luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
7214 commits 1 branch 0 tags 214 MiB
Commit graph

1781 commits

Author SHA1 Message Date
Brian Shumate 07a0d25aeb Docs: Update PKI output examples - addresses #3606 (#3628) 2017-12-11 11:57:07 -05:00
Jeff Mitchell b5d21ebdae
Cross reference pki/cert in a few places. 2017-12-11 11:10:28 -05:00
Brad Sickles 295e11d40d Adding mfa support to okta auth backend. (#3653) 2017-12-07 14:17:42 -05:00
Brian Shumate a0d1092420 Conditionally set file audit log mode (#3649) 2017-12-07 11:44:15 -05:00
Mohsen 2aa576149c Small typo relating to no_store in pki secret backend (#3662) 
* Removed typo :)

* Corrected typo in the website related to no_store
 2017-12-07 10:40:21 -05:00
Brian Kassouf 34f5d1e637 Remove the note about GKE from the Kubernetes docs (#3658) 2017-12-06 13:38:00 -05:00
Calvin Leung Huang 41f03b466a
Support MongoDB session-wide write concern (#3646) 
* Initial work on write concern support, set for the lifetime of the session

* Add base64 encoded value support, include docs and tests

* Handle error from json.Unmarshal, fix test and docs

* Remove writeConcern struct, move JSON unmarshal to Initialize

* Return error on empty mapping of write_concern into mgo.Safe struct
 2017-12-05 15:31:01 -05:00
Calvin Leung Huang 8f87854b86
Clarify api_addr related errors on VaultPluginTLSProvider (#3620) 
* Mention api_addr on VaultPluginTLSProvider logs, update docs

* Clarify message and mention automatic api_address detection

* Change error message to use api_addr

* Change error messages to use api_addr
 2017-12-05 12:01:35 -05:00
Laura Uva 892a0cb5e0 Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key (#3632) 2017-12-04 12:12:58 -05:00
Brian Shumate 5a9d8c60ac Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629) 2017-12-04 12:10:26 -05:00
Jeff Mitchell e301ebe91b
Update secrets page 
Fixes #3623
 2017-12-04 12:05:34 -05:00
Jeff Mitchell f762d0615e
Remove beta notice 2017-12-04 08:25:16 -08:00
Chris Hoffman b17fb19b52 Expanding on the quick start guide with how to set up an intermediate authority (#3622) 2017-12-04 11:23:58 -05:00
Brian Shumate ac69680d7b Docs: mlock() notes, fixes #3605 (#3614) 2017-12-04 10:56:16 -05:00
crdotson fd2464c410 Fix spelling (#3609) 
changed "aomma" to "comma"
 2017-12-04 10:53:58 -05:00
csawyerYumaed 605efa37e9 update relatedtools, add Goldfish UI. (#3597) 
Add link to Goldfish a  web UI for Vault.
 2017-12-04 10:51:16 -05:00
Paul Pieralde ff2c8d4865 Fix docs for Transit API (#3588) 2017-12-04 10:34:05 -05:00
Jeff Mitchell d81a39ab99 Update cassandra docs with consistency value. 
Fixes #3361
 2017-12-02 14:18:23 -05:00
Marc Sensenich 92f937c021 Remove Trailing White space in Kubernetes Doc (#3360) 
Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example

```
vault write auth/kubernetes/role/demo \
    bound_service_account_names=vault-auth \
    bound_service_account_namespaces=default \
    policies=default \
    ttl=1h
```
 2017-12-02 14:12:39 -05:00
immutability 74bd27bdb5 Missing command for vault PUT operation (#3355) 2017-12-02 13:43:37 -05:00
Jeff Mitchell f79a15ddcd Update some rekey docs 
Fixes #3306
 2017-12-02 13:34:52 -05:00
Nicolas Corrarello 7b14f41872
Fix docs up to current standards 
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
 2017-11-29 16:53:42 +00:00
Nicolas Corrarello b3799697a2
Rename policy into policies 2017-11-29 16:31:17 +00:00
Nicolas Corrarello a6d3119e3e
Pull master into f-nomad 
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
 2017-11-29 15:56:37 +00:00
Laura Uva 3b5cbe54fd Added clarification to KV documentation about default CLI behavior and how to preserve non-string type values (#3596) 2017-11-27 11:43:49 -05:00
Brian Shumate fa4af18b73 Docs: policy update for multiple policies, fixes #3611 (#3613) 2017-11-27 09:54:38 -05:00
mariachugunova 89a0919250 Fix typo in s3 storage backend docs (#3603) 2017-11-23 13:28:33 -08:00
Vishal Nayak 5f02a64206
docs: encryption/decryption now supports asymmetric keys (#3599) 2017-11-21 12:25:28 -05:00
Jeff Mitchell 422c1898c8 Update upgrade guide with HSM info 2017-11-16 11:04:46 -05:00
Vishal Nayak 00dfc1c4de
Docs: Remove 'none' as algorithm options (#3587) 2017-11-15 09:09:45 -05:00
Jeff Mitchell 141548fb33 Add now-necessary mfa import to sentinel MFA example 2017-11-14 21:42:43 -05:00
Brian Kassouf 85a5a75835
Add token_reviewer_jwt to the kubernetes docs (#3586) 2017-11-14 13:27:09 -08:00
Chris Hoffman b3a7d8ecf3
adding licensing docs (#3585) 2017-11-14 16:15:09 -05:00
Paul Pieralde 8fedef3d99 Docs change for Policy API (#3584) 
vault 0.9.0 deprecated the term `rules` in favor of the
term `policy` in several of the /sys/policy APIs.

The expected return state of 200 SUCCESS_NO_DATA only happens
if the `policy` term is used. A response including the
deprecation notice and a 204 SUCCESS_WITH_DATA status code
is returned when `rules` is applied.
 2017-11-14 14:26:26 -05:00
Vishal Nayak 2b481defe4
Upgrade to 0.9 (#3583) 
* Upgrade to 0.9

* Add link to sidebar

* Remove items that were already in 0.8 upgrade guide
 2017-11-14 13:32:09 -05:00
Vishal Nayak 3c7f194797
Doc: Add groups to identity concepts (#3581) 
* Add groups to the concepts page

* s/pulled-in and pulled-out/synced against

* Remove double spaces
 2017-11-14 13:27:49 -05:00
Seth Vargo 68052f18d0
Flip seal pages upside down to put examples first 2017-11-14 13:12:35 -05:00
Seth Vargo 4efcfe03d1
Add an auto-unseal page to the docs 
This helps with SEO and also is where I'd expect auto unsealing to be referenced.
 2017-11-14 13:12:20 -05:00
Seth Vargo b09d042173
Use super to show enterprise 2017-11-14 13:11:55 -05:00
Jeff Mitchell 8ba71a67e5 Minor website wording updates 2017-11-14 12:34:28 -05:00
Jeff Mitchell 40e3883788 Fix some broken links 2017-11-14 12:32:03 -05:00
Jeff Mitchell 7ac167f8a4 Sync docs 2017-11-14 06:13:11 -05:00
Jeff Mitchell 77442f8640 Prep for 0.9.0 2017-11-14 06:08:56 -05:00
Vishal Nayak 5d976794d4
API refactoring and doc updates (#3577) 
* Doc updates and API refactoring

* fix tests

* change metadata fieldtype to TypeKVPairs

* Give example for TypeKVPairs in CLI for metadata

* Update API docs examples to reflect the native expected value for TypeKVPairs

* Don't mention comma separation in the docs for TypeCommaStringSlice

* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias

* Address review feedback

* Fix formatting

* fix sidebar links
 2017-11-13 20:59:42 -05:00
Laura Uva 96e80e38e8 Updated the Replication guide to make it clear that it is focused on Performance Replication. Added a link to our general info page for information on DR Replication. Removed some statements about DR not being available yet. (#3502) 2017-11-13 11:55:04 -05:00
Brian Shumate 697a506b7b DOCS: Update telemetry docs - fixes #3557 (#3571) 2017-11-13 09:58:04 -05:00
Calvin Leung Huang 87feab4492
Docs update related to new top-level config values (#3556) 
* Add new top level config value docs, add VAULT_API_ADDR, purge old references

* Fix indentation

* Update wording on ha.html

* Add section on split data/HA mode

* Fix grammar
 2017-11-10 20:06:07 -05:00
Vishal Nayak 645c068011
transit doc update (#3564) 2017-11-09 16:17:54 -05:00
James Soubry f2a98cc662 Fix curl commands (#3558) 
Curl commands require HCL within JSON to work.
 2017-11-09 10:16:09 -05:00
Calvin Leung Huang b7deec2bec Add docs for /sys/rekey-recovery-key (#3520) 2017-11-08 14:22:30 -05:00
Paul Pieralde 01ff6293e0 Doc fix for Create/Update Token API (#3548) 
`orphan` is intended to be default to False. Docs indicate this
is default to True. Simple change to update the docs only.
 2017-11-07 18:06:44 -05:00
Joel Thompson 2c8cd19e14 auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive (#3291) 2017-11-06 17:12:07 -05:00
Chris Hoffman de8c0dce99 minor cleanup 2017-11-06 16:34:20 -05:00
Jonathan Freedman 4109473134 More Mount Conflict Detection (#2919) 2017-11-06 15:29:09 -05:00
Gregory Reshetniak 57c9afa357 added AWS enpoint handling (#3416) 2017-11-06 13:31:38 -05:00
Calvin Leung Huang d7305a4681
Add note on support for using rec keys on /sys/rekey (#3517) 2017-11-06 12:18:15 -05:00
Jason Antman af649c60d0 Add third party tools list to website (#3488) 2017-11-06 12:11:02 -05:00
Jeff Mitchell 17310654a1
Add PKCS8 marshaling to PKI (#3518) 2017-11-06 12:05:07 -05:00
Nicolas Corrarello 5a317a1a32
Updated documentation 2017-11-06 15:13:50 +00:00
Calvin Leung Huang 93917743df
Update SSH list roles docs (#3536) 2017-11-03 18:00:46 -04:00
Vishal Nayak e4e4a7ba67
Capabilities responds considering policies on entities and groups (#3522) 
* Capabilities endpoint will now return considering policies on entities and groups

* refactor the policy derivation into a separate function

* Docs: Update docs to reflect the change in capabilities endpoint
 2017-11-03 11:20:10 -04:00
Vishal Nayak 06923430cc
docs: s/persona/alias (#3529) 2017-11-03 11:17:59 -04:00
Vishal Nayak 52df62d4ff
Encrypt/Decrypt/Sign/Verify using RSA in Transit backend (#3489) 
* encrypt/decrypt/sign/verify RSA

* update path-help and doc

* Fix the bug which was breaking convergent encryption

* support both 2048 and 4096

* update doc to contain both 2048 and 4096

* Add test for encrypt, decrypt and rotate on RSA keys

* Support exporting RSA keys

* Add sign and verify test steps

* Remove 'RSA' from PEM header

* use the default salt length

* Add 'RSA' to PEM header since openssl is expecting that

* export rsa keys as signing-key as well

* Comment the reasoning behind the PEM headers

* remove comment

* update comment

* Parameterize hashing for RSA signing and verification

* Added test steps to check hash algo choice for RSA sign/verify

* fix test by using 'prehashed'
 2017-11-03 10:45:53 -04:00
Vishal Nayak a7acc23034
docs: Add config/ca delete operation (#3525) 2017-11-03 06:19:21 -04:00
Chris Hoffman 3d8d887676
Add ability to require parameters in ACLs (#3510) 2017-11-02 07:18:49 -04:00
Nicolas Corrarello d540985926 Unifying Storage and API path in role 2017-10-31 21:06:10 +00:00
Nicolas Corrarello 0fc65cabc7 Minor/Cosmetic fixes 2017-10-31 19:11:24 +00:00
Nathan Valentine 0345dca20f Should these names not reference Vault? (#3506) 
Since we are in the Vault docs, should these names not reference Vault instead of Nomad?
 2017-10-30 11:04:38 -05:00
Jeff Mitchell 963f516ac9 Fix C&P in docs. 
Fixes #3454
 2017-10-27 16:43:26 -04:00
Vishal Nayak b16084fdaf aws-ec2: Avoid audit logging of custom nonces (#3381) 2017-10-27 11:23:15 -04:00
smeach c575435040 Updated cli arg to reflect text description (#3487) 2017-10-27 09:44:56 -05:00
AJ Bourg a71add2973 Add a doc for the token helper (#3411) 
* Add token helper docs.

* Update it so the new token helpers page appears in the navigation.
 2017-10-27 09:42:33 -05:00
Christophe Tafani-Dereeper 5ff1485a3e Correct typos in the sys/raw documentation (#3484) 2017-10-24 10:33:57 -04:00
Seth Vargo 83b1eb900a
More naming cleanup 2017-10-24 09:35:03 -04:00
Seth Vargo a07c7d7368
Update guides to use new CLI commands 2017-10-24 09:34:30 -04:00
Seth Vargo 53f26e6bd7
Update getting started walkthrough 2017-10-24 09:34:30 -04:00
Seth Vargo 7463ba73a5
Oops typo 2017-10-24 09:34:30 -04:00
Seth Vargo 6c1411447c
Remove more references to auth backend 2017-10-24 09:34:12 -04:00
Seth Vargo 926ca5c125
Update k8s documentation 2017-10-24 09:34:12 -04:00
Seth Vargo 51a27b758b
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo 2982fdf7ca
Remove ?list examples 
They are documented in the overall API section, but people should get used to seeing LIST as a verb
 2017-10-24 09:32:15 -04:00
Seth Vargo a85d3c6270
Remove smaller font on embedded code snippets 2017-10-24 09:32:15 -04:00
Seth Vargo c5665920f6
Standardize on "auth method" 
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
 2017-10-24 09:32:15 -04:00
Seth Vargo 3bbeace911
Audit backend -> device 2017-10-24 09:30:52 -04:00
Seth Vargo f7310eac04
Add new commands to the sidebar 2017-10-24 09:30:52 -04:00
Seth Vargo aa34fb17c7
Absorb help and read-write into index 2017-10-24 09:30:52 -04:00
Seth Vargo 162c525159
Add "write" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo 6fa133852e
Add "unwrap" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo 4d80ccbb4c
Add "token" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo 51e185b9a2
Add "status" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo 4634949b9b
Add "ssh" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo a106350950
Add "server" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo 28fa271c4e
Add "secrets" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo bcf6657e9c
Add "read" command documentation 2017-10-24 09:30:52 -04:00
Seth Vargo c743167f4c
Add "policy" command documentation 2017-10-24 09:30:51 -04:00
Seth Vargo 54f8e0adb2
Update "path-help" documentation 2017-10-24 09:30:51 -04:00
Seth Vargo f48bc06d93
Add "operator" command documentation 2017-10-24 09:30:51 -04:00
Seth Vargo a81ff9a97c
Add "login" command documentation 2017-10-24 09:30:51 -04:00
Seth Vargo 50d6c9a642
Add "list" command documentation 2017-10-24 09:30:51 -04:00
Seth Vargo 57c0d53121
Add "lease" command documentation 2017-10-24 09:30:51 -04:00