Commit graph

294 commits

Author SHA1 Message Date
Ross Vandegrift c0885b0dfc
Doc: provide info on postgres secrets connection config (#8516)
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-03-20 11:24:02 -04:00
Karl Fischer a7eec55edf
add vsh to related tools page (#8566)
Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
2020-03-19 17:31:35 -04:00
Vishal Nayak df5c43d2c1
Raft telemetry (#8550)
* Raft telemetry

* Add descriptions and fix alignment

* Add leadership changes section

* Copy from Consul docs

* Minor changes
2020-03-17 12:51:05 -07:00
Vishal Nayak 5647f978f1
Raft cli docs (#8548)
* Raft cli docs

* s/raft/Raft

* s/raft/Raft

* Update website/pages/docs/commands/operator/raft.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Mention that shamir seal requires unseal keys

Co-authored-by: Meggie <m.ladlow@gmail.com>
2020-03-17 09:46:44 -04:00
Jeff Escalante f4de04d87e
Website Deps Upgrade (#8571)
* update dependencies

* breaking change update
2020-03-16 11:56:44 -07:00
Jim Kalafut b949dc622b
Update JWT docs (#8525) 2020-03-14 14:45:30 -07:00
Jim Kalafut 16ad0ded58
Update database docs (#8554)
Redshift was missing from the sidebars, as was a reference to static
roles in MongoDB.
2020-03-14 14:45:13 -07:00
Becca Petrin 450275f6dc
document disable_fast_negotiation (#8542) 2020-03-13 15:45:40 -07:00
Jeff Escalante 591e574838
release process improvements (#8564) 2020-03-13 15:42:56 -07:00
Yoko 0cee7306be
Fixes reported missing link (#8557) 2020-03-13 14:48:03 -07:00
Jeff Escalante 8890885b0d
add link checker, fix broken links (#8326) 2020-03-13 10:49:29 -07:00
Jonathan Neal 3043c3b14a
Add print styles (#8408)
Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-03-13 10:14:08 -07:00
Jonathan Neal 7442b22f41
Replace internal ProductSubnav with @hashicorp/react-subnav (#8473) 2020-03-13 10:00:18 -07:00
ncabatoff fedfb3d171
Add a note about http_max_conns_per_client. (#8344) 2020-03-13 07:50:00 -04:00
Jeff Mitchell 8dd936d738
Remove the versus section on the website. (#8538)
* Remove the versus section on the website.

We don't keep it maintained, it's very out of date, and we don't really
like comparing ourselves to other software anyways; it's not fair to
describe other software or solutions in ways that may not align with
how they want to be described.

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-03-12 18:17:15 -04:00
Daniel Spangenberg 8007845ba4
Fix SRV Lookups (#8520)
* Pin HTTP Host header for all client requests
* Drop port map scheme
* Add SRV Lookup environment var
* Lookup SRV records only when env var is specified
* Add docs

Co-Authored-By: Michel Vocks <michelvocks@gmail.com>
2020-03-11 14:22:58 +01:00
Jim Kalafut 0f2aa1401c
Update LDAP docs for anonymous_group_search (#8501) 2020-03-09 13:21:28 -07:00
Jim Kalafut 4aae569e36
Update JWT docs (#8513)
Add mention of new CLI parameters.
2020-03-09 13:19:25 -07:00
Jim Kalafut 3b21385937
Add docs for GCP Secrets rotate root operation (#8514) 2020-03-09 13:09:03 -07:00
Daniel Spangenberg cf16f3e1a8
Document MSSQL revocation behaviour (#8506)
See #7725
2020-03-09 15:09:15 +01:00
Jason O'Donnell f4fffa8bb8
doc: update openldap with racf schema support (#8491) 2020-03-06 14:46:33 -08:00
Becca Petrin 8da5bb27dd
Docs for Kubernetes Helm with Vault Enterprise (#8283) 2020-03-06 13:36:06 -08:00
Caine Jette 1fa482e20a
Fix wording in help text (#8438)
Add "at" in "the UI is accessible at the following URL"

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
2020-03-06 08:26:18 -08:00
Brian Shumate 9c3b2f6cc8
API Docs: edits to OpenLDAP secrets engine (#8490)
- Fix typo
- Remove trailing spaces
2020-03-06 10:18:44 -05:00
Brian Kassouf 5481ffe13b
Update raft.mdx 2020-03-05 17:02:31 -08:00
Brian Kassouf d71584a64d
Doc: Raft retry join (#8448)
* Doc: Raft retry join

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Brian Kassouf <briankassouf@users.noreply.github.com>

* Address review feedback

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-03-05 16:47:10 -08:00
Jason O'Donnell f9c03dbb71
docs: update vault k8s to 0.3.0 (#8479)
* docs: update vault k8s to 0.3.0

* Update descriptions

* Clarify init-first annotation description

* Update website/pages/docs/platform/k8s/injector/annotations.mdx

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-03-05 11:21:01 -05:00
Brian Kassouf c70310896d
Add some integrated raft storage docs (#8417)
* Add migration docs for raft storage

* Add link to cluster addr config parameter

* Add raft internals page

* Fix page headers

* Add performance_multiplier docs

* Add a few more raft config options

* Add default value

* Add not about join using seals

* Update website/pages/docs/commands/operator/migrate.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Vishal Nayak <vishalnayak@users.noreply.github.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Update website/pages/docs/internals/integrated-storage.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Update website/pages/docs/configuration/storage/raft.mdx

Co-Authored-By: Meggie <m.ladlow@gmail.com>

* Review feedback

Co-authored-by: Vishal Nayak <vishalnayak@users.noreply.github.com>
Co-authored-by: Meggie <m.ladlow@gmail.com>
2020-03-04 12:58:51 -08:00
Jim Kalafut 47dd9c0d36
Correct GCP auth permissions list. (#8454)
Remove `listInstances`, which isn't a valid permission.
2020-03-02 21:43:07 -08:00
Calvin Leung Huang 59cd954206
docs: add audit non-hmac-* flags to command docs (#8250) 2020-03-02 11:36:10 -05:00
Mike Green 0e08162cd2
adding prometheus info to make more self-service (#8312) 2020-03-02 11:21:50 -05:00
Stuart Purgavie 5b09fc6c43
Remove unintentional duplicate string (#8430)
Same string noted in documentation twice, updating to expected string based on context.
2020-02-28 14:48:53 -05:00
Jim Kalafut 6c5b85d59d
Minor docs update (#8428) 2020-02-27 00:11:05 -05:00
Jim Kalafut 6e7cd0580c
Add MongoDB API docs (#8389) 2020-02-22 11:39:36 -08:00
Jason O'Donnell d7fbd85fd5
docs: add enterprise note to k8s service discovery (#8410) 2020-02-21 17:12:27 -05:00
Theron Voran 17efdd6336
docs: vault-helm 0.4.0 updates (#8318)
Updated docs for vault-helm 0.4.0 configuration changes, and helm 3
support (dropping helm 2). Also some spelling changes, and shortened
page titles for the k8s helm examples.
2020-02-21 12:10:38 -08:00
Becca Petrin 24ae59b317
correct the okta docs (#8403) 2020-02-21 11:13:42 -08:00
Jim Kalafut 1bc1b45c07
Update identity token docs (#8398)
`client_id` is configurable as of version 1.4.
2020-02-21 10:59:09 -08:00
Jason O'Donnell 587b331d8f
docs: add openldap secret engine (#8388)
* docs: add openldap secret engine

* Update format of types

* Add to sidebars

* Fix formatting
2020-02-21 10:55:15 -05:00
tionebsalocin 5db4f3d55d
[Doc] Fix curl example syntax in the plugins reload backend (#8380)
documentation
2020-02-21 13:01:59 +01:00
Vishal Nayak 348cf9f52f
Seal Migration doc update (#8405) 2020-02-21 06:57:48 -05:00
Daniel Fanara 2980d06e5a
Docs: Add port paramter to MSSQL docs (#8402) 2020-02-21 08:55:21 +01:00
Calvin Leung Huang e9ff1dc23a
website: add alert box for 1.4.0-beta1 (#8400)
* website: add alert box for 1.4.0-beta1

* fix prerelease notification

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-02-20 16:46:31 -08:00
Angel Garbarino 971826a646
Add API documentation about the sys/internal/counters endpoints (#8390) 2020-02-19 14:47:53 -07:00
Becca Petrin 13a44b2e0b
Add docs for Kubernetes service discovery feature (#8374)
* add docs for kube service discovery

* give example with env vars only

* improve doc flow

* strip note about active being sometimes applicable
2020-02-19 13:34:18 -08:00
Jim Kalafut c263f7beb1
Update API docs for OIDC form_post mode (#8373) 2020-02-19 09:21:29 -08:00
Markus Nilsson d8ea61f91a
Docs: Fix anchor link to Generating JWTs (#8368) 2020-02-18 13:11:48 +01:00
JulesRenz c54c8c92bd
RSA3072 implementation in transit secrets engine (#8151)
* RSA3072 implementation in transit secrets engine

* moved new KeyType at the end of the list
So already stored keys still work properly

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-15 14:40:50 -08:00
Gerardo Di Giacomo 8573eefe90
enabling TLS 1.3 support for TCP listeners (#8305)
* adding support for TLS 1.3 for TCP listeners

* removed test as CI uses go 1.12

* removed Cassandra support, added deprecation notice

* re-added TestTCPListener_tls13
2020-02-15 11:40:18 -08:00
Clint 39f1d26902
Docs enforce autoauth token (#8270)
* rename UseAutoAuthForce to ForceAutoAuth, because I think it reads better

* Document 'ForceAuthAuthToken' option for Agent Cache

* Update website/pages/docs/agent/caching/index.mdx

Co-Authored-By: Jim Kalafut <jkalafut@hashicorp.com>

* Add additional tests around use_auto_auth=force and add documentation

* remove note, it's no longer correct

Co-authored-by: Jim Kalafut <jim@kalafut.net>
2020-02-14 15:48:12 -06:00
Clint d3cda0fe2c
Guard against using Raft as a seperate HA Storage (#8239)
* Guard against using Raft as a seperate HA Storage

* Document that Raft cannot be used as a seperate ha_storage backend at this time

* remove duplicate imports from updating with master
2020-02-14 14:25:53 -06:00
Jim Kalafut 0ab4c138c2
Update identity API docs (#8351) 2020-02-13 23:29:32 -08:00
Michael Golowka 635b957e76
Add x509 Client Auth to MongoDB Database Plugin (#8329)
* Mark deprecated plugins as deprecated

* Add redaction capability to database plugins

* Add x509 client auth

* Update vendored files

* Add integration test for x509 client auth

* Remove redaction logic pending further discussion

* Update vendored files

* Minor updates from code review

* Updated docs with x509 client auth

* Roles are required

* Disable x509 test because it doesn't work in CircleCI

* Add timeouts for container lifetime
2020-02-13 15:54:00 -07:00
Michael Golowka ee2843a3b2
Update Oracle DB secrets docs to reflect support for static roles (#8168)
* Fix typos

* Update Oracle DB secrets docs to show support for Static Roles

* Add warning about username case sensitivity

* Remove warning about casing

* Fix typo

Co-Authored-By: Becca Petrin <beccapetrin@gmail.com>

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 15:11:33 -07:00
Jeff Malnick 27ad920399
Add redshift database plugin (#8299)
* feat: add redshift database plugin

* build: update vendored libraries

* docs: add reference doc for redshift variant of the database secrets engine

* feat: set middlewear type name for better metrics naming (#8346)

Co-authored-by: Becca Petrin <beccapetrin@gmail.com>
2020-02-13 09:42:30 -08:00
Darshana Sivakumar ef687a97a6 Adding a new replication metric (WAL GC counter) (#8241)
* Adding a new replication metric (WAL GC counter)

Adding a new line about the vault.replication.wal.gc metric

* Update website/pages/docs/internals/telemetry.mdx

Co-authored-by: Brian Kassouf <briankassouf@users.noreply.github.com>
2020-02-07 23:04:59 -08:00
Jim Kalafut 2ee7b76469
Bundle MongoDB Atlas (#8309) 2020-02-07 14:09:39 -08:00
Michel Vocks 3a4d330f64
Return error when a standby node receives a metrics request (#8280)
* Return error when a standby node receives a metrics request

* fix test

* Add documentation note
2020-02-07 09:30:25 +01:00
Vlad Ungureanu 1081446ac9
Update vault azure api docs (#8276)
By reading the code looks like `subscription_id` and `resource_group_name` are required in the end https://github.com/hashicorp/vault-plugin-auth-azure/blob/master/path_login.go#L192-L194.
2020-02-06 12:51:34 -08:00
Brian Choy 85877e52a4
Fix typo in vault agent injector example docs (#8302)
Fix mispelling of `annotation`.
2020-02-05 15:57:09 -08:00
ncabatoff cfcb9d2218
Update seal migration docs re limitations and different scenarios (#8298) 2020-02-05 15:30:04 -05:00
Dan Lafeir fe80e136da
Add a specific reference to AWS IAM Unique Identifiers (#8209)
* Add specification about AWS IAM Unique Identifiers

We experienced an issue where IAM roles resources were re-provisioned with the same ARNs and no change had been made to our vault role configuration but users lost access with `-method=aws`. It wasn't immediately clear to us how IAM Unique Identifiers where being used to avoid the same situations outlined in the AWS documentation. We eventually concluded that re-provisioning the roles in our auth/aws/auth would fetch the new IAM Unique Identifiers. 

I hope that this small amendment helps people avoid this problem in the future.
2020-02-04 15:31:48 -08:00
Jamie Finnigan fa2544cf5e
fix <name> entity encoding for Secrets Engines Metrics section (#8290) 2020-02-04 15:06:10 -08:00
glerb 4f25ed2b08
Improve clarity of IAM flow explanation (#8275) 2020-02-03 10:14:09 -08:00
ncabatoff 03b14d8a64
Upgrade okta sdk lib (#8143)
Upgrade to new official Okta sdk lib.  Since it requires an API token, use old unofficial okta lib for no-apitoken case. 

Update test to use newer field names.  Remove obsolete test invalidated by #4798.  Properly handle case where an error was expected and didn't occur.
2020-02-03 12:51:10 -05:00
Jason O'Donnell 8f2347f93a
docs: update vault k8s to 0.2.0 (#8269)
* doc: update vault-k8s to 0.2.0

* Add debugging note
2020-01-31 11:22:39 -05:00
Daniel Spangenberg 1c1d93a21c
Fix default max_open_connections for db plugins (#8262) 2020-01-30 17:33:04 +01:00
Sarai 74a6d02a89
Fix broken link (#8259)
- https://www.vaultproject.io/api/secret/pki/index.html#create-update-role
- https://www.vaultproject.io/api/secret/pki/index.html#createupdate-role
2020-01-30 08:12:24 -08:00
Raoof Mohammed 0b7afcc728
docs: fix api path for merge entity identity doc (#8258) 2020-01-29 08:56:36 -08:00
Michel Vocks f695eb737b
Add Consul TLS options to access API endpoint (#8253) 2020-01-29 09:44:35 +01:00
Michel Vocks 96a6857f0c
Docs: Add nomad TLS options (#8254) 2020-01-29 09:38:54 +01:00
Chris Hoffman 0ebf3c3e40
fixing static pdf compliance letter (#8248) 2020-01-27 15:40:55 -05:00
Theron Voran 890f4b63a6
Show bound_service_accounts in gce example (#8236)
Shows that the GCP auth option `bound_service_accounts` can be used
for gce-type roles as well as iam.
2020-01-27 11:48:21 -08:00
Daniel Spangenberg eea26c6af1
Clarify the k8s helm run docs (#8235) 2020-01-27 14:54:59 +01:00
Chris Hoffman efb2152759
Adding pricing module note for enterprise features (#8217)
* adding pricing module note for enterprise features

* fixing incorrectly committed go.mod
2020-01-24 19:18:22 -05:00
Becca Petrin fc09eb1e6b
Add Kerberos agent docs (#8220)
* add kerberos agent docs

* use relative doc link
2020-01-24 14:40:41 -08:00
Nicole Forrester c5cbb43f39 Website: Update diagram images (#8214) 2020-01-24 14:52:26 -05:00
Aaron Bedra ddf38d8391 Fix example url for sys/wrapping/rewrap (#8222) 2020-01-23 21:09:53 -08:00
Mike Ruth eb592f05fb Update API to include roleset TTL parameter (#8231)
Include documentation on including the TTL parameter for service account key rolesets. [Associated PR](https://github.com/hashicorp/vault-plugin-secrets-gcp/pull/54)
2020-01-23 17:54:28 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- 8a8f9029d6
Update Kubernetes docs to include Kubernetes Auth method (#8046)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Split examples into individual pages

* Add Kubernetes Auth Method example

* Remove old examples file

* Fix rebase fail

* Remove global section of yaml files that aren't needed

* Fix minor typos

* Fix typos that didn't get carried over from previous PR

* Re-copy from previous examples file to resolve rebase issues

* update dependencies

Co-authored-by: Jeff Escalante <jescalan@users.noreply.github.com>
2020-01-23 13:14:01 -07:00
Jeff Escalante 3511bf8293 [website] fix a couple broken links (#8190)
* fix a couple broken links

* extra redirect

* another shot at redirects
2020-01-22 12:31:42 -08:00
Jeff Escalante 0062ad382d [website] implement postgres/secrets redirect (#8208)
* add secrets/postgresql redirect

* change name of old path

* ensure deprecated pages are not indexed by search engines

* remove deprecated page from navigation
2020-01-22 12:29:37 -08:00
Jeff Escalante 4f87851926 [website] Link Cleaning (#8205)
* update dependencies

* remove hard-coded vaultproject.io on local links

* remove 'index.html' from internal links

* remove '.html' at end of internal links

* manual review cleanup

Co-authored-by: Calvin Leung Huang <cleung2010@gmail.com>
2020-01-22 12:05:41 -08:00
Clint 3b39b30e12
cleanup formatting on database index doc (#8207) 2020-01-22 09:57:03 -06:00
Calvin Leung Huang ffd90709f3
docs: update entropy augmentation page (#8185)
* docs: update entropy augmentation page

* remove .html extension in links

* remove .html extension in links
2020-01-21 15:05:53 -08:00
Michael Golowka OR 1=1); DROP TABLE users; -- d9ed6b845c
Improve Helm chart example for standalone with TLS configuration (#8022)
* Improve standalone with TLS example

- Documented creating a key & cert for serving Vault endpoints
- Removed unneeded configuration in custom values.yaml
- Updated examples to 1.3.0

* Add 127.0.0.1 to CSR

* Grammar & minor formatting

* Add additional DNS entry for CSR

* Fix typos, formatting, and other minor issues

* Use correct header depth for Helm Configuration

Co-Authored-By: Theron Voran <tvoran@users.noreply.github.com>

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2020-01-21 15:44:14 -07:00
Clint b7c2acccd9
Website: Fix configuration links from Helm run docs (#8201) 2020-01-21 13:30:35 -06:00
DDd d1b4082fb3 Fix k8s docs for running standalone (#8199)
* instruction for HA was actually for standalone.
2020-01-21 19:46:33 +01:00
Clint 6b16f7521a
update 'learn about the configuration options' link (#8146) 2020-01-21 12:06:42 -06:00
Mikko Ekström 1f034ee380 Fix typo in YAML markup (#8194) 2020-01-20 16:39:51 +01:00
Jim Kalafut fdb7416b02
Fix typo (#8192)
Fixes #8189
2020-01-18 20:18:57 -08:00
Daniel Spangenberg c64c2bf512
Fix k8s injector examples (#8179) 2020-01-18 14:47:18 +01:00
Becca Petrin aebfdc7516
Strip unnecessary payload in AD root cred rotation example (#8160)
* strip unnecessary payload in example

* strip other unnecessary payload
2020-01-17 16:49:36 -08:00
Jeff Escalante df34412570 New Website! (#8154)
* new documentation website

* ci job adjustment

* update to latest version on downloads page

* remove transition-period scripts

* add netlify toml file

* fix docs patch

* fix ci config?

* revert go.mod changes

* a couple last markdown formatting fixes
2020-01-17 16:18:09 -08:00