AJ Bourg
b524e43f15
Small change: Fix permission vault requires.
...
Vault requires ec2:DescribeInstances, not ec2:DescribeInstance. (the
non-plural form doesn't exist)
2016-09-12 14:38:10 -06:00
Jeff Mitchell
222adbdb61
Fix headers in aws-ec2 doc.
2016-08-30 11:53:21 -04:00
Adam Greene
66d3117cad
fix aws-ec2 formatting around ttl ( #1770 )
2016-08-23 16:07:57 -04:00
Karl Falconer
6cbae1388e
[Documentation] AppRole /login is unauthenticated ( #1771 )
2016-08-23 16:03:36 -04:00
Jeff Mitchell
c64dba556c
Swap push/pull.
2016-08-22 19:34:53 -04:00
vishalnayak
dfe73733d5
Seperate endpoints for read/delete using secret-id and accessor
2016-08-21 14:42:49 -04:00
Jeff Mitchell
865ca94032
Initial fixups, not yet done
2016-08-20 22:39:41 -04:00
Martin Forssen
a617ff0f93
Mention ttl parameter in the documentation of /auth/aws-ec2/role/<role>
...
This parameter was not documented
2016-08-18 13:16:58 +02:00
Matt Hurne
56252fb637
AppRole documentation tweaks ( #1735 )
...
* Fix spelling error in AppRole docs
* Add force flag to sample command to generate a secret ID in AppRole docs
* Update sample output for AppRole login in docs
2016-08-15 16:12:08 -04:00
Jeff Mitchell
4f0310ed96
Don't allow root from authentication backends either.
...
We've disabled this in the token store, but it makes no sense to have
that disabled but have it enabled elsewhere. It's the same issue across
all, so simply remove the ability altogether.
2016-08-08 17:32:37 -04:00
vishalnayak
4f45910dfc
disallowed_policies doc update
2016-08-02 16:33:22 -04:00
Jeff Mitchell
b4386032db
Fix up some wording
2016-08-02 16:25:00 -04:00
vishalnayak
75c51378ce
Updated token auth docs with disallowed_policies
2016-08-02 15:33:03 -04:00
Jeff Mitchell
9902891c81
Alphabetize token store docs
2016-08-01 13:37:12 -04:00
Jeff Mitchell
357f2d972f
Add some extra safety checking in accessor listing and update website
...
docs.
2016-08-01 13:12:06 -04:00
Chris Hoffman
2930f2ca39
Preferred method is AppRole since AppId is now deprecated
2016-07-28 14:32:20 -04:00
Adam Greene
da8ff50143
documentation cleanup
2016-07-27 10:43:59 -07:00
Jeff Mitchell
6e63af6ad0
Add deprecation notices for App ID
2016-07-26 10:08:46 -04:00
vishalnayak
a6907769b0
AppRole authentication backend
2016-07-26 09:32:41 -04:00
Oren Shomron
cd6d114e42
LDAP Auth Backend Overhaul
...
--------------------------
Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.
Simplified group membership lookup significantly to support multiple use-cases:
* Enumerating groups via memberOf attribute on user object
* Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
* Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule
There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.
Additional changes:
* Clarify documentation for LDAP auth backend.
* Reworked how default values are set, added tests
* Removed Dial from LDAP config read. Network should not affect configuration.
2016-07-22 21:20:05 -04:00
Jeff Mitchell
4c5ae34ebf
Merge pull request #1613 from skippy/update-aws-ec2-docs
...
[Docs] aws-ec2 -- note IAM action requirement
2016-07-18 10:40:38 -04:00
Jeff Mitchell
73923db995
Merge pull request #1589 from skippy/patch-2
...
[Docs] aws-ec2 -- clarify aws public cert is already preloaded
2016-07-18 10:02:35 -04:00
Adam Greene
8f6b97f4e4
[Docs] aws-ec2 -- note IAM action requirement
2016-07-13 15:52:47 -07:00
Adam Greene
d6f5c5f491
english tweaks
2016-07-13 15:11:01 -07:00
Eric Herot
cbc76c357e
Pretty sure the method to delete a token role is not GET
2016-07-07 13:54:20 -04:00
Adam Greene
2405b7f078
Update aws-ec2.html.md
...
per #1582 , updating the docs to include notes about pkcs#7 handling, specifically that aws returns the pkcs#7 cert with newlines and that they need to be stripped before sending them to the login endpoint
2016-07-05 13:21:56 -07:00
Adam Greene
5ef359ff6c
Update aws-ec2.html.md
...
clarify, and make more explicit, the language around the default AWS public certificate
2016-07-05 13:14:29 -07:00
vishalnayak
d0a142c75a
Merge branch 'master-oss' into bind-account-id-aws-ec2
...
Conflicts:
website/source/docs/auth/aws-ec2.html.md
2016-06-17 12:41:21 -04:00
Martin Forssen
f8558ca1f2
Fixed a number of spelling errors in aws-ec2.html.md
2016-06-15 13:32:36 +02:00
vishalnayak
8e03c1448b
Merge branch 'master-oss' into bind-account-id-aws-ec2
...
Conflicts:
builtin/credential/aws-ec2/backend_test.go
builtin/credential/aws-ec2/path_login.go
builtin/credential/aws-ec2/path_role.go
2016-06-14 14:46:08 -04:00
Ivan Fuyivara
0ffbef0ccd
added tests, nil validations and doccumentation
2016-06-14 16:58:50 +00:00
vishalnayak
26f7fcf6a1
Added bound_account_id to aws-ec2 auth backend
2016-06-14 11:58:19 -04:00
Jon Benson
7883e98eb8
Update aws-ec2.html.md
2016-06-09 23:08:08 -07:00
vishalnayak
c6a27f2fa8
s/VAULT_GITHUB_AUTH_TOKEN/VAULT_AUTH_GITHUB_TOKEN
2016-06-09 14:00:56 -04:00
vishalnayak
308294db46
Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token
2016-06-09 13:45:56 -04:00
Jeff Mitchell
2b4b6559e3
Merge pull request #1504 from hashicorp/token-store-roles-renewability
...
Add renewable flag to token store roles
2016-06-08 15:56:54 -04:00
Jeff Mitchell
cf8f38bd4c
Add renewable flag to token store roles
2016-06-08 15:17:22 -04:00
Jeff Mitchell
65d8973864
Add explicit max TTL capability to token creation API
2016-06-08 14:49:48 -04:00
vishalnayak
dbee3cd81b
Address review feedback
2016-06-01 10:36:58 -04:00
vishalnayak
5c25265fce
rename aws.html.md as aws-ec2.html.md
2016-05-30 14:11:15 -04:00
vishalnayak
a072f2807d
Rename aws as aws-ec2
2016-05-30 14:11:15 -04:00
Vishal Nayak
53fc941761
Merge pull request #1300 from hashicorp/aws-auth-backend
...
AWS EC2 instances authentication backend
2016-05-14 19:42:03 -04:00
vishalnayak
4122ed860b
Rename 'role_name' to 'role'
2016-05-13 14:31:13 -04:00
vishalnayak
7e8a2d55d0
Update docs and path names to the new patterns
2016-05-12 11:45:10 -04:00
Jeff Mitchell
aecc3ad824
Add explicit maximum TTLs to token store roles.
2016-05-11 16:51:18 -04:00
Jeff Mitchell
3e71221839
Merge remote-tracking branch 'origin/master' into aws-auth-backend
2016-05-05 10:04:52 -04:00
Jeff Mitchell
3600b2573d
Update website docs re token store role period parsing
2016-05-04 02:17:20 -04:00
vishalnayak
b7c48ba109
Change image/ to a more flexible /role endpoint
2016-05-03 23:36:59 -04:00
vishalnayak
9f2a111e85
Allow custom endpoint URLs to be supplied to make EC2 API calls
2016-05-02 17:21:52 -04:00
Jeff Mitchell
4182d711c3
Merge branch 'master-oss' into aws-auth-backend
2016-04-29 14:23:16 +00:00