luxolus/open-vault
2
0
Fork 0
Code Issues 1 Pull requests Releases Activity
4460 commits 1 branch 0 tags 214 MiB
Commit graph

708 commits

Author SHA1 Message Date
Vishal Nayak 38d8ff33d5 Merge pull request #1647 from hashicorp/version-in-api 
Add version information to health status
 2016-07-22 18:34:33 -04:00
vishalnayak a92da37351 Updated sys/health docs 2016-07-22 18:33:29 -04:00
matt maier 6519c224ac Circonus integration for telemetry metrics 2016-07-22 15:49:23 -04:00
vishalnayak 765d131b47 Added service-tags config option to provide additional tags to registered service 2016-07-22 04:41:48 -04:00
Laura Bennett 559b0a5006 Merge pull request #1635 from hashicorp/mysql-idle-conns 
Added maximum idle connections to mysql to close hashicorp/vault#1616
 2016-07-20 15:31:37 -04:00
Laura Bennett 422dcc8f25 minor formatting edits 2016-07-20 14:42:52 -04:00
Jeff Mitchell f2b6569b0b Merge pull request #1604 from memory/mysql-displayname-2 
concat role name and token displayname to form mysql username
 2016-07-20 14:02:17 -04:00
Nathan J. Mehl ea294f1d27 use both role name and token display name to form mysql username 2016-07-20 10:17:00 -07:00
Laura Bennett dba466f50e update documentation for idle connections 2016-07-20 12:50:07 -04:00
Nathan J. Mehl 0483457ad2 respond to feedback from @vishalnayak 
- split out usernameLength and displaynameLength truncation values,
  as they are different things

- fetch username and displayname lengths from the role, not from
  the request parameters

- add appropriate defaults for username and displayname lengths
 2016-07-20 06:36:51 -07:00
Matt Hurne 11a3cb67d0 mongodb secret backend documentation: Remove verify_connection from example response to GET /mongodb/config/connection; add documentation for GET /mongodb/config/lease 2016-07-19 12:46:54 -04:00
Matt Hurne 75a5fbd8fe Merge branch 'master' into mongodb-secret-backend 2016-07-19 10:38:45 -04:00
Jeff Mitchell 04f0471a9f Update documentation around dynamodb changes 2016-07-18 14:10:55 -04:00
Jeff Mitchell c47fc73bd1 Use parsebool 2016-07-18 13:49:05 -04:00
Jeff Mitchell a3ce0dcb0c Turn off DynamoDB HA by default. 
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
 2016-07-18 13:19:58 -04:00
Jeff Mitchell 4c5ae34ebf Merge pull request #1613 from skippy/update-aws-ec2-docs 
[Docs] aws-ec2 -- note IAM action requirement
 2016-07-18 10:40:38 -04:00
Jeff Mitchell 73923db995 Merge pull request #1589 from skippy/patch-2 
[Docs] aws-ec2 -- clarify aws public cert is already preloaded
 2016-07-18 10:02:35 -04:00
Adam Greene 8f6b97f4e4 [Docs] aws-ec2 -- note IAM action requirement 2016-07-13 15:52:47 -07:00
Adam Greene d6f5c5f491 english tweaks 2016-07-13 15:11:01 -07:00
vishalnayak 407722a9b4 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
Nathan J. Mehl 314a5ecec0 allow overriding the default truncation length for mysql usernames 
see https://github.com/hashicorp/vault/issues/1605
 2016-07-12 17:05:43 -07:00
Jeff Mitchell a6682405a3 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell 57cdb58374 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Matt Hurne 8232de5095 Merge branch 'master' into mongodb-secret-backend 2016-07-09 21:14:21 -04:00
Jeff Mitchell 4aa557ffa6 Add documentation of retry env vars 2016-07-08 10:41:11 -04:00
Matt Hurne 253d4e86fc Merge branch 'master' into mongodb-secret-backend 2016-07-08 08:32:03 -04:00
Jeff Mitchell cf42b28487 Some policy concept page clarifications 2016-07-08 05:05:46 +00:00
Matt Hurne 8d5a7992c1 mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages 2016-07-07 23:09:45 -04:00
Matt Hurne a5f5b26e4b Update mongodb secret backend documentation to indicate that ttl and max_ttl lease config parameters are optional rather than required 2016-07-07 22:34:00 -04:00
Matt Hurne b1dd5bf449 mongodb secret backend documentation: Use single quotes around roles JSON to avoid needing to escape double quotes within the JSON 2016-07-07 22:31:35 -04:00
Matt Hurne da0bd77dc4 Merge branch 'master' into mongodb-secret-backend 2016-07-07 21:24:40 -04:00
Eric Herot cbc76c357e Pretty sure the method to delete a token role is not GET 2016-07-07 13:54:20 -04:00
Jeff Mitchell a6d3210163 Merge pull request #1590 from skippy/patch-3 
Update aws-ec2.html.md -- clarify pkcs7 cert cleanup before use
 2016-07-06 21:31:12 +02:00
Stig Lindqvist 71b481ba40 Correcting grammar 2016-07-06 17:57:22 +12:00
Adam Greene 2405b7f078 Update aws-ec2.html.md 
per #1582, updating the docs to include notes about pkcs#7 handling, specifically that aws returns the pkcs#7 cert with newlines and that they need to be stripped before sending them to the login endpoint
 2016-07-05 13:21:56 -07:00
Adam Greene 5ef359ff6c Update aws-ec2.html.md 
clarify, and make more explicit, the language around the default AWS public certificate
 2016-07-05 13:14:29 -07:00
Matt Hurne cf17deb33b mongodb secret backend: Update documentation 2016-07-05 09:50:23 -04:00
Matt Hurne 292c2fad69 Merge branch 'master' into mongodb-secret-backend 2016-07-01 20:39:13 -04:00
Mark Paluch ab63c938c4 Address review feedback. 
Switch ConnectTimeout to framework.TypeDurationSecond  with a default of 5. Remove own parsing code.
 2016-07-01 22:26:08 +02:00
Mark Paluch 3859f7938a Support connect_timeout for Cassandra and align timeout. 
The cassandra backend now supports a configurable connect timeout. The timeout is configured using the connect_timeout parameter in the session configuration.  Also align the timeout to 5 seconds which is the default for the Python and Java drivers.

Fixes #1538
 2016-07-01 21:22:37 +02:00
Matt Hurne 561e67ade8 Merge branch 'master' into mongodb-secret-backend 2016-06-30 20:23:16 -04:00
Tim Schindler 24c6a605ea added documentation about ETCD_ADDR env var to etcd backend documentation 2016-06-30 18:46:40 +00:00
Matt Hurne 350b69670c Rename mongodb secret backend's 'ttl_max' lease configuration field to 'max_ttl' 2016-06-30 09:57:43 -04:00
Matt Hurne 5e8c912048 Add mongodb secret backend 2016-06-29 08:33:06 -04:00
Jeff Mitchell 07f53eebc2 Update PKI docs with key_usge info 2016-06-23 11:07:17 -04:00
Cameron Stokes 92f49578e1 Minor typo - that->than. 2016-06-22 11:28:31 -07:00
Jason Antman d8242d04d2 clarify some aspects of GPG key usage 2016-06-22 10:26:06 -04:00
Vishal Nayak 78d4d5c8c3 Merge pull request #1523 from hashicorp/bind-account-id-aws-ec2 
Added bound_account_id to aws-ec2 auth backend
 2016-06-21 10:03:20 -04:00
Vishal Nayak d4d47ce5e3 Merge pull request #1531 from hashicorp/auth-mount-tune-params 
Auth tune endpoints and config settings output from CLI
 2016-06-20 20:24:47 -04:00
vishalnayak 8b490e44a1 Added list functionality to logical aws backend's roles 2016-06-20 19:51:04 -04:00
Jeff Mitchell 2e7704ea7e Add convergent encryption option to transit. 
Fixes #1537
 2016-06-20 13:17:48 -04:00
Mark Paluch ea4c58f17b Fix RabbitMQ documentation 
Change parameter `uri` to `connection_uri` in code example.
 2016-06-19 17:45:30 +02:00
vishalnayak d0a142c75a Merge branch 'master-oss' into bind-account-id-aws-ec2 
Conflicts:
	website/source/docs/auth/aws-ec2.html.md
 2016-06-17 12:41:21 -04:00
vishalnayak 848b479a61 Added 'sys/auth/<path>/tune' endpoints. 
Displaying 'Default TTL' and 'Max TTL' in the output of 'vault auth -methods'
 2016-06-15 13:58:24 -04:00
Martin Forssen f8558ca1f2 Fixed a number of spelling errors in aws-ec2.html.md 2016-06-15 13:32:36 +02:00
vishalnayak 8e03c1448b Merge branch 'master-oss' into bind-account-id-aws-ec2 
Conflicts:
	builtin/credential/aws-ec2/backend_test.go
	builtin/credential/aws-ec2/path_login.go
	builtin/credential/aws-ec2/path_role.go
 2016-06-14 14:46:08 -04:00
Ivan Fuyivara 0ffbef0ccd added tests, nil validations and doccumentation 2016-06-14 16:58:50 +00:00
vishalnayak 26f7fcf6a1 Added bound_account_id to aws-ec2 auth backend 2016-06-14 11:58:19 -04:00
vishalnayak 4a078f8726 RabbitMQ docs++ 2016-06-14 10:22:30 -04:00
Jeff Mitchell 04a03bcb54 Add updated wrapping information 2016-06-14 05:59:50 +00:00
Jon Benson 7883e98eb8 Update aws-ec2.html.md 2016-06-09 23:08:08 -07:00
vishalnayak c6a27f2fa8 s/VAULT_GITHUB_AUTH_TOKEN/VAULT_AUTH_GITHUB_TOKEN 2016-06-09 14:00:56 -04:00
vishalnayak 308294db46 Added VAULT_GITHUB_AUTH_TOKEN env var to receive GitHub auth token 2016-06-09 13:45:56 -04:00
Jeff Mitchell 41decb2e16 update sys-health docs with HEAD info 2016-06-09 12:30:23 -04:00
Jeff Mitchell 351f536913 Don't check parsability of a ttl key on write. 
On read we already ignore bad values, so we shouldn't be restricting
this on write; doing so alters expected data-in-data-out behavior. In
addition, don't issue a warning if a given `ttl` value can't be parsed,
as this can quickly get annoying if it's on purpose.

The documentation has been updated/clarified to make it clear that this
is optional behavior that doesn't affect the status of the key as POD
and the `lease_duration` returned will otherwise default to the
system/mount defaults.

Fixes #1505
 2016-06-08 20:14:36 -04:00
Jeff Mitchell 2b4b6559e3 Merge pull request #1504 from hashicorp/token-store-roles-renewability 
Add renewable flag to token store roles
 2016-06-08 15:56:54 -04:00
Laura Bennett 5ccb4fe907 Merge pull request #1498 from hashicorp/pki-list 
PKI List Functionality
 2016-06-08 15:42:50 -04:00
Jeff Mitchell cf8f38bd4c Add renewable flag to token store roles 2016-06-08 15:17:22 -04:00
Laura Bennett fc8c73584b url fix 2016-06-08 14:53:33 -04:00
Jeff Mitchell 65d8973864 Add explicit max TTL capability to token creation API 2016-06-08 14:49:48 -04:00
Laura Bennett 08cd10d541 Updates for pki/certs list functionality 2016-06-08 14:37:57 -04:00
Jeff Mitchell b8c30aea18 Merge pull request #1502 from hashicorp/pr-1425 
Staging area for me to fix up PR 1425
 2016-06-08 12:31:31 -04:00
Jeff Mitchell 29ee2666e7 Update docs 2016-06-08 12:23:04 -04:00
Jeff Mitchell 3cce72b10d Update docs with max_parallel 2016-06-08 12:22:18 -04:00
Jeff Mitchell 72a25d018c Add permit pool and cleanhttp support to Swift 2016-06-08 12:20:21 -04:00
Jeff Mitchell da6371ffc3 Merge remote-tracking branch 'origin/master' into pr-1425 2016-06-08 12:10:29 -04:00
Vishal Nayak ab543414f6 Merge pull request #788 from doubledutch/master 
RabbitMQ Secret Backend
 2016-06-08 10:02:24 -04:00
Jeff Mitchell 7308031e4d Add more entries to the 0.6 upgrade notes 2016-06-06 16:04:02 -04:00
Vinay Hiremath 584c2b9c10 Small grammatical error 
"invaliding" => "invalidating"
 2016-06-03 11:07:54 -07:00
Jeff Mitchell 33764e85b1 Merge pull request #1324 from hashicorp/sethvargo/doc_gpg 
Add a page for step-by-step gpg/keybase
 2016-06-03 13:24:57 -04:00
Jeff Mitchell a147c3346c Make some updates to PGP documentation 2016-06-03 13:23:20 -04:00
vishalnayak 315f9c868c Provide option to disable host key checking 2016-06-01 11:08:24 -04:00
vishalnayak dbee3cd81b Address review feedback 2016-06-01 10:36:58 -04:00
vishalnayak 5c25265fce rename aws.html.md as aws-ec2.html.md 2016-05-30 14:11:15 -04:00
vishalnayak a072f2807d Rename aws as aws-ec2 2016-05-30 14:11:15 -04:00
vishalnayak 30fa7f304b Allow * to be set for allowed_users 2016-05-30 03:12:43 -04:00
vishalnayak 971b2cb7b7 Do not allow any username to login if allowed_users is not set 2016-05-30 03:01:47 -04:00
Jeff Mitchell 81e14262cd Remove reference to cookies altogether 
Fixes #1437
 2016-05-26 09:29:41 -04:00
vishalnayak 21605ee9d8 Typo fix: s/Vault/Consul 2016-05-24 18:22:20 -04:00
Seth Vargo b1959e1f26
Use updated architecture diagram 
As much as we love @armon's omnigraffle, this new diagram better matches
the Vault branding 😄.
 2016-05-23 20:10:51 -04:00
Kevin Pike 111ef09a18 Update rabbitmq lease docs 2016-05-20 23:28:41 -07:00
Jeff Mitchell caf77109ba Add cubbyhole wrapping documentation 2016-05-19 13:33:51 -04:00
Jeff Mitchell a13807e759 Merge pull request #1318 from steve-jansen/aws-logical-assume-role 
Add sts:AssumeRole support to the AWS secret backend
 2016-05-19 12:17:27 -04:00
Stuart Glenn b75eed61ed Add documentation on Swift backend configuration 2016-05-16 17:29:40 -05:00
Sean Chittenden 7a4b31ce51
Speling police 2016-05-15 09:58:36 -07:00
Vishal Nayak 53fc941761 Merge pull request #1300 from hashicorp/aws-auth-backend 
AWS EC2 instances authentication backend
 2016-05-14 19:42:03 -04:00
vishalnayak 4122ed860b Rename 'role_name' to 'role' 2016-05-13 14:31:13 -04:00
Jeff Mitchell b850f876a7 Merge pull request #1407 from z00m1n/patch-1 
fix PostgreSQL sample code
 2016-05-12 17:07:48 -07:00
cmclaughlin cdf715b94a Document configuring listener to use a CA cert 2016-05-12 15:34:47 -07:00
Steven Samuel Cole e3bb3a4efb fix PostgreSQL sample code 
The current sample configuration line fails with `Error initializing backend of type postgresql: failed to check for native upsert: pq: unsupported sslmode "disabled"; only "require" (default), "verify-full", "verify-ca", and "disable" supported`.
 2016-05-12 23:22:41 +02:00