luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
4460 commits 1 branch 0 tags 214 MiB
Commit graph

708 commits

Author SHA1 Message Date
Jeff Mitchell d9c46aadc2 update docs 2016-08-26 17:52:42 -04:00
Jeff Mitchell 2f5876dfe9 Use key derivation for convergent nonce. (#1794) 
Use key derivation for convergent nonce.

Fixes #1792
 2016-08-26 14:11:03 -04:00
Jeff Mitchell 2ce4397deb Plumb through the ability to set the storage read cache size. (#1784) 
Plumb through the ability to set the storage read cache size.

Fixes #1772
 2016-08-26 10:27:06 -04:00
Jeff Mitchell aa5daadd67 Don't duplicate building info 2016-08-25 13:00:26 -04:00
Jeff Mitchell 9fee9ce8ff Don't allow tokens in paths. (#1783) 2016-08-24 15:59:43 -04:00
Adam Greene 66d3117cad fix aws-ec2 formatting around ttl (#1770) 2016-08-23 16:07:57 -04:00
Karl Falconer 6cbae1388e [Documentation] AppRole /login is unauthenticated (#1771) 2016-08-23 16:03:36 -04:00
Jeff Mitchell c64dba556c Swap push/pull. 2016-08-22 19:34:53 -04:00
Eric Peterson 6db65c317e Fix grammar (#1759) 2016-08-22 12:17:48 -04:00
Eric Peterson 9bd1a95850 Fix spelling (#1758) 2016-08-22 11:56:37 -04:00
S 7395fb02bc Update tokens.html.md 
Bullet points at the end were off (probably due to some line wrapping settings somewhere)
 2016-08-22 10:47:11 -04:00
Jeff Mitchell 3320aeb4f6 Update upgrade guide 2016-08-22 09:33:36 -04:00
vishalnayak dfe73733d5 Seperate endpoints for read/delete using secret-id and accessor 2016-08-21 14:42:49 -04:00
Jeff Mitchell 865ca94032 Initial fixups, not yet done 2016-08-20 22:39:41 -04:00
Jeff Mitchell 0029559ab0 Update location of LDAP docs in upgrade guide. 
Fixes #1656
 2016-08-19 10:31:31 -04:00
Jeff Mitchell c349e697f5 Change uninit/sealed status codes from health endpoint 2016-08-18 12:10:23 -04:00
Martin Forssen a617ff0f93 Mention ttl parameter in the documentation of /auth/aws-ec2/role/<role> 
This parameter was not documented
 2016-08-18 13:16:58 +02:00
Brian Shumate a941dbdd76 Add a bit of clarification 2016-08-17 16:07:30 -04:00
Jeff Mitchell 734e80ca56 Add permit pool to dynamodb 2016-08-15 19:45:06 -04:00
Matt Hurne 56252fb637 AppRole documentation tweaks (#1735) 
* Fix spelling error in AppRole docs

* Add force flag to sample command to generate a secret ID in AppRole docs

* Update sample output for AppRole login in docs
 2016-08-15 16:12:08 -04:00
Jeff Mitchell 37320f8798 Request forwarding (#1721) 
Add request forwarding.
 2016-08-15 09:42:42 -04:00
Jeff Mitchell 7497b37280 Completely revamp token documentation 2016-08-13 17:05:31 -04:00
Jeff Mitchell d2124486ef Merge pull request #1702 from hashicorp/renew-post-body 
Add ability to specify renew lease ID in POST body.
 2016-08-08 20:01:25 -04:00
Jeff Mitchell ab71b981ad Add ability to specify renew lease ID in POST body. 2016-08-08 18:00:44 -04:00
Jeff Mitchell 4f0310ed96 Don't allow root from authentication backends either. 
We've disabled this in the token store, but it makes no sense to have
that disabled but have it enabled elsewhere. It's the same issue across
all, so simply remove the ability altogether.
 2016-08-08 17:32:37 -04:00
Jeff Mitchell be39df9887 Update upgrade docs 2016-08-08 16:44:13 -04:00
Jeff Mitchell 606ba64e23 Remove context-as-nonce, add docs, and properly support datakey 2016-08-07 15:53:40 -04:00
Jeff Mitchell 21e39bfea6 Remove erroneous information about some endpoints being root-protected 2016-08-04 16:08:54 -04:00
Cameron Stokes 0b60375952 ~secret/aws: env variable and IAM role usage 2016-08-04 13:02:07 -07:00
Jeff Mitchell 1b0c9afc43 Update DB docs with new SQL specification options 2016-08-03 15:45:56 -04:00
vishalnayak 4f45910dfc disallowed_policies doc update 2016-08-02 16:33:22 -04:00
Jeff Mitchell b4386032db Fix up some wording 2016-08-02 16:25:00 -04:00
vishalnayak 75c51378ce Updated token auth docs with disallowed_policies 2016-08-02 15:33:03 -04:00
Jeff Mitchell 9902891c81 Alphabetize token store docs 2016-08-01 13:37:12 -04:00
Jeff Mitchell 357f2d972f Add some extra safety checking in accessor listing and update website 
docs.
 2016-08-01 13:12:06 -04:00
Chris Hoffman c1c35880da Missing prefix on roles list 2016-07-29 11:31:26 -04:00
Jan Dudulski 1e46b1cef0 Update revoke-prefix path in doc 
Minor update to make doc up to date with v0.6
 2016-07-29 12:17:24 +02:00
Chris Hoffman 2930f2ca39 Preferred method is AppRole since AppId is now deprecated 2016-07-28 14:32:20 -04:00
Vishal Nayak 358b13d2b4 Merge pull request #1660 from TerryHowe/ansible-module-hashivault 
Add note about Ansible module in docs
 2016-07-27 13:56:41 -04:00
Adam Greene da8ff50143 documentation cleanup 2016-07-27 10:43:59 -07:00
Terry Howe da49a7993e Add note about Ansible module in docs 2016-07-27 10:34:13 -06:00
Laura Bennett 4d9c909ae4 Merge pull request #1650 from hashicorp/request-uuid 
Added unique identifier to each request. Closes hashicorp/vault#1617
 2016-07-27 09:40:48 -04:00
Vishal Nayak c7bcaa5bb6 Merge pull request #1655 from hashicorp/cluster-id 
Vault cluster name and ID
 2016-07-26 14:12:48 -04:00
vishalnayak 669bbdfa48 Address review feedback from @jefferai 2016-07-26 14:05:27 -04:00
Jeff Mitchell 6e63af6ad0 Add deprecation notices for App ID 2016-07-26 10:08:46 -04:00
Jeff Mitchell cdb0f78960 Add app-id deprecation to upgrade notes 2016-07-26 10:04:08 -04:00
vishalnayak a6907769b0 AppRole authentication backend 2016-07-26 09:32:41 -04:00
Jeff Mitchell 3002799c26 Add upgrade notes for LDAP 2016-07-25 09:07:52 -04:00
Laura Bennett 483e796177 website update for request uuuid 2016-07-24 21:23:12 -04:00
Oren Shomron cd6d114e42 LDAP Auth Backend Overhaul 
--------------------------

Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.

Simplified group membership lookup significantly to support multiple use-cases:
  * Enumerating groups via memberOf attribute on user object
  * Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
  * Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule

There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.

Additional changes:
  * Clarify documentation for LDAP auth backend.
  * Reworked how default values are set, added tests
  * Removed Dial from LDAP config read. Network should not affect configuration.
 2016-07-22 21:20:05 -04:00