Yoko
d926031159
Add Learn links ( #10411 )
...
* Add Learn links
* Update website/pages/docs/secrets/transform/tokenization.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-11-17 16:56:30 -08:00
Michael Golowka
69bbecea78
Clarify JWT in kubernetes auth docs ( #10403 )
2020-11-16 16:45:12 -07:00
Yoko
492ed5b319
Update 'sane' default to say 'reasonable' default ( #10400 )
2020-11-16 14:19:18 -08:00
Michael Golowka
2cbd4a9e00
Add note about Database engine interface ( #10372 )
2020-11-13 10:44:21 -07:00
Jim Kalafut
17fea5cea9
Add automated raft snapshots to sidebar ( #10387 )
2020-11-12 08:53:23 -08:00
Meggie
d511cef5df
Added upgrade note about go version ( #10385 )
2020-11-11 18:26:11 -05:00
Scott Miller
d17917341c
Transform doc fix ( #10383 )
...
* Add tokenization
* Fixes
2020-11-11 12:54:11 -06:00
Jim Kalafut
3cdad923f4
Add 1.6 Release Notes ( #10378 )
...
* Add 1.6 Release Notes
* Remove usage command
* Apply suggestions from code review
* Website version + CHANGELOG
Co-authored-by: Meggie <meggie@hashicorp.com>
2020-11-11 10:36:23 -05:00
Scott Miller
2db96ae7ac
Add upgrade note for Transform ( #10371 )
...
* Add upgrade note for tokenization
* nav
* Just 1.5
* Clarify relationship to API changes
Co-authored-by: Meggie <meggie@hashicorp.com>
2020-11-11 10:33:51 -05:00
Austin Gebauer
c62582e0de
docs: adds documentation for key management secrets engine ( #10353 )
...
Co-authored-by: Clint <catsby@users.noreply.github.com>
Co-authored-by: Yoko <yoko@hashicorp.com>
2020-11-10 09:28:28 -08:00
Dave D'Amico
1b2a198212
More info on when vm params are not needed ( #10362 )
...
* more info on when vm params are not needed
* more updates
2020-11-09 11:49:03 -08:00
Jim Kalafut
dae4bc5fbc
Update azure.mdx ( #10347 )
2020-11-09 11:20:06 -08:00
Scott Miller
b6b3ec79ca
Land Tokenization docs ( #10357 )
2020-11-09 10:58:54 -06:00
Josh Black
a361d1299b
Add plugin reload docs to the website sidebar ( #10108 )
2020-11-06 14:13:12 -08:00
Nick Cabatoff
48103c71fe
Add autosnapshot docs. ( #10338 )
2020-11-06 15:56:52 -05:00
Tom Proctor
61c5da6911
Update MongoDB Atlas plugin docs ( #10343 )
...
Root credential rotation not supported as the Vault user uses public/private keys instead of passwords to authenticate.
2020-11-06 19:16:48 +00:00
Brian Kassouf
caf65bfae7
Add new metrics to the telemetry page
2020-11-05 15:05:07 -08:00
Georges Jamous
fba851dbe9
Update raft.mdx ( #10329 )
2020-11-05 12:33:50 -08:00
aphorise
e5a6ef2df2
Elipse / triple dots missing in VAULT_TOKEN ( #9929 )
2020-11-05 09:54:26 -08:00
Mark Gritter
f742277996
Documentation for client count / activity log API. ( #10315 )
...
* Documentation for client count API.
* New concepts page
Co-authored-by: swayne275 <swayne@hashicorp.com>
2020-11-05 11:47:48 -06:00
Austin Gebauer
e32e1e17c7
docs: clarify location of service account key file for google-specific OIDC handling ( #10313 )
2020-11-02 17:45:05 -08:00
Brian Kassouf
8af08c3221
Add an env var to enable a permit pool that limits lease expirations ( #10268 )
...
* Add a flag to enable a permit pool to gate lease expiration
* Use the env var to get the size
* Add logs and metris to help debug this
Co-authored-by: Hridoy Roy <roy@hashicorp.com>
2020-10-30 14:45:44 -07:00
Theron Voran
16eb1489d1
Update OIDC namespace_in_state docs ( #10269 )
...
To reflect the default of true for new configs.
2020-10-30 08:15:34 -07:00
Brian Kassouf
81a86f48e8
Backport some OSS changes ( #10267 )
...
* Backport some OSS changes
* go mod vendor
2020-10-29 16:47:34 -07:00
aphorise
f172eb9477
Docs - examples of IPv6 added in listener
section of configurations. ( #9601 )
2020-10-29 15:12:18 -04:00
akosuadenell
ab5b8bc6bf
Update index.mdx ( #10262 )
2020-10-29 12:04:48 -07:00
Hridoy Roy
f8a248ce48
Port: change leader status metric name to active ( #10245 )
...
* change active node metric name
* comment to see if commit is fine
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-10-29 10:30:45 -07:00
Jonas-Taha El Sesiy
b7cf4a05ff
Add support for Managed Identity auth for physical/Azure ( #10189 )
...
* Add support for Managed Identity auth for physical/Azure
Obtain OAuth token from IMDS to allow for access to Azure Blob with
short-lived dynamic credentials
Fix #7322
* add tests & update docs/dependencies
2020-10-28 15:04:26 -07:00
Jason O'Donnell
a4bcbb84e2
docs: fix k8s helm configuration rendering ( #10257 )
2020-10-28 10:51:40 -04:00
Hridoy Roy
0259be04e0
Port: Add metrics to report mount table sizes for auth and logical [Vault 671] ( #10201 )
...
* first commit
* update
* removed some ent features from backport
* final refactor
* backport patch
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MacBook-Pro.local>
Co-authored-by: Hridoy Roy <hridoyroy@Hridoys-MBP.hitronhub.home>
2020-10-27 08:24:43 -07:00
Tom Proctor
e6807a0645
Docs: Support for scopes in MongoDB Atlas database plugin ( #10241 )
2020-10-27 13:24:51 +00:00
Jason Witkowski
ebfaa551eb
Add ability to specify region for OCI Storage Backend ( #9302 )
...
* Add ability to specify region for OCI Storage Backend
* Fix capitalization in Vault documentation
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-10-26 18:28:32 -04:00
Theron Voran
d8dc45f03f
UI/OIDC: allow passing namespace in state ( #10171 )
...
* UI/OIDC: allow passing namespace in state
Suppport in the UI OIDC callback flow to parse namespace out of the
state parameter instead of a separate query parameter in the
redirect_uri. Includes docs for the option that enables this behavior
in the JWT plugin.
* 1.6 wordsmithing
* pass_namespace_in_state -> namespace_in_state
* re-wording
* use strict equals
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-10-26 18:17:21 -04:00
Michael Golowka
e07fe992ef
DBPW - Add readme to dbplugin package ( #10230 )
2020-10-26 13:57:02 -06:00
Theron Voran
b705d71ae7
Add info about aws timeouts to docs ( #10209 )
...
In auth/aws, seal/awskms, and secrets/aws, storage/s3, and
storage/dynamodb.
One blurb for the docs pages and one for the .0 upgrade pages.
2020-10-26 11:15:59 -07:00
Aleksandr Bezobchuk
95bbd8d920
Merge PR #10192 : Auto-Join: Configurable Scheme & Port (and add k8s provider)
2020-10-23 16:13:09 -04:00
Ryan Treat
d5169bae28
Update Venafi Secrets Engine doc to account for recent enhancements ( #10221 )
2020-10-22 16:25:37 -07:00
Jason O'Donnell
cdcbac013b
docs: update helm to 0.8.0 ( #10190 )
...
* docs: update helm to 0.8.0
* Fix formatting
* Add allowed values to failurePolicy
2020-10-20 15:47:47 -04:00
Jason O'Donnell
2dbd6dd098
Update injector docs for 0.6.0 ( #10186 )
2020-10-20 13:09:37 -04:00
Mike Green
77ea265a0a
Clarify prometheus_retention_time to 0 ( #10187 )
...
zero prometheus_retention_time will disable.
2020-10-20 11:51:08 -04:00
Michael Golowka
ec29078acb
DBPW - Update docs with password policies & new Database interface ( #10138 )
2020-10-19 15:58:09 -06:00
Julien Rottenberg
6c6dc2bfbb
Fix for broken link ( #10152 )
2020-10-16 16:44:33 -07:00
davidadeleon
ab18a74c08
Updated missing code encoding around two path references ( #10161 )
2020-10-16 16:26:28 -07:00
Aleksandr Bezobchuk
0d6a0ec589
Merge PR #10010 : Rate Limit Quotas: Allow Exempt Paths to be Configurable
2020-10-16 14:58:19 -04:00
Peter Souter
feaafb2c3a
Adds note that it requires a PEM-encoded file ( #10145 )
2020-10-14 16:43:07 -07:00
Jim Kalafut
a23ed17806
Add GCS storage change to 1.5.0 upgrade guide ( #10139 )
2020-10-14 07:34:47 -07:00
Hridoy Roy
771da35261
upgrade docs for new telemetry [VAULT-672] ( #10137 )
...
* upgrade docs for new telemetry
* Update telemetry.mdx
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-10-14 06:52:23 -07:00
Connor
8b1a3301f0
Add telemetry for LRU cache ( #10079 )
...
Vault creates an LRU cache that is used when interacting with the
physical backend. Add telemetry when the cache is hit, missed, written
to and deleted from. Use the MetricSink from ClusterMetrics
2020-10-13 10:11:54 -05:00
Calvin Leung Huang
95c5f60055
docs/ssh: update algorithm_signer param after #9824 ( #10126 )
2020-10-09 15:42:11 -07:00
Jimmy Merritello
ec133d98a2
Add new HashiStackMenu ( #10105 )
2020-10-09 12:15:38 -04:00
James Connor
86e79f6f26
lease_renewable false on STS AWS credentials ( #10115 )
...
See #1804
2020-10-08 10:25:01 -07:00
Peter Souter
c48ec9cfc3
Adding note about commands that are root only ( #10098 )
...
* We don’t specifically note anywhere that these
have to be run from root, so makes sense to add
2020-10-08 09:46:43 -07:00
Martin Baillie
09aa3dfa6c
Add reference to community GitHub secrets plugin ( #10111 )
2020-10-08 09:45:42 -07:00
Josh Black
088c6c7364
Add API docs for sys/monitor ( #9968 )
2020-10-07 11:53:07 -07:00
Josh Black
3e278b33dc
Clarify docs around audit non-hmac request and response keys ( #10018 )
2020-10-06 10:43:32 -07:00
Michel Vocks
dc5a0da770
Pull latest raft updates ( #10055 )
...
* Implement raft peers metric
* Remove old peers metric
* Update vault raft dependency
* Add peer_id docs
2020-10-05 16:36:48 +02:00
Meggie
da82b2096d
Adding an UG note on primary_cluster_addr behavior ( #10071 )
2020-10-02 13:25:09 -04:00
Troy Fluegge
2b9b41115a
Update index.mdx ( #10064 )
...
Reworded disable_mlock to remove confusion regarding what is acceptable for production deployments. Disabling mlock is alright for production given the additional security recommendations are implemented. Disabling mlock is also recommended for integrated storage
2020-10-01 15:31:03 -07:00
Aleksandr Bezobchuk
a3cfa7c447
Merge PR #10059 : Port OSS changes from #1497
2020-10-01 15:15:20 -04:00
Andy Assareh
ab7cd4f8db
corrected typo in "certificate" ( #9916 )
2020-09-28 17:39:01 -07:00
Andy Assareh
818120b401
corrected a missing noun ( #9917 )
2020-09-28 17:38:39 -07:00
Wacław Schiller
5d419f73c3
Minor fix to audit documentation ( #10047 )
2020-09-28 16:04:45 -07:00
Theron Voran
2ba19c3f16
Update k8s auth docs for new parameter ( #9992 )
...
Adds info about the disable_local_ca_jwt parameter.
Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-09-25 11:17:28 -07:00
Hridoy Roy
a20fe5c066
moved the documentation to kv2 page ( #10017 )
...
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-22 11:58:00 -07:00
Lauren Voswinkel
15e608c0ed
Update AD secret engine docs for root cred rotation ( #9990 )
2020-09-21 16:21:14 -07:00
Meggie
9190860cc0
docs: Change sidebar labeling to use Integrated Storage ( #10002 )
...
I changed some verbiage in the page as well.
2020-09-21 15:55:36 -04:00
Mike Green
9eb1fb1df4
minor only ha_storage clarification ( #10001 )
2020-09-21 13:06:03 -04:00
Sebin John
9b3e244e40
Fix doc formatting. ( #9994 )
2020-09-21 10:01:43 -07:00
acahn
795b118941
Update index.mdx ( #9950 )
...
MongoDB Atlas Language modernization update
2020-09-16 12:02:34 -07:00
Lauren Voswinkel
5740e1ff9e
5844 AWS Root Credential Rotation ( #9921 )
...
* strip redundant field type declarations
* root credential rotation for aws creds plugin
* Change location of mocks awsutil and update methods that no longer exist
* Update website/pages/docs/auth/aws.mdx
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
* Update sdk version to get the awsutil mock file
* Re-vendor modules to pass CI
* Use write lock for the entirety of AWS root cred rotation
* Update docs for AWS root cred rotation for clarity
Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-09-15 15:26:56 -07:00
Scott Miller
4062c8a5c3
Add a note on performance and availability to the HSM behavior docs ( #9923 )
2020-09-14 11:28:23 -05:00
Jason O'Donnell
9a9d886a2d
doc: add VAULT_DISABLE_MLOCK env ( #9933 )
2020-09-11 13:57:09 -04:00
Alexander Bezobchuk
444f2b5469
Merge PR #9922 : Document rate limit list API
2020-09-11 08:54:21 -04:00
Mike Green
8d3b8440e8
Docs: Add that vault deletes IAM user ( #9919 )
2020-09-10 15:23:41 -07:00
Jim Kalafut
51a1ccea1c
Update upgrade guides for latest releases ( #9908 )
2020-09-08 16:53:43 -07:00
Kevin Pruett
7da4317b49
Integrate @hashicorp/react-search into layout ( #9868 )
2020-09-08 14:17:36 -07:00
Jason O'Donnell
fe7229028f
docs: add required/optional to kerberos autoauth config ( #9897 )
...
* docs: add required/optional to kerberos autoauth config
* Remove double space
2020-09-04 17:20:21 -04:00
Mark Gritter
f12719fbde
Add upgrade note about the KV metric crash. ( #9882 )
...
Co-authored-by: swayne275 <swayne275@gmail.com>
2020-09-02 22:19:09 -05:00
Calvin Leung Huang
63d484b831
docs: fix URL for plugin portal mdx page ( #9885 )
2020-09-02 17:20:00 -07:00
Calvin Leung Huang
744623746a
docs: add a plugin portal page ( #9590 )
...
* docs: add a plugins directory page
* docs: remove divs on the plugins directory page
* add columns
* tag component
* docs: use tags on plugins directory
* docs: revert tags on plugins directory for now
* fix header for official plugins
* add note on submission for community plugins
* s/plugins directory/plugin portal/
* move portal page into docs section
* tag oracle db as external, fix kerberos misspelling
* include gh issue template as submission form
Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-09-02 16:25:06 -07:00
Theron Voran
4fa8cc422a
Updating the vault injector connectivity docs ( #9783 )
...
Adding more detail about connectivity requirements, noting that
masters sometimes need to connect to workers on :8080, and
considerations when Vault is running outside of Kubernetes.
2020-09-02 14:07:31 -07:00
Jason O'Donnell
d10a000e2f
docs: add injector tls setup ( #9871 )
...
* docs: add injector tls setup
* Add missing prompts
* Grammar
* fix sidebar
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/examples/injector-tls.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
* Move note before command
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-09-02 11:36:21 -04:00
Jason O'Donnell
b2110a2e87
docs: add ldap ppolicy to enforce password hashing ( #9856 )
...
* docs: add ldap ppolicy to enforce password hashing
* formatting
* grammar
* Clarify password policy doc
2020-08-31 13:05:27 -04:00
Jim Kalafut
b61f080daf
Update docs to add EdDSA to supported algorithms ( #9854 )
2020-08-29 10:30:05 -07:00
Calvin Leung Huang
0d723e54a9
docs: add tls settings on cert auto-auth's config page ( #9848 )
2020-08-27 19:21:32 -07:00
Michael Ethridge
a71798a445
TLS Cert Authentication example updates ( #9735 )
...
* TLS Cert Authentication example updates
- Updated the Cert Auth example description to clarify which CA
should issue the certificate.
- Removed `-ca-cert` parameter from examples as this caused
confusion. Is this the auth CA or the CA of the listener?
* Return CA parameter to examples, add Note
- Returned CA parameter to login examples
- Added note above examples to explain which CA is being used in CLI
- Updated examples in API doc to use httpS
- Added note above login example to explain wich CA is being used
Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-08-27 17:47:16 -07:00
Jim Kalafut
ba1adb6d22
Update Known Issues ( #9847 )
...
Provide information about AWS IAM fix versions.
2020-08-27 16:48:44 -07:00
Austin Gebauer
b96f073e23
docs: fixes rollback_statements description and some punctuation ( #9836 )
2020-08-26 16:49:17 -07:00
Scott Miller
4c4fb54806
Aws auth fixes ( #9825 )
...
* Bring over PSIRT-37 changes from ENT
* Add additional allowed headers
* Already had this one
* Change to string slice comma separated parsing
* Add allowed_sts_header_values to read output
* Only validate AWS related request headers
* one per line
* Import ordering
* Update test
* Add X-Amz-Credential
* Reorder imports
2020-08-25 17:37:59 -05:00
Jason O'Donnell
052dea6e57
doc: update vault-helm to 0.7.0 ( #9810 )
...
* doc: update vault-helm to 0.7.0
* Fix typo in agent image
* Remove doc from sidebar
* Update website/pages/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Clint <catsby@users.noreply.github.com>
* Update website/pages/docs/platform/k8s/helm/configuration.mdx
Co-authored-by: Clint <catsby@users.noreply.github.com>
* Add note about prometheus
Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-08-24 19:03:36 -04:00
Jason O'Donnell
dfd5e2d532
vault-k8s: add new annotations for 0.5.0 ( #9804 )
...
* vault-k8s: add new annotations for 0.5.0
* feedback revision
2020-08-24 13:20:29 -04:00
Jim Kalafut
8815905114
Add Known Issue for AWS IAM logins ( #9798 )
...
* Add Known Issue for AWS IAM logins
* Add note about license issue
2020-08-21 15:21:56 -07:00
Andy Baran
dffd0dfa4b
K8s docs cross reference ( #9795 )
...
* add links to commonly reference Learn site docs
* fixed markdown links
* Moved Deployment Guide to "Guides" subs section
2020-08-21 15:03:01 -04:00
Mark Gritter
6cd00407ad
Add vault.metrics.collection.* metrics to documentation. ( #9796 )
2020-08-21 13:27:30 -05:00
Meggie
275a34476c
Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5 ( #9793 )
...
* Updates for 1.5.1, 1.4.4, 1.3.8, and 1.2.5
* Recommend against using these versions
* Re-running checks
* Update docs-navigation.js
2020-08-20 18:57:44 -04:00
ncabatoff
7f7ac71746
Document allowed_domains_template. ( #9751 )
2020-08-20 09:54:52 -04:00
ncabatoff
f20f3747c7
New seal migration strategy doesn't work in 1.4. ( #9765 )
2020-08-20 09:54:28 -04:00
Junya Ogasawara
0a13195450
Reduce a required permission for OIDC with AzureAD ( #9785 )
...
`Group.Read.All` is too permissive policy to achieve external groups
feature. `GroupMembers.Read.All` is enough for that purpose.
MicroSoft Graph API Permission reference follows
https://docs.microsoft.com/en-us/graph/permissions-reference#application-permissions-23
2020-08-20 00:00:31 -07:00
Martin Hristov
ac36da333d
Add note for AD domain usernames in MSSQL ( #9743 )
...
Adding a note that `vaultuser` might be part of the AD domain like `DOMAIN\vaultuser`.
2020-08-18 10:35:21 -06:00
Tom Proctor
ba9d1b6fbf
Couchbase database plugin documentation ( #9764 )
2020-08-18 15:57:18 +01:00