d6cf73e6cd
changelog++
2020-09-25 17:21:43 -07:00
26e8627cfc
Use us-gov-west-1 for global APIs in aws-us-gov ( #9947 )
...
* Use us-gov-west-1 for global APIs in aws-us-gov
Certain partition-global AWS services, like IAM, seem to require
specific regions. In the regular 'aws' partition, this is us-east-1. In
the 'aws-us-gov' partition, this is us-gov-west-1. Providing
us-gov-east-1 returns an error from AWS:
SignatureDoesNotMatch: Credential should be scoped to a valid region, not 'us-gov-east-1'.
This resolves a problem where AWS authentication could randomly fail
depending on the value cached by Vault at startup.
2020-09-25 17:13:26 -07:00
1d1011bc9f
changelog++
...
1.5.5 section
2020-09-25 15:18:27 -04:00
a1a9889f81
changelog++
2020-09-25 14:32:49 -04:00
2ba19c3f16
Update k8s auth docs for new parameter ( #9992 )
...
Adds info about the disable_local_ca_jwt parameter.
Co-authored-by: Clint <catsby@users.noreply.github.com>
2020-09-25 11:17:28 -07:00
44b255ab61
Updating version for website to 1.5.4 ( #10040 )
2020-09-25 13:50:09 -04:00
8b20c04eb1
Update to vault-plugin-auth-kubernetes@master ( #10004 )
2020-09-24 15:44:06 -07:00
a8cbda1713
Add retry to TestPostgresqlBackend ( #10032 )
2020-09-24 16:19:11 -05:00
34b7b4bde6
changelog++
...
Updated with security content for new 1.5.4 and 1.4.7.
2020-09-24 16:46:10 -04:00
da34497041
changelog++
2020-09-24 13:37:48 -07:00
db99f5a14f
Move entries to correct release.
2020-09-23 16:23:33 -07:00
427cca9ce9
changelog++
2020-09-23 16:10:27 -07:00
0bf207f96c
changelog++
2020-09-23 18:04:12 -05:00
7c34eeada8
changelog++
2020-09-23 15:59:00 -07:00
41d8c89169
[DBPW 5/X] Use AutoMTLS with DB plugins ( #10008 )
2020-09-23 16:08:03 -06:00
ffcff10151
changelog++
2020-09-23 12:34:15 -07:00
b0d3d9bf49
Update lease timer logic ( #10030 )
2020-09-23 11:46:22 -07:00
64d899da52
Update CHANGELOG.md ( #10029 )
2020-09-23 19:13:21 +01:00
3fb20ed529
Logging tweaks, mostly for tests ( #10028 )
...
Fix some places where raft wasn't hooking into the core logger as it should.
Revisited the code that was setting the log level to Error during cleanup: it's normal for there to be a bunch of errors then, which makes it harder to see what went wrong up to the point where the test was deemed to have failed. So now, instead of setting log level to Error, we actually stop logging altogether. This only applies if the test didn't pass in its own logger during cluster creation, but we should be moving away from that anyway.
2020-09-23 13:40:00 -04:00
c595244482
Normalize format output for vault status [VAULT-508] ( #9976 )
...
* normalize format output for vault status
* interim commit
* interim commit
* make formatting idiomatic
* clean up comments
* added formatting test
* updated comments in format test to match godocs
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MBP.hitronhub.home>
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-23 10:30:01 -07:00
b29acbc605
Update version_base.go
2020-09-22 15:59:03 -07:00
3f30fc5f4e
Port changes from enterprise lease fix ( #10020 )
2020-09-22 14:47:13 -07:00
3cc15ba146
changelog++
2020-09-22 14:17:10 -07:00
1c3d915042
changelog++
2020-09-22 15:02:39 -05:00
38ae7efca3
Switch to PerfStandby() where possible. ( #9993 )
2020-09-22 14:48:30 -05:00
a20fe5c066
moved the documentation to kv2 page ( #10017 )
...
Co-authored-by: HridoyRoy <hridoyroy@Hridoys-MacBook-Pro.local>
2020-09-22 11:58:00 -07:00
60fefde1ac
changelog++
2020-09-22 14:36:25 -04:00
201fc8fd4d
Add content-sha256 as a default allowed STS header ( #10009 )
...
Also, alphabetize those headers... just because.
2020-09-22 10:02:37 -07:00
f8599a1670
changelog++
2020-09-22 09:57:34 -04:00
b634e1964d
fix missing plaintext in bulk decrypt response ( #9991 )
...
Decrypting an ciphertext where its corresponding value equals empty, the payload property "plaintext" is missing in the response object. This fixes the problem by adding a new, distinct struct for decrypt batch response items where "omitempty" is not set.
2020-09-22 09:43:07 -04:00
15e608c0ed
Update AD secret engine docs for root cred rotation ( #9990 )
2020-09-21 16:21:14 -07:00
2289c9ef1d
CRUD for transform alphabets ( #9989 )
...
includes tests for templates and alphabets
2020-09-21 15:36:07 -05:00
9190860cc0
docs: Change sidebar labeling to use Integrated Storage ( #10002 )
...
I changed some verbiage in the page as well.
2020-09-21 15:55:36 -04:00
6a23328308
changelog++
2020-09-21 12:00:21 -07:00
daa2c2b1e4
changelog++
2020-09-21 13:56:51 -04:00
4f3c833b94
Vendor diff
2020-09-21 13:43:21 -04:00
9eb1fb1df4
minor only ha_storage clarification ( #10001 )
2020-09-21 13:06:03 -04:00
9b3e244e40
Fix doc formatting. ( #9994 )
2020-09-21 10:01:43 -07:00
60e0cbbc37
[DBPW 4/X] Update DB engine to support v4 and v5 interfaces with password policies ( #9878 )
2020-09-18 15:10:54 -06:00
f01f053c34
changelog++
2020-09-18 13:32:08 -07:00
a8dcc3e6d9
changelog link
2020-09-18 14:53:23 -05:00
5b1df8c60b
changelog ++
2020-09-18 14:52:41 -05:00
2872702995
Use a longer timeout for DeriveActiveCore in the hopes that giving more time will allow for raft leader election failure to recover. ( #9988 )
2020-09-18 11:07:35 -04:00
27c7a77624
When expiration attempts to revoke a cert that's not in storage (perhaps due to pki tidy), don't treat that as an error. Let the lease get expired. ( #9880 )
2020-09-17 16:15:03 -04:00
0f77d0e282
Move the code that creates Consul containers out of teststorage. This allows importers of teststorage that don't need consul to run as a non-docker test. ( #9975 )
2020-09-17 15:44:29 -04:00
abdf5dfded
Force docker API version to use. ( #9985 )
2020-09-17 15:24:31 -04:00
41bf752080
Ui/transform templates ( #9981 )
...
Add CRUD capabilities on transform templates. Disallow read or edit for built-ins.
2020-09-17 14:08:06 -05:00
64301d3b22
Allow for testing Consul with a different repo that requires auth. ( #9983 )
2020-09-17 13:05:24 -04:00
539cf44b9b
Replace GF(256) division with a constant time impl ( #9932 )
2020-09-16 17:36:52 -05:00
8d830fc772
Upgrade bolt to get 543c40ab41 to avoid panics in tests. ( #9964 )
2020-09-16 15:35:43 -04:00
Jim Kalafut