Jeff Mitchell
c461652b40
Address some feedback from review
2015-11-19 09:51:18 -05:00
Jeff Mitchell
ed62afec14
Large documentation updates, remove the pathlength path in favor of
...
making that a parameter at CA generation/sign time, and allow more
fields to be configured at CSR generation time.
2015-11-19 09:51:18 -05:00
Jeff Mitchell
ea676ad4cc
Add tests for intermediate signing and CRL, and fix a couple things
...
Completes extra functionality.
2015-11-19 09:51:17 -05:00
Jeff Mitchell
1c7157e632
Reintroduce the ability to look up obfuscated values in the audit log
...
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).
In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)
Fixes #784
2015-11-18 20:26:03 -05:00
Jeff Mitchell
45e7e61d71
Update audit documentation around what hash is used
2015-11-18 10:42:42 -05:00
Jeff Mitchell
1a45696208
Add no-default-policy flag and API parameter to allow exclusion of the
...
default policy from a token create command.
2015-11-09 17:30:50 -05:00
Jeff Mitchell
10913e2e6b
Update cert documentation to note requiring sudo access.
2015-11-06 16:09:42 -05:00
Jeff Mitchell
ffa879d6e2
Update S3 docs
2015-11-06 09:26:09 -05:00
Jeff Mitchell
08dbc70c9f
Switch etcd default port to 2379, in line with 2.x.
...
Fixes #753
2015-11-05 09:47:50 -05:00
Sander van Harmelen
4ad533a5ba
Add a line to the documentation to describe the new feature
2015-11-04 15:36:24 +01:00
Jeff Mitchell
a4322afedb
Merge pull request #746 from hashicorp/issue-677
...
Add a PermitPool to physical and consul/inmem
2015-11-03 15:26:58 -05:00
Jeff Mitchell
7f44a1b812
Add configuration parameter for max parallel connections to Consul
2015-11-03 15:26:07 -05:00
Jeff Mitchell
73e3aa1d64
Add create-orphan to documentation
2015-11-03 15:15:33 -05:00
Jeff Mitchell
d3f7546602
Fix trailing whitespace complaints
2015-11-03 10:52:20 -05:00
Jeff Mitchell
f0a25ed581
Clarify that CRLs are not fetched by Vault
2015-11-03 10:52:20 -05:00
Jeff Mitchell
154fc24777
Address first round of feedback from review
2015-11-03 10:52:20 -05:00
Jeff Mitchell
59cc61cc79
Add documentation for CRLs and some minor cleanup.
2015-11-03 10:52:20 -05:00
Jeff Mitchell
e2d4a5fe0f
Documentation update around path/key name encryption.
...
Make it clear that path/key names in generic are not encrypted.
Fixes #697
2015-10-29 11:21:40 -04:00
Jeff Mitchell
c1d8b97342
Add reset support to the unseal command.
...
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.
Fixes #695
2015-10-28 15:59:39 -04:00
Jeff Mitchell
57290b6d92
Minor format fix in environment documentation
2015-10-28 09:56:28 -04:00
Jason Antman
c7ff26b650
add documentation for GitHub Auth Backend 'ttl' and 'max_ttl' parameters
2015-10-23 09:30:48 -04:00
Jason Antman
b27e80d090
add GitHub Enterprise base_url to docs
...
In https://github.com/hashicorp/vault/issues/716 @jefferai confirmed that the GitHub Auth Backend supports GitHub enterprise using an undocumented ``base_url`` parameter. This adds that parameter to the relevant documentation page.
2015-10-23 09:18:07 -04:00
Jeff Mitchell
0168ce491b
Update token documentation to better explain token durations
2015-10-22 13:02:37 -04:00
Jeff Mitchell
189b72c3ba
Document the renew-self call
2015-10-21 10:53:20 -04:00
Jeff Mitchell
bc40e652bf
Remove revoke-self from sys API documentation as it's in the token-store instead
2015-10-21 10:46:41 -04:00
Jeff Mitchell
9f0b1547bb
Allow disabling the physical storage cache with 'disable_cache'.
...
Fixes #674 .
2015-10-12 13:00:32 -04:00
Seth Vargo
50f720bc06
Remove tabs from terminal output
...
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
2015-10-12 12:10:22 -04:00
vishalnayak
644a655920
mysql: made max_open_connections configurable
2015-10-01 21:15:56 -04:00
vishalnayak
2051101c43
postgresql: Configurable max open connections to the database
2015-10-01 20:11:24 -04:00
Colin Rymer
e2b157aa79
Remove redundant wording for SSH OTP introduction.
2015-09-30 10:58:44 -04:00
Jeff Mitchell
62ac518ae7
Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend.
2015-09-25 10:41:21 -04:00
Jeff Mitchell
af27a99bb7
Remove JWT for the 0.3 release; it needs a lot of rework.
2015-09-24 16:23:44 -04:00
Jeff Mitchell
e38c21e0ca
Documentation fix for global TTLs
2015-09-24 12:17:26 -04:00
Jeff Mitchell
8fa7d3bd0b
Add revoke-self to docs
2015-09-24 12:05:00 -04:00
Dominic Luechinger
89511e6977
Fixes docs for new JWT secret backend
2015-09-24 16:47:17 +02:00
Spencer Herzberg
54c62fe5aa
docs: pg username not prefixed with vault-
...
due to
05fa4a4a48
,
vault no longer prefixes the username with `vault-`
2015-09-22 10:14:47 -05:00
Jeff Mitchell
a5f52f43b1
Minor doc update to SSH
2015-09-21 16:26:07 -04:00
Jeff Mitchell
29c722dbb6
Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values
2015-09-21 16:14:30 -04:00
Jeff Mitchell
3eb38d19ba
Update transit backend documentation, and also return the min decryption
...
value in a read operation on the key.
2015-09-21 16:13:43 -04:00
Jeff Mitchell
ca33cd8423
Add API endpoint documentation to cubbyhole
2015-09-21 16:13:36 -04:00
Jeff Mitchell
273f13fb41
Add API endpoint documentation to generic
2015-09-21 16:13:29 -04:00
Jeff Mitchell
59ba17c601
Add clarity to the lease concepts document.
2015-09-21 08:56:26 -04:00
Jeff Mitchell
801e531364
Enhance transit backend:
...
* Remove raw endpoint from transit
* Add multi-key structure
* Add enable, disable, rewrap, and rotate functionality
* Upgrade functionality, and record creation time of keys in metadata. Add flag in config function to control the minimum decryption version, and enforce that in the decrypt function
* Unit tests for everything
2015-09-18 14:41:05 -04:00
Jeff Mitchell
8f79e8be82
Add revoke-self endpoint.
...
Fixes #620 .
2015-09-17 13:22:30 -04:00
Jeff Mitchell
538852d6d6
Add documentation for cubbyhole
2015-09-15 13:50:37 -04:00
vishalnayak
142cb563a6
Improve documentation of token renewal
2015-09-11 21:08:32 -04:00
Jeff Mitchell
ace611d56d
Address items from feedback. Make MountConfig use values rather than
...
pointers and change how config is read to compensate.
2015-09-10 15:09:54 -04:00
Jeff Mitchell
488d33c70a
Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation
2015-09-10 15:09:54 -04:00
Jeff Mitchell
4239f9d243
Add DynamicSystemView. This uses a pointer to a pointer to always have
...
up-to-date information. This allows remount to be implemented with the
same source and dest, allowing mount options to be changed on the fly.
If/when Vault gains the ability to HUP its configuration, this should
just work for the global values as well.
Need specific unit tests for this functionality.
2015-09-10 15:09:54 -04:00
Jeff Mitchell
f4239556d2
Merge pull request #508 from mfischer-zd/webdoc_environment
...
docs: Document environment variables
2015-09-09 11:29:10 -04:00
Michael S. Fischer
24a5127fab
docs: Document environment variables
2015-09-08 11:59:58 -07:00
Brian Lalor
2ae48fa586
Remove unused param to 'vault write aws/roles/deploy'
...
The name is taken from the path, not the request body. Having the duplicate key is confusing.
2015-09-06 06:57:39 -04:00
Armon Dadgar
4eaacaf546
Merge pull request #590 from MarkVLK/patch-1
...
Update mysql docs markdown to fix grammar error
2015-09-04 19:13:50 -07:00
MarkVLK
fae51d605f
Update transit docs markdown to add missing word
...
Added the presumably missing *decrypt* from "encrypt/data" in the first sentence.
2015-09-04 17:11:34 -07:00
MarkVLK
cd292d5372
Update mysql docs markdown to fix grammar error
...
Changed "... used to **generated** those credentials" to "... used to **generate** those credentials."
2015-09-04 17:05:45 -07:00
Seth Vargo
6f248425a6
Update documentation around cookies
2015-09-03 10:36:59 -04:00
Vishal Nayak
d4609dea28
Merge pull request #578 from hashicorp/exclude-cidr-list
...
Vault SSH: Added exclude_cidr_list option to role
2015-08-28 07:59:46 -04:00
vishalnayak
b12a2f0013
Vault SSH: Added exclude_cidr_list option to role
2015-08-27 23:19:55 -04:00
Jeff Mitchell
a4fc4a8e90
Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470 .
2015-08-27 12:24:37 -07:00
vishalnayak
fbff20d9ab
Vault SSH: Docs for default CIDR value
2015-08-27 13:10:15 -04:00
vishalnayak
702a869010
Vault SSH: Provide key option specifications for dynamic keys
2015-08-27 11:41:29 -04:00
Jeff Mitchell
8669a87fdd
When using PGP encryption on unseal keys, encrypt the hexencoded string rather than the raw bytes.
2015-08-26 07:59:50 -07:00
Jeff Mitchell
b940d214bd
Merge pull request #568 from ctennis/add_some_s3_info
...
Make it clear for physical S3 backend we support instance profiles as well.
2015-08-26 09:03:38 -04:00
Jeff Mitchell
cc232e6f79
Address comments from review.
2015-08-25 15:33:58 -07:00
Jeff Mitchell
0b580d0521
Update website documentation for init and rekey with secret_pgp_keys API option
2015-08-25 14:52:13 -07:00
Caleb Tennis
6c30f9a0f9
Make it clear we support instance profiles as well, the existing docs seem to indicate static credentials are required
2015-08-25 06:47:07 -07:00
Jeff Mitchell
ea9fbb90bc
Rejig Lease terminology internally; also, put a few JSON names back to their original values
2015-08-20 22:27:01 -07:00
Jeff Mitchell
0fa783f850
Update help text for TTL values in generic backend
2015-08-20 17:59:30 -07:00
Jeff Mitchell
b57ce8e5c2
Change "lease" parameter in the generic backend to be "ttl" to reduce confusion. "lease" is now deprecated but will remain valid until 0.4.
...
Fixes #528 .
2015-08-20 16:41:25 -07:00
Vishal Nayak
beca9f1596
Merge pull request #385 from hashicorp/vishal/vault
...
SSH Secret Backend for Vault
2015-08-20 10:03:15 -07:00
Bernhard K. Weisshuhn
86cde438a5
avoid dashes in generated usernames for cassandra to avoid quoting issues
2015-08-20 11:15:28 +02:00
vishalnayak
76ed3bec74
Vault SSH: 1024 is default key size and removed 4096
2015-08-19 12:51:33 -07:00
vishalnayak
1f5062a6e1
Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault
2015-08-19 12:16:37 -07:00
Armon Dadgar
f351cd5ee0
Merge pull request #531 from mfischer-zd/fix_doc_tls
...
Clarify availability of tls_min_version
2015-08-18 19:01:28 -07:00
vishalnayak
b5cda4942b
Vault SSH: doc update
2015-08-18 11:50:32 -07:00
vishalnayak
b91ebbc6e2
Vault SSH: Documentation update and minor refactoring changes.
2015-08-17 18:22:03 -07:00
vishalnayak
9db318fc55
Vault SSH: Website page for SSH backend
2015-08-14 12:41:26 -07:00
Michael S. Fischer
0e0cdeed75
Clarify availability of tls_min_version
...
`tls_min_version` doesn't work in the current Vault release;
make that clear.
2015-08-13 08:35:09 -07:00
vishalnayak
93dfa67039
Merging changes from master
2015-08-12 09:28:16 -07:00
vishalnayak
0abf07cb91
Vault SSH: Website doc v1. Removed path_echo
2015-08-12 09:25:28 -07:00
Erik Kristensen
2233f993ae
initial pass at JWT secret backend
2015-08-06 17:49:44 -06:00
Armon Dadgar
f58f46c243
Merge pull request #439 from geckoboard/feature-tls-mysql
...
Using SSL to encrypt connections to MYSQL
2015-08-05 14:52:43 -07:00
Armon Dadgar
4d08cfdf6f
Merge pull request #469 from kgutwin/f-config-defaultlease
...
Add configuration options for default lease duration and max lease duration
2015-08-04 10:06:41 -07:00
Vivien Schilis
9db7426002
Add documentation for the tls_ca_file option
2015-08-04 05:10:33 +00:00
Rusty Ross
719ac6e714
update doc for app-id
...
make clearer in doc that user-id can accept multiple app-id mappngs as comma-separated values
2015-08-03 09:44:26 -07:00
Armon Dadgar
473668a1a0
Merge pull request #482 from chiefy/master
...
Adding vaulted nodejs library to libraries section in docs.
2015-07-31 15:13:44 -07:00
Long Nguyen
e666b5c624
added golang client
2015-07-31 17:10:38 -04:00
Christopher Najewicz
c5c7926af6
Adding vaulted nodejs library to libraries section in docs.
2015-07-31 14:31:26 -04:00
Armon Dadgar
03728af495
Merge pull request #464 from bgirardeau/master
...
Add Multi-factor authentication with Duo
2015-07-30 17:51:31 -07:00
Bradley Girardeau
aa55d36f03
Clean up naming and add documentation
2015-07-30 17:36:40 -07:00
Karl Gutwin
4bad987e58
PR review updates
2015-07-30 13:21:41 -04:00
Karl Gutwin
151ec72d00
Add configuration options for default lease duration and max lease duration.
2015-07-30 09:42:49 -04:00
Armon Dadgar
1535a21198
Merge pull request #384 from dkaffee92/feature/storage-backend-consul-configuration
...
allow specifying certificates used to talk to consul for storage backend
2015-07-29 14:41:53 -07:00
Fabian Ruff
41106d9b69
fix doc for pki/revoke API
2015-07-29 14:28:12 +02:00
Bradley Girardeau
112f98d86f
mfa: cleanup website documentation
2015-07-28 12:25:01 -07:00
Bradley Girardeau
6c24a000a3
mfa: add website documentation
2015-07-28 11:00:57 -07:00
Daniel Kaffee
a6f828ba0a
made documentation a bit more clear
2015-07-28 15:50:43 +03:00
Daniel Kaffee
4146be770c
refactor code
2015-07-28 14:55:33 +03:00
Armon Dadgar
83729a3bd9
website: fixing details about HA backends
2015-07-24 12:11:45 -07:00
Armon Dadgar
80e59089ba
Merge pull request #449 from JustinLaRose/master
...
Cassandra secret backend doc update for connection config
2015-07-23 13:42:59 -07:00
Armon Dadgar
eeb623bca0
Merge pull request #447 from kgutwin/f-tlsvers
...
Specify Vault listener minimum TLS version
2015-07-23 13:42:42 -07:00
Armon Dadgar
9ec3cefea9
Merge pull request #433 from infame-io/feature/s3_sts
...
Granting S3 backend temporary access
2015-07-23 13:33:58 -07:00
Karl Gutwin
3a5e036727
Document warning for using lower TLS versions
2015-07-23 11:54:45 -04:00
Lauro Balderas
436dfd464d
S3 backend session token documentation updated
2015-07-23 22:53:20 +10:00
Justin LaRose
361f10f79e
Cassandra secret backend doc update for connection config - "hosts" instead of "host"
2015-07-23 03:07:29 -04:00
Karl Gutwin
1096f5a53e
Avoid unnecessary abbreviation
2015-07-22 23:28:46 -04:00
Karl Gutwin
9c963a0632
TLS minimum version documentation
2015-07-22 23:21:18 -04:00
Armon Dadgar
63fcb61145
Merge pull request #419 from nbrownus/telemetry_names
...
Disable hostname prefix for runtime telemetry
2015-07-22 15:38:23 -07:00
Bradley Girardeau
e8d26d244b
ldap: change setting user policies to setting user groups
2015-07-20 11:33:39 -07:00
Bradley Girardeau
1e1d4ba66d
ldap: add documentation for setting policies based on user
2015-07-14 16:13:40 -07:00
Nate Brown
65dc78ba35
Docs for the telemetry object
2015-07-14 15:45:45 -07:00
Bradley Girardeau
0e2edc2378
ldap: add ability to login with a userPrincipalName (user@upndomain)
2015-07-14 15:37:46 -07:00
Armon Dadgar
3042452def
website: fixing lots of references to vault help
2015-07-13 20:12:09 +10:00
Armon Dadgar
7be012b8b6
website: help command is now path-help
2015-07-13 20:03:29 +10:00
Armon Dadgar
26937498f6
physical/zk: Fixing node representation. Fixes #416
2015-07-13 19:33:23 +10:00
Armon Dadgar
8dd9478e14
website: fixing documentation errors. Fixes #412
2015-07-13 19:10:44 +10:00
Armon Dadgar
2da54da6ed
website: update HA status, discourage ZK
2015-07-13 19:01:32 +10:00
Matt Button
76bc988e50
Remove documentation that was copied from the terraform project
2015-07-12 16:52:24 +00:00
mootpt
872593d1e1
fixed secrets backend url
...
minor doc fix
2015-07-06 11:11:58 -07:00
mootpt
f782e7382e
pointed authentication backend to proper location
...
pointed authentication backend to proper location
2015-07-06 10:42:14 -07:00
Armon Dadgar
70cd3d1206
Merge pull request #400 from hashicorp/f-glob
...
Change ACL semantics, use explicit glob and deny has highest precedence
2015-07-06 11:15:49 -06:00
Armon Dadgar
768a6e33b0
website: clarify changes in addition to feedback
2015-07-06 11:10:09 -06:00
Armon Dadgar
0be3d419c8
secret/transit: address PR feedback
2015-07-05 19:58:31 -06:00
Armon Dadgar
01b0257c5f
website: update for glob matching
2015-07-05 17:43:13 -06:00
Armon Dadgar
f4d555a2ba
website: document derived keys in secret/transit
2015-07-05 14:47:16 -07:00
Armon Dadgar
0521c6df6c
http: support ?standbyok for 200 status on standby. Fixes #389
2015-07-02 17:49:35 -07:00
Bradley Girardeau
42050fe77b
ldap: add starttls support and option to specificy ca certificate
2015-07-02 15:49:51 -07:00
Armon Dadgar
3c58773598
Merge pull request #380 from kgutwin/cert-cli
...
Enable TLS client cert authentication via the CLI
2015-06-30 11:44:28 -07:00
Armon Dadgar
b8f2e8d498
website: document insecure_tls for LDAP backend
2015-06-30 09:42:18 -07:00
Jeff Mitchell
42b90fa9b9
Address some issues from code review.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:27:23 -04:00
Karl Gutwin
70fc49be84
Website docs.
2015-06-30 09:18:39 -04:00
Jeff Mitchell
fccbc587c6
A Cassandra secrets backend.
...
Supports creation and deletion of users in Cassandra using flexible CQL queries.
TLS, including client authentication, is supported.
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-30 09:04:01 -04:00
Jeff Mitchell
e086879fa3
Merge remote-tracking branch 'upstream/master' into f-pki
2015-06-19 13:01:26 -04:00
Jeff Mitchell
a6fc48b854
A few things:
...
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-19 12:48:18 -04:00
Armon Dadgar
28ddff305c
physical/mysql: cleanup and documentation
2015-06-18 14:31:00 -07:00
Jeff Mitchell
34f495a354
Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-18 15:22:58 -04:00
Armon Dadgar
7e6f44e39e
website: document transit upsert behavior
2015-06-17 18:51:58 -07:00
Armon Dadgar
93ee9f6b76
website: update the transit documentation
2015-06-17 18:45:29 -07:00
Jeff Mitchell
49f1fdbdcc
Merge branch 'master' into f-pki
2015-06-16 13:43:25 -04:00
Armon Dadgar
07df5c251d
Merge pull request #341 from ryancurrah/ryancurrah-doc-transit-echofix
...
Do not output the trailing newline in encoding.
2015-06-15 17:36:01 -07:00
Seth Vargo
db178571eb
Document longest-prefix match
...
Fixes https://github.com/hashicorp/vault/issues/331
2015-06-15 14:29:20 -04:00
Ryan Currah
c232fee6b3
Do not output the trailing newline in encoding.
...
Added -n to echo command to prevent newlines from showing up in encoding.
2015-06-13 12:03:57 -04:00
Jeff Mitchell
e17ced0d51
Fix a docs-out-of-date bug.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-12 16:33:00 -04:00
Jeff Mitchell
db5354823f
Fix some out-of-date examples.
...
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-11 21:17:05 -04:00
Jeff Mitchell
1513e2baa4
Add acceptance tests
...
* CA bundle uploading
* Basic role creation
* Common Name restrictions
* IP SAN restrictions
* EC + RSA keys
* Various key usages
* Lease times
* CA fetching in various formats
* DNS SAN handling
Also, fix a bug when trying to get code signing certificates.
Not tested:
* Revocation (I believe this is impossible with the current testing framework)
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Jeff Mitchell
0d832de65d
Initial PKI backend implementation.
...
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint
Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
2015-06-08 00:06:09 -04:00
Justin Campbell
2a1eac837c
docs: Fix examples of auth via JSON
...
For both userpass and LDAP
2015-06-04 10:38:11 -04:00
Armon Dadgar
66ab2bbf54
Merge pull request #263 from sheldonh/iam-policy
...
List IAM permissions required by root credentials
2015-06-01 13:16:51 +02:00
Armon Dadgar
98cca9cb18
Merge pull request #261 from jsok/consul-lease
...
Add ability to configure consul lease durations
2015-06-01 13:04:28 +02:00
Armon Dadgar
82caf31532
Merge pull request #277 from hashicorp/f-rotate
...
Add support for key rotation
2015-06-01 12:52:32 +02:00
Seth Vargo
507f5b0114
Cleanup style on http index docs
2015-05-31 21:23:44 -07:00
Seth Vargo
4a41d05870
Merge pull request #271 from boncheff/f-doc-update-read-write-example
...
Update index.html.md
2015-05-31 21:20:34 -07:00
Seth Vargo
090de2c6d3
Merge pull request #279 from whit537/patch-1
...
Capitalize the first word of a sentence
2015-05-31 15:53:34 -07:00
Seth Vargo
7fd3d50f3e
Merge pull request #280 from whit537/patch-2
...
Put me in charge of dev mode :)
2015-05-31 15:53:24 -07:00
Chad Whitacre
b83f3f2d02
Provide missing verb
2015-05-31 17:19:34 -04:00
Chad Whitacre
2ee0e9c51b
REMOVE A SINGLE WHITESPACE CHARACTER
2015-05-31 16:21:39 -04:00
Chad Whitacre
bd4dce28b5
Remove quotes to match styling elsewhere
...
Cf. http://vaultproject.io/intro/getting-started/dynamic-secrets.html
2015-05-31 16:20:56 -04:00
Chad Whitacre
2e00c9dd27
fix line wrapping
...
Sorry!
2015-05-31 16:07:50 -04:00
Chad Whitacre
4aee92f5e4
Direct new users over to the getting started guide
...
I found myself on the dev server reference, when really I was more interested in the getting started guide. This link is intended to help others get back on the right track.
2015-05-31 16:06:58 -04:00
Chad Whitacre
ee4b84928e
Put me in charge of dev mode :)
...
- "You" as subject instead of "Vault"
- give the actual command
- minor formatting changes
2015-05-31 15:54:32 -04:00
Chad Whitacre
2e8967ce22
Capitalize the first word of a sentence
2015-05-31 14:22:57 -04:00
Armon Dadgar
b71226dfd7
website: document key rotation internals
2015-05-29 15:34:29 -07:00
Armon Dadgar
0563ac643e
website: document new system APIs
2015-05-29 15:05:05 -07:00
boncheff
a1e5330f78
Update index.html.md
...
Updated the docs to show an example of how to read/write a secret using the HTTP API
2015-05-28 22:28:25 +01:00
Armon Dadgar
e72ed2fa87
Merge pull request #269 from sheldonh/getting_started_deploy_consul
...
Use local Consul instance in deploy walkthrough
2015-05-28 10:06:36 -07:00
Sheldon Hearn
9126cf576f
Use local Consul instance in deploy walkthrough
...
As per hashicorp/vault#217 , demo.consul.io prevents sessions from being
created, which means you can't use it as a backend for Vault.
2015-05-28 14:11:34 +02:00
Sheldon Hearn
71c462b3b2
Clarify the disable_mlock option
2015-05-28 12:40:56 +02:00
certifiedloud
ac4763027b
replaced confusing term 'physical' with 'storage'.
2015-05-27 14:44:17 -06:00
Sheldon Hearn
89e7bb2569
Missed a few IAM permissions
2015-05-27 16:42:12 +02:00
Sheldon Hearn
3d2005ea56
List IAM permissions required by root credentials
2015-05-27 16:28:24 +02:00
Jonathan Sokolowski
2b1926f262
website: Update /consul/roles/ parameters
2015-05-27 09:54:15 +10:00
Armon Dadgar
5b587b979d
Merge pull request #259 from buth/etcd
...
etcd non-HA storage backend
2015-05-26 15:07:06 -07:00
Eric Buth
e4e4253d65
added etcd as a non-HA storage backend, updated documentation
2015-05-26 13:38:25 -04:00
Ian Unruh
2a6dd3225c
Add libraries section to HTTP docs
2015-05-22 14:32:14 -07:00
Ian Unruh
bb9f7c47ff
Add read field flag to documentation
2015-05-22 11:33:28 -07:00
Armon Dadgar
e2ff72795e
website: doc cleanup
2015-05-20 17:42:29 -07:00
Armon Dadgar
8c75cc83e3
Merge pull request #242 from jstremick/f-physical-s3-backend
...
Physical S3 backend implementation
2015-05-20 17:00:44 -07:00
joe miller
fd57ca0e39
fix doc example to submit valid json in POST body
...
I don't know if there is some version of curl that auto-generates json but the example didn't work for me on curl 7.32.0. Submitting the data as JSON works though.
2015-05-20 13:11:54 -07:00
James Stremick
53979d6f30
Physical S3 backend implementation
2015-05-20 10:59:03 -04:00
Aaron Bedra
ed9b44bb44
Fix typo in app-id docs
2015-05-20 09:36:54 -05:00
Seth Vargo
05e59edb02
Merge pull request #239 from ijin/patch-1
...
Document that Vault Server needs to be running for vault help path
2015-05-20 12:28:31 +02:00
Michael H. Oshita
e2a923a887
Document that Vault Server needs to be running for vault help path
...
Confused initial, I tried running `vault help secret` by itself and found out that the server needs to be running to execute this command.
Furthermore, the client needs `VAULT_ADDR` configured (`http://127.0.0.1:8200 ` in dev mode, since it uses https by default) to interact with the server.
2015-05-20 17:06:59 +09:00
Daniel McCarney
c7bf89cf60
Add missing word to storage backend threat model.
2015-05-19 12:11:48 -07:00
Daniel McCarney
af1aabe397
Fix "the a lease ID" typo.
2015-05-19 12:07:07 -07:00
Daniel McCarney
dc5e1a714a
Fix "all everything" typo in Secrets description.
2015-05-19 11:59:20 -07:00
Ian Unruh
c0409b69ae
Remove non-existent unseal API argument
2015-05-18 19:59:18 -07:00
Armon Dadgar
9c916386de
Update github.html.md
...
Fixing incorrect documentation about case sensitivity
2015-05-18 09:37:31 -07:00
Armon Dadgar
3f3133b066
Merge pull request #204 from nrocine/master
...
Added implementation details to the GitHub Auth Docs on the Vault Website
2015-05-18 09:36:35 -07:00
Armon Dadgar
3b1df5a8ca
website: clarify the app-id parameters
2015-05-15 11:39:05 -07:00
Nils Rocine
6481c13bcc
Added details in the github auth docs for the website. These details clarify end-to-end use of the github auth backend. Specifically: noting how to create a usable GitHub PAT and an example of how to auth with the PAT.
2015-05-14 13:20:58 -07:00
Mitchell Hashimoto
20d27ca099
website: note PGP key
2015-05-11 11:34:38 -07:00
Armon Dadgar
96e3bac87a
website: Document overwrite behavior. Fixes #182
2015-05-11 10:58:29 -07:00
Mitchell Hashimoto
42d6b2a916
http: allow header for auth token [GH-124]
2015-05-11 10:56:58 -07:00
Armon Dadgar
fbcf0c2b64
website: Fixing doc error
2015-05-11 10:43:03 -07:00
Armon Dadgar
697a70ca48
website: Adding LDAP docs
2015-05-11 10:43:03 -07:00
Seth Vargo
83c869c5af
Cleanup userpass docs
2015-05-08 11:49:58 -04:00
Seth Vargo
f3c3f4717a
Remove references to -var
2015-05-08 11:45:29 -04:00
Mads R. Christensen
2fc8ab41e4
Fixed typo
2015-05-08 11:48:42 +02:00
Mads R. Christensen
37deb08a1a
Added more info about the userpass auth backend API endpoint
2015-05-08 11:45:21 +02:00
Armon Dadgar
19a54ea09a
Merge pull request #166 from Banno/remove-plugin-docs
...
remove unused plugin docs
2015-05-07 12:26:44 -07:00
Spencer Herzberg
71b8f7b779
remove unused docs
2015-05-07 14:20:33 -05:00
Seth Vargo
d2a6433270
Add instructions for enabling the auth first
2015-05-07 13:52:06 -04:00
Leo Cassarani
db10a974f6
Fix typo in docs: "it's" -> "its" [ci skip]
2015-05-07 11:08:03 +00:00
Armon Dadgar
9d7119d7d0
website: minor doc changes for zookeeper
2015-05-06 11:08:26 -07:00
Spencer Herzberg
8a4c2eb691
cleanup zk HA leftover docs
2015-05-05 17:22:43 -05:00
Spencer Herzberg
9793986357
properly default zk address to localhost
2015-05-05 17:20:38 -05:00
Spencer Herzberg
966204d73f
initial implementation of non-ha zookeeper
2015-05-05 16:49:18 -05:00
Seth Vargo
a21e9e544d
Merge pull request #144 from gotcha/patch-1
...
Typo
2015-05-05 08:43:43 -07:00
Seth Vargo
8a31b8081b
Merge pull request #145 from gotcha/patch-2
...
Word missing
2015-05-05 08:43:33 -07:00
Godefroid Chapelle
886533e856
Use singular
2015-05-05 09:16:30 +02:00
Godefroid Chapelle
2e92a23727
Word missing
2015-05-05 09:12:32 +02:00
Godefroid Chapelle
4da4aba1bf
Typo
2015-05-05 09:05:05 +02:00
Seth Vargo
1cd7e91bcc
s/consul/vault /cc @armon
2015-05-03 16:13:55 -04:00
Trevor Pounds
582677b134
Fix documentation typo.
2015-04-28 22:15:56 -07:00
jjshoe
8e182e4b97
I think you a word.
2015-04-28 18:05:40 -05:00
Mitchell Hashimoto
df41dd70a0
website: add disable_mlock flag
2015-04-28 15:13:07 -07:00
Emil Hessman
ba0225249e
website: fix typo
2015-04-28 20:42:53 +02:00
Mitchell Hashimoto
d873100562
website: we vendored
2015-04-28 11:40:36 -07:00
Mitchell Hashimoto
f3fd061ed0
Merge pull request #54 from pborreli/typos
...
website: fixed typos
2015-04-28 11:37:49 -07:00
Emil Hessman
04d09c34d2
website: merge
2015-04-28 20:36:27 +02:00
Pascal Borreli
0ec229a9c9
Fixed typos
2015-04-28 19:36:16 +01:00
AJ Bourg
cc10592dd4
Update architecture.html.md
...
Super trivial grammar fix.
2015-04-28 12:32:06 -06:00
Emil Hessman
3d5f3d1d70
website: address minor doc typos
2015-04-28 20:32:04 +02:00
Andrew Williams
b68244b252
website: fix small typo
2015-04-28 13:21:44 -05:00
Mat Elder
a7c0d26dea
msyql to consul on consul backend docs
2015-04-28 14:11:42 -04:00
Mitchell Hashimoto
5345d5ea82
website: remove unused files
2015-04-28 09:46:19 -07:00
Armon Dadgar
848433a355
audit/file: add log_raw parameter and default to hashing
2015-04-27 15:56:41 -07:00
Armon Dadgar
1403fb987b
website: Adding the syslog audit backend
2015-04-27 15:56:41 -07:00
Armon Dadgar
43083225d0
website: remove TODO from transit quickstart
2015-04-27 14:58:53 -07:00
Armon Dadgar
434305a6c2
secret/aws: Using roles instead of policy
2015-04-27 14:20:28 -07:00
Armon Dadgar
5edf8cf3a8
Do not root protect role configurations
2015-04-27 14:07:20 -07:00
Armon Dadgar
12e8c0f8cf
secret/postgres: secret/mysql: roles endpoints root protected
2015-04-27 14:04:10 -07:00
Armon Dadgar
816d981d1a
secret/consul: replace policy with roles, and prefix the token path
2015-04-27 13:59:56 -07:00
Armon Dadgar
6a38090822
secret/transit: rename policy to keys
2015-04-27 13:52:47 -07:00
Armon Dadgar
1a5b774527
website: Adding CIDR block config to app-id
2015-04-27 12:38:04 -07:00
Armon Dadgar
190b7f30e1
website: API consistency
2015-04-27 12:30:46 -07:00
Armon Dadgar
04421a5635
website: aws API
2015-04-27 12:26:23 -07:00
Armon Dadgar
b52f52ace6
website: make PG quickstart like MySQL
2015-04-27 12:16:07 -07:00
Armon Dadgar
4404dd2a8f
website: adding postgresql API docs
2015-04-27 11:17:13 -07:00
Armon Dadgar
61783663e4
website: document Consul APIs
2015-04-27 11:08:47 -07:00
Seth Vargo
a4b55bfc3e
Add Quick Start for Postgresql
2015-04-27 09:30:21 -04:00
Seth Vargo
0ffbd1f8ea
Add Quick Start for AWS
2015-04-27 09:29:16 -04:00
Armon Dadgar
6ac2c848d7
website: start consul api
2015-04-26 22:03:38 -07:00
Armon Dadgar
ea29b313e9
website: consul quickstart
2015-04-26 22:03:38 -07:00
Armon Dadgar
0e12fa9b68
website: adding mysql quickstart and API
2015-04-26 22:03:38 -07:00
Armon Dadgar
0d0aec7abd
website: quickstart + API for transit
2015-04-26 22:03:38 -07:00
Armon Dadgar
e58676128b
website: quickstart for generic
2015-04-26 22:03:38 -07:00
Armon Dadgar
102796bd6d
website: fix formating
2015-04-26 22:03:38 -07:00
Mitchell Hashimoto
6b306b597a
website: fix API styling for auth
2015-04-26 21:08:11 -07:00
Armon Dadgar
23ab2f6b9d
website: documenting token API
2015-04-25 20:21:59 -07:00