace/mfa docs (#5215) 2018-08-28 15:33:34 -07:00
Jeff Mitchell b509ea4926 Make the usernames match in all examples in userpass 2018-08-28 18:33:00 -04:00
Brian Kassouf 85f06f7e88
Add Performance Standby Docs (#5214)
* Add Performance Standby Docs

* Review updates
2018-08-28 12:48:02 -07:00
Frederic Hemberger d343f00b64 Fix ssh command in example (#5209) 2018-08-28 12:34:48 -07:00
Jeff Mitchell 5cf0e3e87e
Update API section index file with fixes, updates, and namespace info. (#5213) 2018-08-28 12:33:19 -07:00
Chris Hoffman 4b87a0fd2c
remove beta language 2018-08-28 14:00:55 -04:00
Yoko d28e993e1b
Added Deployment Guide in the index (#5211) 2018-08-28 10:55:30 -07:00
Jeff Mitchell d56682ee9d Update upgrade guide 2018-08-28 12:17:43 -04:00
Jeff Mitchell d986c8813b Update upgrade guide for 0.11.0 2018-08-28 12:12:40 -04:00
Jeff Mitchell 2a8e510a27 Document disable_performance_standby 2018-08-28 12:09:13 -04:00
Chris Hoffman c81efa0fa2
fixing link 2018-08-28 07:19:35 -04:00
Dan Brown 9954bddcf0 Add Deployment Guide, links and reformat Ref Arch (#5041)
* Add Deployment Guide, links and reformat Ref Arch

* Improve systemd service file and links
2018-08-28 04:53:36 -06:00
Jim Kalafut abe86a48f4 Fix Azure Secrets API example 2018-08-27 20:44:00 -06:00
Austin Workman e8991e8fe9 Adding documentation clarifying oracle plugin setup and requirements (#5183) 2018-08-25 12:27:13 -07:00
Becca Petrin 55b3dfbcc0
use ldaps in docs (#5180) 2018-08-24 10:36:20 -07:00
Laura Gjerman-Uva 70bf87c25b Update ad/creds/:rolename endpoint to include the table with method/path for consistency/clarity. Also, remove payload.json from example, since this endpoint doesn't take a payload. (#5172) 2018-08-24 09:19:51 -07:00
Chris Hoffman e6abba9558
Revert "Add Configuration Builder and Better Download page" (#5171) 2018-08-23 19:34:50 -04:00
Jim Kalafut 7eb0403ad2
Fix Azure Secrets docs error 2018-08-23 14:27:47 -07:00
Joshua Ogle 6819af20b5
Merge branch 'master' into oss-download-config-path 2018-08-23 14:01:39 -06:00
Jeff Mitchell ba0d029247
Restricts ACL templating to paths but allows failures (#5167)
When a templating failure happens, we now simply ignore that path,
rather than fail all access to all policies
2018-08-23 12:15:02 -04:00
Chris Hoffman d736324b50 Docs: ACL Templating (#5159) 2018-08-23 10:05:44 -04:00
Jim Kalafut 18b21275d9 Fix docs typos (#5158) 2018-08-22 18:26:48 -04:00
Greg Oledzki d5a3010498 Update delete.html.md (#5155)
Minor typo in `delete` command docs
2018-08-22 11:26:21 -07:00
Becca Petrin fb6a06a3fe
Alibaba auth docs (#5132) 2018-08-22 10:23:33 -07:00
Chris Hoffman 52af323257
fixing feature name 2018-08-22 11:41:28 -04:00
Chris Hoffman b1c5e1f91c
fixing feature name 2018-08-22 11:40:48 -04:00
Hugo Wood 203269a5d4 JWT/OIDC documentation fixes (#5157)
* Fix argument name in JWT/OIDC login CLI example

* Fix groups_claim documented as required when creating roles for JWT/OIDC
2018-08-22 10:44:08 -04:00
Stenio Ferreira 8dfedb2693 Fixed a typo in the Namespaces guide (#5151) 2018-08-21 13:33:40 -07:00
Jeff Mitchell e58a8a63a7
Add the ability to specify token CIDR restrictions on secret IDs. (#5136)
Fixes #5034
2018-08-21 11:54:04 -04:00
Jeff Mitchell 051bb9fc13
Two PKI improvements: (#5134)
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
2018-08-21 11:20:57 -04:00
Gerardo Rodriguez 43c733b460 Edit, missing "to" (#5147) 2018-08-21 11:09:41 -04:00
Chris Hoffman 4d574c1d6c
adding namespace docs (#5133) 2018-08-17 12:17:11 -04:00
Chris Hoffman d25b7fa477
Add additional clarification 2018-08-17 08:55:49 -04:00
Raja Nadar 797141f8ae vaultsharp - multi platform capabilities (#5127) 2018-08-17 08:47:16 -04:00
Yoko 56636735bc [Guide] Multi-Tenant Pattern with ACL Namespaces (0.11) (#5103)
* WIP - ACL Namespace

* WIP - ACL Namepaces

* WIP

* WIP

* WIP

* WIP

* WIP

* Added UI screenshots

* Added summary at the end

* Added the Web UI steps in Step 5

* Update multi-tenant.html.md

Updated text to ensure that we use the final "ship" name of namespaces (namespaces vs. ACL Namespaces) and introduced some industry-specific terminology (highlighting this is about Secure Multi-Tenancy)
2018-08-16 16:51:53 -07:00
Andy Manoske 50edc43df0
Merge pull request #5112 from hashicorp/namespaces-docs
Merge for Beta Launch
2018-08-16 15:36:43 -07:00
Chris Hoffman b18d9cc830
doc updates 2018-08-16 17:59:39 -04:00
Brian Kassouf bf77a69f4d
Update upgrade-to-0.11.0.html.md 2018-08-16 14:29:18 -07:00
Brian Kassouf 95800f76b0
Add upgrade notes (#5125) 2018-08-16 14:22:27 -07:00
Andy Manoske 8ef8da0886
Update docs.erb 2018-08-16 13:44:13 -07:00
Andy Manoske de52752e86
Update index.html.md
Updated to include Yoko's guide URL
2018-08-16 13:38:24 -07:00
Clint 96d8bd4bf7 [WIP] Support custom max Nomad token name length [supersedes https://github.com/hashicorp/vault/pull/4361] (#5117)
* Nomad: updating max token length to 256

* Initial support for supporting custom max token name length for Nomad

* simplify/correct tests

* document nomad max_token_name_length

* removed support for max token length env var. Rename field for clarity

* cleanups after removing env var support

* move RandomWithPrefix to testhelpers

* fix spelling

* Remove default 256 value. Use zero as a sentinel value and ignore it

* update docs
2018-08-16 15:48:23 -04:00
Jim Kalafut 4ced3b0f77
Initial Azure Secrets docs (#5121) 2018-08-16 12:10:56 -07:00
brianvans f79385346f Add ha_enabled for mysql backend (#5122)
* Slight cleanup around mysql ha lock implementation

* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run

* Add `ha_enabled` option for mysql storage

It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
2018-08-16 11:03:16 -07:00
Yamamoto, Hirotaka 6673e579a0 [etcd] fix the deafult prefix in website (#5116)
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.

However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.
2018-08-16 10:38:11 -04:00
Joel Thompson 0941c7a24a Make AWS credential types more explicit (#4360)
* Make AWS credential types more explicit

The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.

With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.

Fixes #4229
Fixes #3751
Fixes #2817

* Add missing write action to STS endpoint

* Allow unsetting policy_document with empty string

This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.

* Respond to some PR feedback

* Refactor and simplify role reading/upgrading

This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.

* Eliminate duplicated AWS secret test code

The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.

* Switch to use AWS ARN parser
2018-08-16 06:38:13 -04:00
Andy Manoske bd4c047713
Update index.html.md 2018-08-15 17:44:36 -07:00
Andy Manoske 9d41d4c407
Update index.html.md 2018-08-15 17:44:00 -07:00
Clint 48e5c71b33 Update apis.html.md (#5071)
We disable TLS for example purposes, not exemplary purposes 😄
2018-08-15 19:41:29 -04:00
Christoph Ludwig 24a368c1ba Add support for "sovereign" Azure cloud environments (#4997)
* Add support for "sovereign" Azure cloud environments

* Shorten variable names
2018-08-15 19:40:36 -04:00
Andy Manoske 0a71ea9a58
Create index.html.md 2018-08-15 15:27:11 -07:00
RichardWLaub 8d7a983bba Update usage section for kv-v1 docs (#5105)
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:

```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```

Running `vault kv list kv/` gives the desired output. 

Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
Seth Vargo 324c8fab24 Fix docs typo (service-account => service_account) (#5102)
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
Gerald 9192bd6b07 Add ttl params into csr signing docs (#5094) 2018-08-13 23:38:03 -04:00
Yoko 1395d6ea1a
[Guide] Control Groups (#5072)
* Control Group guide

* Fixed user policy list

* Fixed a typo

* Replaced the wrong screenshot

* Added missing period
2018-08-13 14:51:32 -07:00
Frank Allenby ddc77d62f0 Added a link to the "previous section" mentioned (#5018)
This is for clarity since I had to check back to remember where it was mentioned.
2018-08-13 17:13:42 -04:00
Jim Kalafut 3822e2997b
Clarify "Commands" docs (#5092)
Fixes #4890
2018-08-13 14:09:48 -07:00
Nándor István Krácser b9fab6375b Alibaba Object Storage support (#4783) 2018-08-13 17:03:24 -04:00
Michael Schuett 63e7ac034f MySQL HA Backend Support (#4686) 2018-08-13 17:02:31 -04:00
Jim Kalafut 92f0e1a39e Revert "Add ttl parameter to pki api docs (#5063)"
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
2018-08-13 09:34:05 -07:00
Yoko 140e3d5402
[Guide] Vault Cluster Monitoring Guide (#5084)
* Vault cluster monitoring guide

* Updated the download link

* Fixed broken link
2018-08-10 13:52:02 -07:00
Jim Kalafut aa8dac9bd2
Add RDS notes to MSSQL docs (#5062) 2018-08-10 08:52:21 -07:00
Jeff Mitchell 65d2cc768c Website typo fix 2018-08-08 15:53:40 -04:00
Jim Kalafut 7b7f1cc7ff
Add ttl parameter to pki api docs (#5063) 2018-08-08 09:12:14 -07:00
Conor Mongey 5454c15a7e Fix typo: Consult Template -> Consul Template (#5066) 2018-08-08 09:01:45 -07:00
Ian Grayson 931c289b95 Update policies.html.md (#5007)
Allow admins to run CLI: `vault secrets list`
2018-08-07 10:35:23 -07:00
Jeff Escalante 2a21e85580 html syntax corrections (#5009) 2018-08-07 10:34:35 -07:00
Rob ca3aa1f36b Update dev-server.html.md (#5035)
The instructions were in backwards order. #3591
2018-08-07 10:33:30 -07:00
Yoko 3ae63b06d7
Typo fix (#5052) 2018-08-06 15:50:39 -07:00
Yoko ef6579fed5
[Guide] Sentinel Policies (#5049)
* Sentinel policies guide

* Typo fix
2018-08-06 15:39:32 -07:00
Yoko 06491fa6a6
[Guide] SSH Secrets Engine (#5022)
* OTP SSH guide

* Fixed the required policy

* Added the step to restart the SSH server

* Update ssh-otp.html.md

Just a few edits to highlight its cloud context. Looks great otherwise!
2018-08-06 15:04:24 -07:00
Yoko fee3c2072d
[Guide] Build Your Own CA Guide (#4995)
* WIP

* WIP

* WIP - Jake's PKI demo

* WIP

* PKI secret engine guide

* Added little more description about role

* Added tidy step

* Fixed a broken link
2018-08-06 14:42:46 -07:00
Joshua Ogle 3975a2cddc Better OS highlighting 2018-08-06 12:30:31 -06:00
Joshua Ogle f0f4097470 Javascript refactor for configuration builder 2018-08-06 11:55:36 -06:00
Joshua Ogle c7bd0145c0 Better JavaScript line wrapping in configuration 2018-08-03 23:37:58 -06:00
Joshua Ogle c4ef5fdece JS Feedback fixes, make UI default on click 2018-08-03 22:57:17 -06:00
Joshua Ogle e7bd3efc04
Merge branch 'master' into oss-download-config-path 2018-08-03 16:53:45 -06:00
Chris Hoffman 59a0099f89 Add Configuration Builder and Better Download page
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
Olivier Lemasle fcb82c2444 Fix two errors in docs (#5042)
Two small errors in documentation
2018-08-03 14:26:46 -07:00
Jim Kalafut 8e91555807 Fix docs sidebar layout 2018-08-03 09:15:45 -07:00
Jason Martin df3e3ba43d Fix typo in the AWS STS AssumeRole docs. (#5032) 2018-08-02 22:57:24 -07:00
Gerald 43183af2c8 Fix gcp auth method link (#5030) 2018-08-02 22:55:59 -07:00
Jiang Yong 4841309cdf correct Jenkins policy and mysql secret path when kv put in authentication guide (#5023)
* correct Jenkins policy and mysql secret path when kv put

* add a note for kv-v2 secret
2018-08-02 08:38:51 -07:00
Jeff Mitchell 62bcbd3dfe Fix website typo 2018-08-01 16:52:11 -04:00
Yoko 9c6a14ba6b
[Guide] Identity: Entities & Groups (#4968)
* Entities & Groups tutorial

* Re-wordig the persona section

* Incorporated the feedback

* Updated the policy requirements

* Incorporate the feedback

* Fixed grammar

* Made the final small adjustments
2018-08-01 11:07:09 -07:00
Raja Nadar 56fcd2e7b3 .net 2.0 standard leap (#5019)
2.0 is more conducive for consumers
2018-08-01 08:57:49 -04:00
Yoko aadfccaa6b
[Guide] Direct App Integration guide (#4948)
* Direct App Integration guide

* Added a tag for step3
2018-07-31 09:19:23 -07:00
Sean Malloy 7e9ec5afb4 Fix GCP auth docs typo (#5017)
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
2018-07-31 10:57:34 -04:00
Jeff Mitchell a6d0ae5890
Add exit-after-auth functionality to agent (#5013)
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.

Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
Pat Downey 0ad44a7ac5 Expand TOFU acronym in AWS auto-auth docs (#5011) 2018-07-29 18:05:49 -07:00
Yoko 3d8bf1441b
[Guide] Transit Secrets Engine beginner guide (#4943)
* Intro to Transit Secrets Engine guide

* Added the Katacoda scenario link in the Reference Materials section

* Referencig this guide in the existing encryption guides
2018-07-27 16:08:52 -07:00
Michael Herman 05f944c580 Update index.html.md (#5005) 2018-07-27 15:30:59 -04:00
Chris Hoffman 083157cb24
adding environment to azure auth docs (#5004) 2018-07-27 08:33:20 -04:00
Chris Hoffman d02284657e
adding missing properties (#5003) 2018-07-27 08:19:12 -04:00
Chris Hoffman c13ef667d3
adding upgrade guide for 0.10.4 (#4992) 2018-07-25 12:54:48 -04:00
Jeff Mitchell e72890e83f
VSI (#4985) 2018-07-24 22:02:27 -04:00
Chris Hoffman b37c05cf64
updating azure auth plugin and docs (#4975) 2018-07-23 10:00:44 -04:00
Jim Kalafut a16300e593
Add FoundationDB link to sidebar 2018-07-20 20:10:52 -07:00
Yoko 3cd55dc26d
Git repo folder name changed (#4969) 2018-07-20 11:46:12 -07:00
Olivier Lemasle 4604c00018 State in docs that FoundationDB backend is community supported (#4964) 2018-07-20 09:59:13 -04:00
Peter Vandenabeele db2970623d Fix small typo in Vault website documentation (#4962) 2018-07-20 09:57:16 -04:00
Brian Shumate e2dd0864c4 Add missing telemetry metrics (#4785)
* Add missing telemetry metrics

- Add merkle related telemetry
- Add WAL related telemetry

* additional wal metrics

* Use correct metrics naming
2018-07-19 18:36:55 -04:00
Chris Hoffman 712652c318
Fixing formatting 2018-07-19 10:36:09 -04:00
Chris Hoffman 6a169ab00d
Adding information on required azure permissions (#4956) 2018-07-19 10:24:55 -04:00
John Naulty Jr 498a8d9456 fix Issue #4952 static-secrets small typo (#4953) 2018-07-18 22:36:47 -07:00
Tomohisa Oda 9ff2081e8b add sequelize-vault to third-party tools (#4945) 2018-07-17 21:45:37 -07:00
Yoko b41a1c6134
Updated - Secure Introduction to Vault Clients guide (#4944)
* Incorporated Armon's feedback

* Added a diagram
2018-07-17 15:54:48 -07:00
Yoko 67b349a107
Secure Introduction to Vault Clients Guide (#4871)
* WIP

* WIP - Secure Intro Guide

* WIP secure intro guide

* WIP Secure Intro Guide

* WIP Secure Intro Guide

* WIP Secure Intro Guide
2018-07-16 15:17:52 -07:00
Julien Blache c8fb9ed6a8 FoundationDB physical backend (#4900) 2018-07-16 10:18:09 -04:00
Ram Nadella 493752334a Fix environment mismatch in MySQL cert step (#4835) 2018-07-16 10:13:44 -04:00
Seth Vargo 1259ee6743 Add plugin CLI for interacting with the plugin catalog (#4911)
* Add 'plugin list' command

* Add 'plugin register' command

* Add 'plugin deregister' command

* Use a shared plugin helper

* Add 'plugin read' command

* Rename to plugin info

* Add base plugin for help text

* Fix arg ordering

* Add docs

* Rearrange to alphabetize

* Fix arg ordering in example

* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
dmicanzerofox a3d067c00b PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired (#4916) 2018-07-13 09:32:32 -04:00
Seth Vargo a379989da4 Update GCP docs (#4898)
* Consistently use "Google Cloud" where appropriate

* Update GCP docs

This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
Jeff Mitchell 2322eabc68
Add jwt auth docs (#4891) 2018-07-11 15:08:49 -04:00
Jeff Mitchell 935c045cfa
Fix permitted dns domain handling (#4905)
It should not require a period to indicate subdomains being allowed

Fixes #4863
2018-07-11 12:44:49 -04:00
Md. Nure Alam Nahid 7b9bedf94d Add additional config keys for swift (#4901)
* Add additional config keys for swift

* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
Seth Vargo 408fc1eac0 Properly capitalize H in GitHub (#4889)
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
Jeff Mitchell bfb7ba3843 Remove vault.rocks from some that were missed 2018-07-10 10:47:30 -04:00
Jeff Mitchell 4a3fe87a39
Allow max request size to be user-specified (#4824)
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Kawsar Kamal 66f035edc4 Fixed example file extensions from .hcl to .json (#4810) 2018-07-06 08:59:09 -04:00
Chris Bednarski 514ffac5e2 Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners (#4862) 2018-07-06 08:51:51 -04:00
Calvin Leung Huang 04332f5b3f
Add missing replication props, prettify tables (#4816)
* Add missing request.replication props, prettify tables

* Fix location of replication prop
2018-07-05 16:11:21 -04:00
Chris Hoffman 32c94b2638
Update docs 2018-07-03 08:28:43 -04:00
Brian Shumate 7b106683f0 Clarify policies note (#4832)
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
Jeff Mitchell 8f45bc69ba Fix tuning visibility in CLI (#4827)
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
2018-07-02 12:13:25 -04:00
Yoko dcb229d36d
Updates made by Michael Lucas (#4855)
Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.
2018-07-02 08:56:15 -07:00
Chris Hoffman 6b7d215e7e
Clarify performance replication token handling 2018-06-29 09:32:35 -04:00
Chris Hoffman 6f5b8c0e6f
adding sample request to key status api docs (#4853) 2018-06-29 09:17:51 -04:00
Logan Rakai 619dd3c6ed Typo fix (#4822) 2018-06-23 16:34:25 -07:00
Logan Rakai 59b87fae53 Small grammar fix (#4821) 2018-06-22 21:59:39 -07:00
Jeff Mitchell 2410a11156 Add a warning to syslog
Ping #3617
2018-06-22 09:00:07 -04:00
Kevin Hicks cda793f5b3 Fix typos (#4813) 2018-06-21 12:29:18 -07:00
Yoko 01d50cd3eb
Fixed a typo (#4812) 2018-06-21 11:11:30 -07:00
Steven Farage fadb3eb6fd Make documentation match API example (#4809)
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
Yoko c3b7d1fbb6
Vault DR Replication Setup Guide (#4790)
* WIP DR setup guide

* Fix typos

* Added the steps to demote & disable primary

* Clarified some of the explanation
2018-06-21 08:42:35 -07:00
Becca Petrin 73cbbe2a9f Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00
Becca Petrin d9ac83569b
clarify aws role tag doc (#4797) 2018-06-19 15:59:57 -07:00
Becca Petrin 71977637d4
Update Active Directory secret engine docs (#4788)
* active directory rotate root docs

* update doc
2018-06-19 09:11:46 -07:00
Calvin Leung Huang 418513bbd9 Be explicit about trailing slash on paths for list capability (#4793) 2018-06-19 12:10:39 -04:00
Jeff Mitchell cffb1183a8
Database updates (#4787)
* Database updates

* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted

Fixes #3544
Fixes #4782

* Add create/update info to docs
2018-06-19 11:24:28 -04:00
Ryan Loomba c558fc5f3d fix typo in Vault Encryption as a Service Guide (#4789) 2018-06-18 17:32:43 -07:00
Laura Uva 4cae4abbab Add example of min_wrapping_ttl and max_wrapping_ttl (#4753) 2018-06-18 19:59:21 -04:00
Mike Fortuno dc568f1376 Update policies.html.md (#4780)
Policy file name was incorrect, causing instructions to be unclear.
2018-06-15 15:49:09 -07:00
Mr Talbot 5551a63221 pki: add ext_key_usage to mirror key_usage and add to sign-verbatim (#4777)
* pki: add ext_key_usage parameter to role

* pki: add key_usage and ext_key_usage parameter to sign-verbatim

* pki: cleanup code as per comments
2018-06-15 18:20:43 -04:00
Jeff Mitchell 762f08eac2 Mention delegating change password privs in ad docs 2018-06-15 17:01:47 -04:00
Jeff Mitchell 164c7225f1 Remove msa info from AD page 2018-06-15 16:55:28 -04:00
Jeff Mitchell 91ca3d4b7f
Add URI SANs (#4767) 2018-06-15 15:32:25 -04:00
Nándor István Krácser d4303bc53e docs: kv 2 is used by default in the dev server only (#4773) 2018-06-15 09:09:27 -04:00
Jeff Mitchell 43d9ae5c0a
Update index.html.md
Fixes #4763
2018-06-14 10:19:38 -04:00
Laura Uva 44e874e06f Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) (#4754) 2018-06-13 16:44:15 -07:00
Brian Kassouf 1b77db5138
Update replication status (#4761)
* Update replication-performance.html.md

* Update replication-dr.html.md

* Update replication.html.md

* Update replication-dr.html.md

* Update replication-dr.html.md

* Update replication-performance.html.md

* Update replication.html.md
2018-06-13 16:43:39 -07:00
Becca Petrin aa390e0e7e
add link to api docs (#4757) 2018-06-13 09:35:37 -07:00
Yoko 7df8b15451
Vault guides example update (#4756)
* Typos in the sample payload JSON

* AWS support files were added

* yet another typo
2018-06-13 09:34:07 -07:00
Pavlos Ratis 49834a3a83 Use shell highlighting in the command snippets (#4736) 2018-06-11 08:46:35 -04:00
Tom Schlenkhoff dc7631b994 Fix typo (#4738) 2018-06-11 05:38:21 -07:00
Chris Hoffman ab6547383c
reorder sidebar 2018-06-08 17:22:27 -04:00
Chris Hoffman 611244d337
Update gcpckms.html.md 2018-06-08 17:07:59 -04:00
Chris Hoffman 3a690656ee
fix typo 2018-06-08 17:05:17 -04:00
Chris Hoffman 5d07ff7c7a
Adding Azure Key Vault seal docs (#4728) 2018-06-08 17:04:14 -04:00
Jeff Mitchell 165a622d15 Add missing sidebar links for AD 2018-06-07 10:21:22 -04:00
Brian Shumate d2519da5ad Tiny formalized edit (#4715) 2018-06-07 06:44:57 -07:00
Kevin Hicks ed7992e8ae update docs and help text to include 'operator' (#4712) 2018-06-06 21:11:21 -07:00
Jeff Mitchell cfd3672cf3 Update 0.10.2 upgrade guide 2018-06-06 10:45:15 -04:00
Jeff Mitchell 4b7d2bed01 Transit convergent v3 2018-06-05 18:53:39 -04:00
LeSuisse 809079cac2 Update usage of deprecated commands rekey and rotate in the documentation (#4703) 2018-06-05 12:37:26 -04:00
Eli Oxman 68ce3bed34 Add async python client to docs (#4698) 2018-06-05 10:23:56 -04:00
Nándor István Krácser a36f91101a Fix VAULT_LOG_LEVEL in docs (#4696) 2018-06-05 10:23:32 -04:00
Becca Petrin 6cafb12ff4 be more explicit about names (#4695) 2018-06-04 21:34:17 -04:00
amcbarnett 55eb4a997d Update mount-filter.html.md (#4656) 2018-05-30 08:28:51 -04:00
emily 192c228931 Add GCP auth helper (#4654)
* update auth plugin vendoring

* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
Becca Petrin 9228659c5c
add formatter to ad docs (#4653) 2018-05-29 16:47:46 -07:00
Eduardo Criado Mascaray f5c18d58ef Fix typo in group parameter in Vault systemd file (#4642) 2018-05-29 15:04:43 -04:00
Viacheslav Vasilyev d8d6be423b Make test-case output a little bit consistent (#4645)
As well as in some places `-d` were incorrectly replaced with `--data`, sample commands with `accessor` were added
2018-05-29 15:03:33 -04:00
Jeff Mitchell bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification
Rekey verification, allowing new key shares to be confirmed before committing the new key.
2018-05-29 15:00:07 -04:00
Becca Petrin 606889f005
Docs for the upcoming Active Directory secrets engine (#4612) 2018-05-29 08:49:09 -07:00
Jeff Mitchell bd0ac25eb9
Merge branch 'master' into rekey-verification 2018-05-29 10:19:57 -04:00
Chris Hoffman 43c5030eca
pkcs11 docs updates 2018-05-25 15:39:07 -04:00
Becca Petrin 12976bf60e add userpass note on bound cidrs (#4610) 2018-05-25 14:35:09 -04:00
Jeff Mitchell 52cb8234a6 Changelogify and fix some minor website bits 2018-05-25 10:39:23 -04:00
Nicholas Jackson 17460461a0 Breakout parameters for x.509 certificate login (#4463) 2018-05-25 10:34:46 -04:00
Yoko 6a2d0e71b6
Vault Interactive Tutorial updates (#4623)
* Added more tutorial steps

* Updated the step texts
2018-05-24 11:39:02 -07:00
nelson 196d054f70 Update kv-v2.html.md (#4614)
correct the payload format for "Configure the KV Engine" and "Update Metadata"
2018-05-24 12:44:44 -04:00
Jeff Mitchell 8a9cd42fe9 Interactive server now uses kvv2 so update text 2018-05-23 09:59:52 -04:00
Chris Hoffman d066c4a2a8
remove incorrect parameter 2018-05-23 08:58:27 -04:00
Jeff Mitchell 635fd18bf6 Minor website doc updates 2018-05-22 15:12:12 -04:00
Yoko 11646db916
Seal Wrap / FIPS 140-2 Compliance guide (#4558)
* WIP - Seal Wrap guide

* WIP: Seal Wrap guide

* Added a brief description about the Seal Wrap guide

* Incorporated feedbacks

* Updated FIPS language

Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.

It's a very specific update, but it's an important one for some VE customers.

Looks great - thanks!

* Removed 'Compliance' from title

* typo fix
2018-05-22 11:23:11 -07:00
Jeff Mitchell d60360ddbe Add instructions for both kvv1 and kvv2 to getting started policies info 2018-05-22 14:07:12 -04:00
Yoko d88e4d5019
Mount Filters guide (#4536)
* WIP: Mount filter guide

* WIP

* Mount filter guide for CLI, API, and UI

* updated the next step

* Updated the verification steps

* Added a note about the unseal key on secondaries

* Added more details

* Added a reference to mount filter guide

* Added a note about generating a new root token

* Added a note about local secret engine
2018-05-22 08:57:36 -07:00
Chris Hoffman 3db5a6adaa
updating link 2018-05-22 10:00:20 -04:00
Chris Hoffman ae43f2c25e
adding options information to mount endpoint (#4606) 2018-05-21 16:39:43 -04:00
Jeff Mitchell 3e0dbc5ea7 Remove dupe website text 2018-05-21 16:30:45 -04:00
Jeff Mitchell 8ad0bbbc44 Address feedback 2018-05-21 16:13:38 -04:00
Jeff Mitchell 27ab8d1a20 Add verification documentation 2018-05-21 12:00:36 -04:00
Jeff Mitchell c737778c8d Make description of prehashed a bit more friendly 2018-05-21 09:08:22 -04:00
Jeff Mitchell 3a568b6175 Update key_type parameter description 2018-05-19 12:20:37 -04:00
Kevin Paulisse 6d93ea4d77 Docs: Clarify that revoking token revokes dynamic secrets (#4592) 2018-05-18 23:27:53 -07:00
Jeff Mitchell 5a35dac726 Add missing drsecondarycode to health API docs 2018-05-18 12:39:13 -04:00
Jeff Mitchell 30dc66221c Flip documented resolve_aws_unique_id value
Fixes #4583
2018-05-18 12:05:52 -04:00
Reid Wiggins 9813794bc2 Add documentation for MySQL 5.6 root rotation (#4584)
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.

Fixes #4567
2018-05-18 08:56:11 -07:00
Romain Vrignaud 9050bc809b Rename Google Container Engine to Google Kubernetes Engine (#4586) 2018-05-18 08:19:56 -07:00
Jeff Mitchell 124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
Update policies.html.md
2018-05-17 09:14:35 -07:00
Jeff Mitchell 38f5f5f783
Updated for new syntax 2018-05-17 09:14:12 -07:00