3b0ba609b2
Converting key_usage and allowed_domains in PKI to CommaStringSlice ( #3621 )
2017-12-11 13:13:35 -05:00
0ee55dde52
Remove duplicate link in ToC ( #3671 )
2017-12-11 12:52:58 -05:00
b5d21ebdae
Cross reference pki/cert in a few places.
2017-12-11 11:10:28 -05:00
2aa576149c
Small typo relating to no_store in pki secret backend ( #3662 )
...
* Removed typo :)
* Corrected typo in the website related to no_store
2017-12-07 10:40:21 -05:00
41f03b466a
Support MongoDB session-wide write concern ( #3646 )
...
* Initial work on write concern support, set for the lifetime of the session
* Add base64 encoded value support, include docs and tests
* Handle error from json.Unmarshal, fix test and docs
* Remove writeConcern struct, move JSON unmarshal to Initialize
* Return error on empty mapping of write_concern into mgo.Safe struct
2017-12-05 15:31:01 -05:00
892a0cb5e0
Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key ( #3632 )
2017-12-04 12:12:58 -05:00
5a9d8c60ac
Docs: Update /sys/policies/ re: beta refs to address #3624 ( #3629 )
2017-12-04 12:10:26 -05:00
f762d0615e
Remove beta notice
2017-12-04 08:25:16 -08:00
fd2464c410
Fix spelling ( #3609 )
...
changed "aomma" to "comma"
2017-12-04 10:53:58 -05:00
605efa37e9
update relatedtools, add Goldfish UI. ( #3597 )
...
Add link to Goldfish a web UI for Vault.
2017-12-04 10:51:16 -05:00
ff2c8d4865
Fix docs for Transit API ( #3588 )
2017-12-04 10:34:05 -05:00
d81a39ab99
Update cassandra docs with consistency value.
...
Fixes #3361
2017-12-02 14:18:23 -05:00
7b14f41872
Fix docs up to current standards
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:53:42 +00:00
b3799697a2
Rename policy into policies
2017-11-29 16:31:17 +00:00
a6d3119e3e
Pull master into f-nomad
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:56:37 +00:00
5f02a64206
docs: encryption/decryption now supports asymmetric keys ( #3599 )
2017-11-21 12:25:28 -05:00
00dfc1c4de
Docs: Remove 'none' as algorithm options ( #3587 )
2017-11-15 09:09:45 -05:00
85a5a75835
Add token_reviewer_jwt to the kubernetes docs ( #3586 )
2017-11-14 13:27:09 -08:00
b3a7d8ecf3
adding licensing docs ( #3585 )
2017-11-14 16:15:09 -05:00
8fedef3d99
Docs change for Policy API ( #3584 )
...
vault 0.9.0 deprecated the term `rules` in favor of the
term `policy` in several of the /sys/policy APIs.
The expected return state of 200 SUCCESS_NO_DATA only happens
if the `policy` term is used. A response including the
deprecation notice and a 204 SUCCESS_WITH_DATA status code
is returned when `rules` is applied.
2017-11-14 14:26:26 -05:00
7ac167f8a4
Sync docs
2017-11-14 06:13:11 -05:00
5d976794d4
API refactoring and doc updates ( #3577 )
...
* Doc updates and API refactoring
* fix tests
* change metadata fieldtype to TypeKVPairs
* Give example for TypeKVPairs in CLI for metadata
* Update API docs examples to reflect the native expected value for TypeKVPairs
* Don't mention comma separation in the docs for TypeCommaStringSlice
* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias
* Address review feedback
* Fix formatting
* fix sidebar links
2017-11-13 20:59:42 -05:00
645c068011
transit doc update ( #3564 )
2017-11-09 16:17:54 -05:00
b7deec2bec
Add docs for /sys/rekey-recovery-key ( #3520 )
2017-11-08 14:22:30 -05:00
01ff6293e0
Doc fix for Create/Update Token API ( #3548 )
...
`orphan` is intended to be default to False. Docs indicate this
is default to True. Simple change to update the docs only.
2017-11-07 18:06:44 -05:00
2c8cd19e14
auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive ( #3291 )
2017-11-06 17:12:07 -05:00
de8c0dce99
minor cleanup
2017-11-06 16:34:20 -05:00
57c9afa357
added AWS enpoint handling ( #3416 )
2017-11-06 13:31:38 -05:00
d7305a4681
Add note on support for using rec keys on /sys/rekey ( #3517 )
2017-11-06 12:18:15 -05:00
17310654a1
Add PKCS8 marshaling to PKI ( #3518 )
2017-11-06 12:05:07 -05:00
5a317a1a32
Updated documentation
2017-11-06 15:13:50 +00:00
93917743df
Update SSH list roles docs ( #3536 )
2017-11-03 18:00:46 -04:00
e4e4a7ba67
Capabilities responds considering policies on entities and groups ( #3522 )
...
* Capabilities endpoint will now return considering policies on entities and groups
* refactor the policy derivation into a separate function
* Docs: Update docs to reflect the change in capabilities endpoint
2017-11-03 11:20:10 -04:00
06923430cc
docs: s/persona/alias ( #3529 )
2017-11-03 11:17:59 -04:00
52df62d4ff
Encrypt/Decrypt/Sign/Verify using RSA in Transit backend ( #3489 )
...
* encrypt/decrypt/sign/verify RSA
* update path-help and doc
* Fix the bug which was breaking convergent encryption
* support both 2048 and 4096
* update doc to contain both 2048 and 4096
* Add test for encrypt, decrypt and rotate on RSA keys
* Support exporting RSA keys
* Add sign and verify test steps
* Remove 'RSA' from PEM header
* use the default salt length
* Add 'RSA' to PEM header since openssl is expecting that
* export rsa keys as signing-key as well
* Comment the reasoning behind the PEM headers
* remove comment
* update comment
* Parameterize hashing for RSA signing and verification
* Added test steps to check hash algo choice for RSA sign/verify
* fix test by using 'prehashed'
2017-11-03 10:45:53 -04:00
a7acc23034
docs: Add config/ca delete operation ( #3525 )
2017-11-03 06:19:21 -04:00
d540985926
Unifying Storage and API path in role
2017-10-31 21:06:10 +00:00
963f516ac9
Fix C&P in docs.
...
Fixes #3454
2017-10-27 16:43:26 -04:00
5ff1485a3e
Correct typos in the sys/raw documentation ( #3484 )
2017-10-24 10:33:57 -04:00
83b1eb900a
More naming cleanup
2017-10-24 09:35:03 -04:00
7463ba73a5
Oops typo
2017-10-24 09:34:30 -04:00
926ca5c125
Update k8s documentation
2017-10-24 09:34:12 -04:00
51a27b758b
Resolve the most painful merge conflict known on earth
2017-10-24 09:34:12 -04:00
2982fdf7ca
Remove ?list examples
...
They are documented in the overall API section, but people should get used to seeing LIST as a verb
2017-10-24 09:32:15 -04:00
c5665920f6
Standardize on "auth method"
...
This removes all references I could find to:
- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend
in favor of the unified:
- auth method
2017-10-24 09:32:15 -04:00
0afff80b5e
Document mount types/values
2017-10-24 09:28:05 -04:00
e4065e33d2
copying general purpose tools from transit backend to /sys/tools ( #3391 )
2017-10-20 10:59:17 -04:00
6c6e2a3baa
Correct typo: DELET to DELETE ( #3452 )
2017-10-13 10:11:04 -04:00
af24163abd
Implement signing of pre-hashed data ( #3448 )
...
Transit backend sign and verify endpoints now support algorithm=none
2017-10-11 11:48:51 -04:00
a2808db1af
Fix docs ( #3449 )
2017-10-11 11:29:26 -04:00
d5decccbfe
Update index.html.md ( #3433 )
...
Fixed typo in json property used to create custom secret_id
2017-10-11 09:25:43 -04:00
cbe41b590f
add GCP APIs that need to be enabled to GCP auth docs, small doc fixes ( #3446 )
2017-10-11 09:18:32 -04:00
d7bb311db3
A few simple fixes for the Github API docs ( #3432 )
2017-10-06 06:13:47 -04:00
974332c2c5
upgrade ldap api docs to refrect 0.8.3 change to returned json of policies ( #3421 )
2017-10-04 15:40:28 -04:00
e3ce60eb1f
Allow entering PKI URLs as arrays. ( #3409 )
...
Fixes #3407
2017-10-03 16:13:57 -04:00
b207b76f14
Updated API Docs with the Global Token Parameter
2017-09-29 11:23:47 +01:00
f56e191020
Fix spelling errors ( #3390 )
2017-09-28 07:54:40 -04:00
43540e9c32
Fix grammatical error ( #3395 )
...
Also changed capitalization for consistency.
2017-09-28 06:28:48 -04:00
b1db3765ca
Kubernetes Docs Update ( #3386 )
...
* Update Kubnernetes Docs
* Add a note about alpha clusters on GKE
* Fix JSON formatting
* Update kubernetes.html.md
* Fix a few review comments
2017-09-27 14:02:18 -07:00
abcf4b3bb2
docs: Added certificate deletion operation API ( #3385 )
2017-09-26 20:28:52 -04:00
2b4561dccb
Adding Nomad Secret Backend API documentation
2017-09-21 09:18:35 -05:00
9b0d594d02
Kubernetes auth ( #3350 )
...
* Import the kubernetes credential backend
* Add kubernetes docs
* Escape * characters
* Revert "Import the kubernetes credential backend"
This reverts commit f12627a9427bcde7e73cea41dea19d0922f94789.
* Update the vendored directory
2017-09-19 09:27:26 -05:00
d4a5362835
Clarify backup data that is being stored ( #3345 )
2017-09-19 07:44:34 -05:00
ed3d75d0b1
Add GCE docs for GCP Auth Backend ( #3341 )
2017-09-19 07:44:05 -05:00
2abddb248e
Fix a few quirks in the GCP auth backend's docs. ( #3322 )
2017-09-19 07:41:41 -05:00
8529972bfb
Updated https://www.vaultproject.io/api/system/replication-dr.html#generate-dr-secondary-token to be a POST rather than GET. This was reported by a customer and I confirmed that this should be a logical.UpdateOperation rather than ReadOperation ( 24f2b961fd/vault/replication_api.go (L121)). ( #3342 )
2017-09-15 16:19:16 -04:00
1029ad3b33
Rename "generic" secret backend to "kv" ( #3292 )
2017-09-15 09:02:29 -04:00
a2d2f1a543
Adding support for base_url for Okta api ( #3316 )
...
* Adding support for base_url for Okta api
* addressing feedback suggestions, bringing back optional group query
* updating docs
* cleaning up the login method
* clear out production flag if base_url is set
* docs updates
* docs updates
2017-09-15 00:27:45 -04:00
9d73c81f38
Disable the `sys/raw` endpoint by default ( #3329 )
...
* disable raw endpoint by default
* adding docs
* config option raw -> raw_storage_endpoint
* docs updates
* adding listing on raw endpoint
* reworking tests for enabled raw endpoints
* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
2c640950e0
Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing ( #3331 )
...
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
2017-09-13 11:59:27 -07:00
cb6ac1e926
Change behavior of TTL in sign-intermediate ( #3325 )
...
* Fix using wrong public key in sign-self-issued
* Change behavior of TTL in sign-intermediate
This allows signing CA certs with an expiration past the signer's
NotAfter.
It also change sign-self-issued to replace the Issuer, since it's
potentially RFC legal but stacks won't validate it.
Ref: https://groups.google.com/d/msg/vault-tool/giP69-n2o20/FfhRpW1vAQAJ
2017-09-13 11:42:45 -04:00
cfa74e6a95
remove token header from login samples ( #3320 )
2017-09-11 18:14:05 -04:00
12cde76112
fix: add missing comma to payload ( #3308 )
2017-09-11 12:03:43 -04:00
c747caac2a
Fix cassandra tests, explicitly set cluster port if provided ( #3296 )
...
* Fix cassandra tests, explicitly set cluster port if provided
* Update cassandra.yml test-fixture
* Add port as part of the config option, fix tests
* Remove hostport splitting in cassandraConnectionProducer.createSession
* Include port in API docs
2017-09-07 23:04:40 -04:00
567f2ce1f1
Fix docs for Certificate authentication ( #3301 )
...
Fix discrepencies in the documentation for TLS Certificate
authentication. The Delete CRL method has a misleading title and
description.
2017-09-07 10:28:14 -04:00
25976b340e
Fixed small typo in RabbitMQ secret backend. ( #3300 )
...
Fixed `name` param for the Delete Role API in the RabbitMQ secret backend.
2017-09-07 10:00:32 -04:00
44bf03e3b6
Fix compile after dep update
2017-09-05 18:18:34 -04:00
e85e22b00e
Fixing the response sample for reading a plugin ( #3278 )
...
The plugin config data properties are returned immediately within the response's `data` object.
2017-09-01 08:34:54 -04:00
abb2ab2918
Add pki/root/sign-self-issued. ( #3274 )
...
* Add pki/root/sign-self-issued.
This is useful for root CA rolling, and is also suitably dangerous.
Along the way I noticed we weren't setting the authority key IDs
anywhere, so I addressed that.
* Add tests
2017-08-31 23:07:15 -04:00
6f417d39da
Normalize plugin_name option for mount and enable-auth ( #3202 )
2017-08-31 12:16:59 -04:00
194491759d
Updating Okta lib for credential backend ( #3245 )
...
* migrating to chrismalek/oktasdk-go Okta library
* updating path docs
* updating bool reference from config
2017-08-30 22:37:21 -04:00
caf90f58d8
auth/aws: Allow wildcard in bound_iam_principal_id ( #3213 )
2017-08-30 17:51:48 -04:00
21a15204bd
Fix API/AUTH/AppRole doc issue concerning bound_cidr_list ( #3205 )
...
This patch fixes a little documentation issue.
bind_cidr_list doesn't exist as parameter to AppRole creation. It should be "bound_cidr_list".
In "path-help" it is documented correctly.
2017-08-29 12:37:20 -04:00
525c124d69
Add missing code ending to Sample Payload ( #3239 )
2017-08-25 12:34:12 -04:00
d88aefc64f
Fix typo ( #3237 )
2017-08-25 09:51:33 -04:00
bf9658ec61
fix docs formatting
2017-08-24 11:23:26 -04:00
27598ce960
Add GET variant on LIST endpoints ( #3232 )
2017-08-23 17:59:22 -04:00
da19d2941f
add new php client to the doc ( #3206 )
2017-08-21 13:07:03 -04:00
ba98b60e41
Fix typo in AppRole API page ( #3207 )
2017-08-18 10:46:29 -04:00
411419cbf8
plugins/backend/reload -> plugins/reload/backend ( #3186 )
2017-08-16 12:40:38 -04:00
ae75e39c44
Fix plugin docs ( #3185 )
...
* Fix plugin docs
* Add plugin_name to auth endpoint
2017-08-16 12:36:46 -04:00
4dc55474e6
Remove erroneous flag from hmac docs
2017-08-16 11:27:39 -04:00
c34a5b2e93
* Add ability to specify a plugin dir in dev mode ( #3184 )
...
* Change (with backwards compatibility) sha_256 to sha256 for plugin
registration
2017-08-16 11:17:50 -04:00
31a994e452
Initial GCP auth backend documentation ( #3167 )
2017-08-15 22:03:04 -04:00
0c2c078e48
Add PingID MFA docs ( #3182 )
2017-08-15 22:01:34 -04:00
89b81bcb4c
Oracle plugin docs ( #3131 )
...
* Add oracle database docs
* Add oracle database docs
* Fix commas in json output
* Update oracle.html.md
2017-08-15 17:24:01 -07:00
340fe4e609
Add permitted dns domains to pki ( #3164 )
2017-08-15 16:10:36 -04:00
e4eb6e9020
Make PKI root generation idempotent-ish and add delete endpoint. ( #3165 )
2017-08-15 14:00:40 -04:00
d25bc60feb
Update libraries ( #3160 )
...
* Remove vault-java which has better alternatives.
* Add ansible-vault, a zero dependency
[lookup-plugin](http://docs.ansible.com/ansible/latest/playbooks_lookups.html ) for ansible
2017-08-14 20:28:11 -04:00
09d0a894d7
docs: Fix the default value for 'generate_signing_key'
2017-08-14 12:39:11 -04:00
Chris Hoffman