Commit graph

2861 commits

Author SHA1 Message Date
Jim Kalafut e3484526b8
Update identity token docs (#7195) 2019-07-26 09:59:38 -07:00
Jeff Mitchell 4c77d69fff Prep for rc1 release 2019-07-25 13:08:49 -04:00
Michel Vocks 524d101008 Added s3 storage path parameter (#7157) 2019-07-24 12:48:26 -04:00
Jonathan Sokolowski 325c06b2cc Add -dev-no-store-token to vault server command (#7104)
When starting a vault dev server the token helper is invoked to store
the dev root token.
This option gives the user the ability to not store the token.

Storing the token can be undesirable in certain circumstances
(e.g.  running local tests) as the user's existing vault token is
clobbered without warning.

Fixes #1861
2019-07-24 12:41:07 -04:00
Jim Kalafut 62e2aeb952
Rename entity group membership template parameters (#7099) 2019-07-19 10:08:47 -07:00
Mike Jarmy 0d4ae949a8
Add 'log-format' CLI flag, along with associated config flag, for 'vault server' command. (#6840)
* Read config before creating logger when booting vault server

* Allow for specifying log output in JSON format in a config file, via a 'log_level' flag

* Create parser for log format flag

* Allow for specifying log format in a config file, via a 'log_format' flag. Also, get rid of 'log_json' flag.

* Add 'log-format' command line flag

* Update documentation to include description of log_format setting

* Tweak comment for VAULT_LOG_FORMAT environment variable

* add test for ParseEnvLogFormat()

* clarify how log format is set

* fix typos in documentation
2019-07-18 15:59:27 -04:00
Jason O'Donnell be2e98a1f3
doc: Add default SSL note to PG storage (#7125) 2019-07-18 14:37:24 -04:00
Calvin Leung Huang ce829655a1
docs: update kmip scope delete api section (#7140)
* docs: update kmip scope delete api section

* fix wording in force param

* update scope delete example
2019-07-18 11:25:01 -07:00
Calvin Leung Huang f6d57042a1
docs: update kmip scope delete api section (#7127) 2019-07-16 14:05:48 -07:00
Martin Lee 6e672d398e Explain the dev server mounts a KV store (#7083)
Resolves #7081
2019-07-08 08:56:39 -07:00
Tim Arenz 54aaf8a87d Update tokens.html.md (#6697)
Fixing miner typo by adding dot.
2019-07-05 15:39:16 -07:00
Brian Shumate 39676b0b74 Update API docs for Create Token — resolves #7053 (#7056)
- Update sample `payload.json`
- Update sample response
2019-07-05 15:38:37 -07:00
Justin Weissig a5e762d36a docs: spelling (#6838)
Fixed minor spelling error: sychronized/synchronized.
2019-07-05 15:36:58 -07:00
Brian Shumate c041e7134c Update Cert Auth Login API docs — resolves #7039 (#7058)
- Add `--cert` and `--key` options to `curl` example so that it is
  clearer that the certificate and key must also be passed in
2019-07-05 15:36:20 -07:00
Daniel Mangum 3a6d8dbdd1 plugin docs: update example code snippet with correct imports and link to developing plugin backends tutorial (#6843)
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
2019-07-05 15:35:36 -07:00
Clint 28447e00a3 Combined Database backend: Add Static Account support to MySQL (#6970)
* temp support for mysql+static accounts

* remove create/update database user for static accounts

* update tests after create/delete removed

* small cleanups

* update postgresql setcredentials test

* temp support for mysql+static accounts

* Add Static Account support to MySQL

* add note that MySQL supports static roles

* remove code comment

* tidy up tests

* Update plugins/database/mysql/mysql_test.go

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update plugins/database/mysql/mysql.go

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* update what password we test

* refactor CreateUser and SetCredentials to use a common helper

* add close statements for statements in loops

* remove some redundant checks in the mysql test

* use root rotation statements as default for static accounts

* missed a file save
2019-07-05 14:52:56 -04:00
Michel Vocks 524c7517e9
Add namespace config option to agent auto-auth config (#6988)
* Added namespace option to vault agent auto-auth method

* Implemented review feedback
2019-07-03 09:33:20 +02:00
Garrett T 8fc4a63796 Set MaxIdleConns to reduce connection churn (postgresql physical) (#6967)
* Set MaxIdleConns to reduce connection churn (postgresql physical)

* Make new  "max_idle_connection" config option for physical postgresql

* Add docs for "max_idle_connections" for postgresql storage

* Add minimum version to docs for max_idle_connections
2019-07-02 15:03:56 -07:00
Michael Gaffney 4044cff8f2
Merge branch 'master' into mgaffney/kv-delete-version-after 2019-07-02 17:27:36 -04:00
emily 333d0425b9 fix permissions in GCP auth docs (#7035) 2019-07-01 15:13:36 -07:00
Jason O'Donnell 20e485a9d3
Add leeway parameters to JWT auth doc (#6947)
* Add leeway parameters to JWT auth doc

* Clarify leeway doc

* Apply suggestions from code review

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* Add note about only being applicable to JWT

* Update for negative values
2019-07-01 10:12:53 -04:00
Michel Vocks 2b5aca4300
Token identity support (#6267)
* Implemented token backend support for identity

* Fixed tests

* Refactored a few checks for the token entity overwrite. Fixed tests.

* Moved entity alias check up so that the entity and entity alias is only created when it has been specified in allowed_entity_aliases list

* go mod vendor

* Added glob pattern

* Optimized allowed entity alias check

* Added test for asterisk only

* Changed to glob pattern anywhere

* Changed response code in case of failure. Changed globbing pattern check. Added docs.

* Added missing token role get parameter. Added more samples

* Fixed failing tests

* Corrected some cosmetical review points

* Changed response code for invalid provided entity alias

* Fixed minor things

* Fixed failing test
2019-07-01 11:39:54 +02:00
Mike Ruth ee705088be Include Daytona as a third party tool (#6999)
* Include Daytona as third party tool

This is to include [Cruise's Daytona](https://github.com/cruise-automation/daytona) to the list of third party tools.
2019-06-30 20:49:11 -04:00
Vishal Nayak 2fcac90052
Raft Docs (#6966)
* Raft configuration doc

* API docs

* join sample

* Fix the Join API

* Add snapshot-force

* Update sys/storage subsection

* Use actual certs in examples

* Add sample configuration response

* Fix link

* remove TLS config options
2019-06-28 14:09:14 -04:00
Calvin Leung Huang 21059820d2
KMIP docs (#6969)
* docs: add docs/secrets/kmip

* Add KMIP API docs.

* small typo fix

* Update website/source/api/secret/kmip/index.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/api/secret/kmip/index.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/api/secret/kmip/index.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* Update website/source/api/secret/kmip/index.html.md

Co-Authored-By: Calvin Leung Huang <cleung2010@gmail.com>

* format tables in api docs

* fix table formatting

* Fix wording.

* Remove references to tls_max_path_length.
2019-06-28 11:05:00 -07:00
Michael Gaffney 3b12c58e33
docs: Add delete-version-after to kv command line docs 2019-06-28 13:36:07 -04:00
Michael Gaffney 9366f95816 Remove delete-version-after from kv put and undelete subcommands
Removes the optional parameter "delete-version-after" from the following
CLI subcommands:

- kv put
- kv undelete
- kv rollback
2019-06-27 14:17:46 -04:00
Michael Gaffney 42324c22ff Add delete-version-after to kv CLI subcommands
Adds a new optional parameter "delete-version-after" to the following
CLI subcommands:

- kv metadata put
- kv put
- kv undelete
- kv rollback
2019-06-27 14:17:46 -04:00
Thomas Kula be998aeeac Cert auth method examples need to use https (#6961)
In order to present a client certificate to use the certificate
auth method, you must use https.
2019-06-27 11:04:09 -04:00
Lexman a4ba0e22ac Identity tokens documentation (#6971) 2019-06-26 07:31:10 -07:00
Jim Kalafut 4066a1d09c
Correct API docs examples (#6963) 2019-06-24 07:39:34 -07:00
Clint 4b00597609
Combined Database backend: remove create/delete support (#6951)
* remove create/update database user for static accounts

* update tests after create/delete removed

* small cleanups

* update postgresql setcredentials test
2019-06-23 15:58:07 -05:00
Jim Kalafut c7283f99ed
Update JWT tips (#6955) 2019-06-21 14:50:12 -07:00
Jim Kalafut 1074b5046f
Minor clean up JWT provider docs (#6952) 2019-06-21 11:49:08 -07:00
Anner J. Bonilla c98caa2cd7 update azure instructions (#6858)
Update instructions in regards to azure AD Authentication and OIDC
2019-06-21 11:28:12 -07:00
Jeff Escalante 7e7deeaa15 Add lockfile for website (#6940)
* add package-lock

* update package lock
2019-06-20 17:53:12 -04:00
Becca Petrin cd0f2ec5f6
Merge pull request #6913 from hashicorp/pcf-docs
PCF documentation
2019-06-20 09:28:06 -07:00
Aaron Bedra db25895001 Adds libvault to list of client libraries (#6890) 2019-06-20 08:01:12 -07:00
Brian Shumate 630de4d1ae Switch to simpler 'configured' (#6892) 2019-06-20 08:00:12 -07:00
Clint b55303eddb
Combined Database Backend: Static Accounts (#6834)
* Add priority queue to sdk

* fix issue of storing pointers and now copy

* update to use copy structure

* Remove file, put Item struct def. into other file

* add link

* clean up docs

* refactor internal data structure to hide heap method implementations. Other cleanup after feedback

* rename PushItem and PopItem to just Push/Pop, after encapsulating the heap methods

* updates after feedback

* refactoring/renaming

* guard against pushing a nil item

* minor updates after feedback

* Add SetCredentials, GenerateCredentials gRPC methods to combined database backend gPRC

* Initial Combined database backend implementation of static accounts and automatic rotation

* vendor updates

* initial implementation of static accounts with Combined database backend, starting with PostgreSQL implementation

* add lock and setup of rotation queue

* vendor the queue

* rebase on new method signature of queue

* remove mongo tests for now

* update default role sql

* gofmt after rebase

* cleanup after rebasing to remove checks for ErrNotFound error

* rebase cdcr-priority-queue

* vendor dependencies with 'go mod vendor'

* website database docs for Static Role support

* document the rotate-role API endpoint

* postgres specific static role docs

* use constants for paths

* updates from review

* remove dead code

* combine and clarify error message for older plugins

* Update builtin/logical/database/backend.go

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* cleanups from feedback

* code and comment cleanups

* move db.RLock higher to protect db.GenerateCredentials call

* Return output with WALID if we failed to delete the WAL

* Update builtin/logical/database/path_creds_create.go

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* updates after running 'make fmt'

* update after running 'make proto'

* Update builtin/logical/database/path_roles.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/path_roles.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* update comment and remove and rearrange some dead code

* Update website/source/api/secret/databases/index.html.md

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* cleanups after review

* Update sdk/database/dbplugin/grpc_transport.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* code cleanup after feedback

* remove PasswordLastSet; it's not used

* document GenerateCredentials and SetCredentials

* Update builtin/logical/database/path_rotate_credentials.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* wrap pop and popbykey in backend methods to protect against nil cred rotation queue

* use strings.HasPrefix instead of direct equality check for path

* Forgot to commit this

* updates after feedback

* re-purpose an outdated test to now check that static and dynamic roles cannot share a name

* check for unique name across dynamic and static roles

* refactor loadStaticWALs to return a map of name/setCredentialsWAL struct to consolidate where we're calling set credentials

* remove commented out code

* refactor to have loadstaticwals filter out wals for roles that no longer exist

* return error if nil input given

* add nil check for input into setStaticAccount

* Update builtin/logical/database/path_roles.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* add constant for queue tick time in seconds, used for comparrison in updates

* Update builtin/logical/database/path_roles.go

Co-Authored-By: Jim Kalafut <jim@kalafut.net>

* code cleanup after review

* remove misplaced code comment

* remove commented out code

* create a queue in the Factory method, even if it's never used

* update path_roles to use a common set of fields, with specific overrides for dynamic/static roles by type

* document new method

* move rotation things into a specific file

* rename test file and consolidate some static account tests

* Update builtin/logical/database/path_roles.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/rotation.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/rotation.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/rotation.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/rotation.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update builtin/logical/database/rotation.go

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* update code comments, method names, and move more methods into rotation.go

* update comments to be capitalized

* remove the item from the queue before we try to destroy it

* findStaticWAL returns an error

* use lowercase keys when encoding WAL entries

* small cleanups

* remove vestigial static account check

* remove redundant DeleteWAL call in populate queue

* if we error on loading role, push back to queue with 10 second backoff

* poll in initqueue to make sure the backend is setup and can write/delete data

* add revoke_user_on_delete flag to allow users to opt-in to revoking the static database user on delete of the Vault role. Default false

* add code comments on read-only loop

* code comment updates

* re-push if error returned from find static wal

* add locksutil and acquire locks when pop'ing from the queue

* grab exclusive locks for updating static roles

* Add SetCredentials and GenerateCredentials stubs to mockPlugin

* add a switch in initQueue to listen for cancelation

* remove guard on zero time, it should have no affect

* create a new context in Factory to pass on and use for closing the backend queue

* restore master copy of vendor dir
2019-06-19 14:45:39 -05:00
Becca Petrin 35faaef504 update field name to change from pr feedback 2019-06-19 09:54:18 -07:00
Alvin Huang 168a7ab1d5 pin github and netlify providers and fix config 2019-06-19 10:45:35 -04:00
Yoko ba82b04b15
Added a note about JWT (#6899) 2019-06-18 12:36:51 -07:00
Becca Petrin 57b2fbbd78 add to sidebar 2019-06-18 11:08:38 -07:00
Becca Petrin 7be6286966 fix typo 2019-06-18 09:32:14 -07:00
Becca Petrin 3fc63eb9d5 add api docs 2019-06-17 16:56:14 -07:00
Becca Petrin cd1b53b350 add agent docs 2019-06-17 15:24:10 -07:00
Becca Petrin 30d7f742b3 fix more typos 2019-06-17 15:09:43 -07:00
Becca Petrin 1ca20773c2 fix typos 2019-06-17 15:08:37 -07:00
Becca Petrin a420b966bb add docs 2019-06-17 15:00:30 -07:00
Becca Petrin ca165ffdef add es docs to sidebars 2019-06-17 12:05:57 -07:00
Becca Petrin 7927cc3a43
Update elasticdb.html.md 2019-06-17 11:24:42 -07:00
Becca Petrin 17a682da40 Merge branch 'opensource-master' into add-elasticsearch-auth 2019-06-17 11:12:51 -07:00
Becca Petrin fd2e859617 update doc to 7.1.1 2019-06-17 11:12:16 -07:00
Frederic Hemberger 8c5476fb0c Website(api/secret/identity): Fix whitespace in JSON examples (#6889) 2019-06-16 09:26:37 -04:00
Jason O'Donnell d2e620ae70
Fix multiline jwt config setup example (#6873) 2019-06-12 13:34:26 -04:00
Yoko 2b81ea64c3
Adding vault kv command doc (#6845)
* Adding vault kv command doc

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/destroy.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/destroy.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/undelete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

* Update website/source/docs/commands/kv/delete.html.md

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>
2019-06-10 10:41:55 -07:00
Yoko daebe65d1c
upgrade guide warning about downgrading (#6836)
* upgrade guide warning about downgrading

* Changed the wording
2019-06-10 09:54:21 -07:00
Becca Petrin 5b9d49fc2d add elasticsearch database engine 2019-06-10 09:19:11 -07:00
Justin Weissig 0ae53eb5aa docs: minor fixes to improve sentence flow (#6839) 2019-06-06 08:25:59 -07:00
Lexman 9aa4662cec transit cache is an Interface implemented by wrapped versions of sync… (#6225)
* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* transit cache is an Interface implemented by wrapped versions of syncmap and golang-lru

* changed some import paths to point to sdk

* Apply suggestions from code review

Co-Authored-By: Lexman42 <Lexman42@users.noreply.github.com>

* updates docs with information on transit/cache-config endpoint

* updates vendored files

* fixes policy tests to actually use a cache where expected and renames the struct and storage path used for cache configurations to be more generic

* updates document links

* fixed a typo in a documentation link

* changes cache_size to just size for the cache-config endpoint
2019-06-04 15:40:56 -07:00
Justin Weissig fb75728c71 docs: minor spelling fix (#6818)
Fixed spelling: PostgresSQL/PostgreSQL.
2019-06-04 02:28:44 -05:00
Martin Lee 07978c08d6 Update pki-engine docs (#6238)
The user needs to set a decent TTL for the intermediate cert, otherwise all certs issued will be valid only for 30 minutes max.
2019-06-03 15:45:11 -05:00
Justin Weissig ff3e23e050 docs: fixed typos (#6809)
Fixed two typos: lifecyle + specfied.
2019-05-31 14:33:13 -05:00
Martin Lee b7dadc11e6 Add hard-won practical knowledge to the Okta notes (#6808) 2019-05-31 11:44:59 -05:00
Jim Kalafut 8f1eeda737
Fix OIDC API examples (#6803)
Fixes #6684
2019-05-30 21:50:34 -05:00
benz0 2e6686cc18 Explain owner role requirement (#6801) 2019-05-30 21:25:30 -05:00
Justin Weissig 3fc537da0b docs: spelling (#6799)
Fixed spelling: Specifiy/Specify.
2019-05-30 21:20:57 -05:00
Justin Weissig 7643eda03f docs: wording (#6798)
Fixed minor sentence flow: an sealed state -> a sealed state.
2019-05-29 19:13:13 -05:00
Justin Weissig 2d727a5640 docs: wording (#6746)
* docs: wording

Fixed wording: "lets create an"/"lets create a"

* Update website/source/docs/secrets/nomad/index.html.md

Co-Authored-By: Jeff Mitchell <jeffrey.mitchell@gmail.com>
2019-05-24 15:44:09 -04:00
Brian Shumate 543e149b8c Docs: Minor updates to PKI Secrets Engine (#6778)
* Docs: Minor updates to PKI Secrets Engine

- Update `ttl` and `max-lease-ttl` values from _43800_ which
  appears to be a typo, to _4380_; this helps avoid warnings
  like: "The expiration time for the signed certificate is
  after the CA's expiration time. If the new certificate is
  not treated as a root, validation paths with the
  certificate past the issuing CA's expiration time will
  fail." when following the Quick Start and using the tuned
  Root CA TTL of 8760h
- Change _my-role_ role name to _example-dot-com_ in **Setup**
  to help reduce confusion and match what is used in
  **Quick Start**

* ttl changes
2019-05-24 15:39:56 -04:00
Srikanth Venkatesh d08edf7483 Typo in concepts/policy-syntax (#6782) 2019-05-24 15:39:11 -04:00
Srikanth Venkatesh b9f67e5622 Fixed typo in documentation on vault internals/architecture (#6781) 2019-05-23 21:58:31 -07:00
nathan r. hruby 0762d9c6eb
fix indeting for mount options (#6780) 2019-05-23 19:09:52 -07:00
Joel Thompson 4e2ad1e568 docs: Fix Markdown formatting error in AWS Auth (#6745) 2019-05-15 21:12:08 -07:00
Jim Kalafut 1c507e3367
Update OIDC Provider Setup docs (#6739) 2019-05-15 11:57:18 -07:00
Justin Weissig e57866d558 docs: fixed typo (#6732)
Fixed typo: follwing/following.
2019-05-15 10:30:18 +02:00
Jeff Mitchell 4e83328aaf Fix recovery key backup path documentation 2019-05-14 10:58:19 -04:00
Rich FitzJohn 9b123dd352 Add link to R client on libraries list (#6722) 2019-05-13 16:14:49 -04:00
Justin Weissig cf3954f580 docs: fixed typo (#6721)
Fixed typo: appropiate/appropriate
2019-05-13 07:50:29 -04:00
Lexman b2850ac624
http timeout values are configurable (#6666)
* http timeout fields are configurable

* move return statement for server config tests outside of range loop

* adds documentation for configurable listener http_* values

* fixed some formatting for the docs markdown
2019-05-10 10:41:42 -07:00
bjorndolk e8f10814b6 Added HA backend for postgres based on dynamodb model (#5731)
Add optional HA support for postgres backend if Postgres version >= 9.5.
2019-05-10 12:48:42 -04:00
Jim Kalafut 826653e7f5
JWKS docs (#6645) 2019-05-09 13:32:50 -07:00
Justin Weissig 7bd9665a46 docs: better sentence flow (#6705)
Fixed for sentence flow: "When you bring up your server back up" to "When you bring your server back up".
2019-05-09 06:24:06 -04:00
Peter Souter 6623478406 Adds docs for session_token for awskms (#6691) 2019-05-07 08:27:06 -07:00
Mark Gritter 4b2193333a
Correct type for tls_skip_verify
Parses as boolean but needs to be represented as a string in configuration.
2019-05-06 16:02:36 -05:00
Travis Cosgrave 236d7c5e52 Add certificate auto-auth method to vault agent (#6652)
* adding auto auth for cert auth methods

* Adding Docs for Cert Auto-auth method

* fixes errors in docs

* wrong documentation title

* repariting a few typos in the docs and being very clear about where the certificates should be configured

* clarifying the name parameter documentation

* Fixes gofmt issues in command/agent.go

* Fix typo in docs

* Add nil check to Config for cert auto-auth and add test with and without a specified name
2019-05-06 10:39:27 -04:00
Justin Weissig 96ffab761e Fixed Typos (#6686)
Fixed typos: enviroment/environment x3.
2019-05-06 07:24:37 -04:00
Mark Gritter 91ed2c98a8
fix typo 2019-05-03 17:21:58 -05:00
Justin Weissig c18bf7709a Fixed Typo (#6678)
Fixed typo: telemtery/telemetry
2019-05-03 09:09:25 -07:00
Justin Weissig 15d8df84a0 Fixed Typo (#6672)
Fixed typo: overwritting/overwriting.
2019-05-02 11:59:01 -04:00
Russ Parsloe 86f39accf9 azurekeyvault doc fixed typos (#6663) 2019-05-01 13:37:01 -07:00
Justin Weissig 8d676312ee
Fixed Typo
Fixed typo: recomended/recommended.
2019-05-01 00:24:59 -07:00
Hugues Malphettes 520677fa9e [Doc]: PKI Fix allowed_uri_sans spelling mistake (#6660)
The doc of the PKI Role sample response currently reads:

`"allow_uri_sans": ["example.com","spiffe://*"],`

It should read:

  `"allowed_uri_sans": ["example.com","spiffe://*"],`
2019-04-30 17:48:51 -07:00
Justin Weissig e42e6d4ee3 Fixed Type (#6649)
Fixed typo. Changed procede to proceed.
2019-04-29 14:06:31 -07:00
Justin Weissig e2a0026964 Fixed Typo (#6650)
Fixed spelling: accesing/accessing.
2019-04-29 14:06:00 -07:00
Becca Petrin ba37546c08
Merge pull request #6642 from hashicorp/update-ad-docs
Update Active Directory secrets engine docs with new field
2019-04-29 13:48:09 -07:00
Becca Petrin e724d2f332 changes from feedback 2019-04-26 16:31:11 -07:00
Jim Kalafut 8f8ac67222
Minor GCP docs fixes (#6644) 2019-04-26 10:52:52 -07:00
Md Kamol Hasan 9b1b58f52a Add delete roleset option (#6635) 2019-04-26 10:48:34 -07:00
Justin Weissig 5737117129 Fixed typo (#6643)
Fixed type where zome should be zone.
2019-04-26 10:33:19 -07:00
Becca Petrin 7183bc9594 update ad docs with new field 2019-04-26 09:40:26 -07:00
Raja Nadar ffbe2c378d docs: added support for .net standard 2.0 as well (#6620)
.net standard 2.0 support
2019-04-23 14:50:16 -04:00
Becca Petrin 22a6e54957
Merge pull request #6380 from povils/aws_user_path
AWS add user_path option for role.
2019-04-23 09:05:35 -07:00
Brian Shumate e56a4b96bd Docs: add -type flag to token create command (#6621) 2019-04-23 10:58:50 +02:00
Brian Shumate 681d13fe27 Link directly to the hints (#6623)
* Link directly to the hints

* Wrap
2019-04-22 16:10:38 -07:00
Brian Shumate fb0a55614b Add type to documentation for create in token auth API (#6622)
* Add type to documentation for create in token auth API

* Wrapped
2019-04-22 12:15:21 -07:00
Povilas Susinskas 67f5bbe88f AWS backend: Add user_path option for role. 2019-04-22 18:07:21 +02:00
David Jiang 4381d922bb Update base64 decrypt command documentation (#6614)
* Update base64 decrypt command

* update to use --decode

* Apply suggestions from code review

Co-Authored-By: djiang <djiang09@gmail.com>
2019-04-18 22:40:13 -07:00
Brian Shumate 5aed4f0f76 Add some missing default values (#6611) 2019-04-18 22:24:20 -07:00
Brian Shumate 09aa4c7c15 Typo fixes (#6610) 2019-04-18 22:20:46 -07:00
Jeff Mitchell 9a7eb54a68 Merge branch '1.1.2' into master-oss 2019-04-18 18:49:49 -04:00
Jeff Mitchell fdea46f507 Prep for 1.1.2 2019-04-18 13:27:09 -04:00
Chris Hoffman b62468063a
Adding common prefix known issue to upgrade guide (#6575)
* Adding common prefix known issue to upgrade guide

* addressing feedback
2019-04-16 21:15:39 -04:00
Brian Kassouf e959b92040
Add known issue section to the upgrade guide (#6593) 2019-04-16 10:53:06 -07:00
Jeff Mitchell 213b9fd1cf Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
Becca Petrin 6ded269700
Merge pull request #6268 from hashicorp/6234-aws-region
Add region to CLI for generating AWS login data
2019-04-12 16:15:38 -07:00
Jeff Mitchell 8bcb533a1b
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Jim Kalafut 75480642cf
Update JWT docs for bound_claims improvements (#6559) 2019-04-12 14:08:02 -07:00
Becca Petrin f20772310b Merge branch 'opensource-master' into 6234-aws-region 2019-04-12 11:13:17 -07:00
Michel Vocks a24474df5f
Fixed small issues in identity group alias API docs (#6569) 2019-04-12 09:05:37 +02:00
Brian Kassouf 494a332e96
Add upgrade guide for 1.1.1 (#6573) 2019-04-11 17:34:40 -07:00
Jeff Mitchell 3fba024c5f Update audit hmac'ing information on website docs 2019-04-11 16:38:43 -04:00
Jeff Mitchell a7038a871e Prep for 1.1 2019-04-11 11:16:22 -04:00
Jim Kalafut 22587672ec
Minor updates to OIDC docs (#6551) 2019-04-08 15:08:55 -07:00
Kamol Hasan 307cc20712 Correct gcp api doc 2019-04-08 18:55:36 +06:00
Calvin Leung Huang 5b26b699db docs: add Usage section in Namespaces docs (#6542) 2019-04-06 12:22:48 -04:00
Becca Petrin 4a4eab50a1 Merge branch 'opensource-master' into 6234-aws-region 2019-04-03 11:37:33 -07:00
Jan Brun Rasmussen cb37b2b4f3 Update OIDC docs for Azure (#6524)
Add section for configuration of external groups for Azure AD
2019-04-03 08:27:55 -07:00
Naoki Ainoya 7f488601f8 fix typo in gcpckms.html.md, cloudkms.cryptoKeys.get (#6515)
ref: https://github.com/hashicorp/vault/pull/6327/files#r270674452
2019-04-02 10:45:23 -07:00
Gavin Williams 197e717c29 [docs] Fix a minor issue with Azure secrets docs (#6517)
This will ensure that the docs render correctly.
2019-04-02 10:09:07 -05:00
Jim Kalafut 8a237e3ea5
Clarify config option wording (#6503)
Fixes #6123
2019-04-01 16:14:12 -07:00
ncabatoff 6652235e2a Highlight a sometimes surprising Vault behaviour: token revocation leads (#6489)
to lease revocation.
2019-04-01 15:34:30 -07:00
Becca Petrin 339cfcaaf8 merge master 2019-04-01 13:52:44 -07:00
Alessandro De Blasis c96362d466 agent: allow AppRole Auto-Auth when bind_secret_id = false (#6324)
* agent: allow AppRole Auto-Auth when bind_secret_id = false
2019-04-01 16:27:54 -04:00
Daniel Andrei Mincă e8f14b6554 grammar fix and space stripping (#6507)
- remove the 'a' and comma from 'When using a Auto Unseal, there are...'
  because everything needs to be in a single sentence
- strip extra spaces after end of propositions (there were 2 spaces
  instead of normally 1)

Resolves:
Related:
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
2019-04-01 08:23:46 -04:00
Matias Ozdy 63705661b4 Add missing = in dynamodb_table tf (#6493) 2019-03-28 08:24:56 -07:00
Jim Kalafut bc48dd1cc8
Update OIDC docs (#6485) 2019-03-27 11:47:05 -07:00
Thomas Kula 5a3937f9c1 Small typo fix to transit.html.md (#6482) 2019-03-26 17:32:26 -05:00
ncabatoff 5579e3cea5 Document sentinel namespace "token.namespace". (#6429) 2019-03-26 12:22:49 -07:00
Ryan Canty b72e3b8de1 Fixed typo in GCP auth docs (#6461)
* Fixed typo in GCP auth docs
2019-03-25 14:12:09 -04:00
Jeff Mitchell 1a191d80ff Update text around seal migration in 1.1 2019-03-25 12:44:22 -04:00
Jim Kalafut ac9885053e
Fix sidebar order (#6464) 2019-03-23 17:00:44 -05:00
Sean Malloy 29f3e0ed62 Add Docs For Prometheus Metrics (#6434)
Prometheus metrics were added as part of the Vault v1.1.0 release in PR #5308.
But no documentation was created. Adds the telemetry configuration docs and
the API docs.
2019-03-23 16:53:43 -05:00
Jeff Mitchell cdcd269b47 Add missing serial_number parameter from pki docs 2019-03-23 12:14:32 -04:00
Laura Gjerman-Uva 6193d4a0ac update AWS Auth API docs to show that role_id is the default for ec2_alias and iam_alias (auth/aws/config/identity endpoint) (#6460) 2019-03-22 15:09:54 -05:00
Jeff Mitchell 602d1e1a75
Remove response code info from non-overview API docs as it can be misinterpreted and is always the same anyways (#6459) 2019-03-22 11:15:37 -05:00
Alex Sherwin c545e863fc Fixed grammatical issue in Auth Methods overview (#6456) 2019-03-22 10:36:14 -05:00
Jeff Mitchell 0794d89d9d Minor updates to JWT docs 2019-03-22 01:15:59 -04:00
Alex Sherwin 8e2942258f Fixing grammar in behavioral overview (#6451) 2019-03-21 20:49:52 -07:00