Jeff Mitchell
434ed2faf2
Merge pull request #1573 from mickhansen/logical-postgresql-revoke-sequences
...
handle revocations for roles that have privileges on sequences
2016-07-18 13:30:42 -04:00
Jeff Mitchell
a3ce0dcb0c
Turn off DynamoDB HA by default.
...
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
2016-07-18 13:19:58 -04:00
Jeff Mitchell
4c5ae34ebf
Merge pull request #1613 from skippy/update-aws-ec2-docs
...
[Docs] aws-ec2 -- note IAM action requirement
2016-07-18 10:40:38 -04:00
Jeff Mitchell
73923db995
Merge pull request #1589 from skippy/patch-2
...
[Docs] aws-ec2 -- clarify aws public cert is already preloaded
2016-07-18 10:02:35 -04:00
Vishal Nayak
7a15830b8b
Merge pull request #1596 from hashicorp/json-use-number
...
Recognize integer values in JSON input as `json.Number` as opposed to float64
2016-07-15 17:22:27 -06:00
vishalnayak
c14235b206
Merge branch 'master-oss' into json-use-number
...
Conflicts:
http/handler.go
logical/framework/field_data.go
logical/framework/wal.go
vault/logical_passthrough.go
2016-07-15 19:21:55 -04:00
Adam Greene
8f6b97f4e4
[Docs] aws-ec2 -- note IAM action requirement
2016-07-13 15:52:47 -07:00
Adam Greene
d6f5c5f491
english tweaks
2016-07-13 15:11:01 -07:00
vishalnayak
f1e2e2fe1b
changelog++
2016-07-13 17:17:04 -04:00
Vishal Nayak
c55fa03760
Merge pull request #1599 from hashicorp/use-go-uuid
...
Use go-uuid's GenerateUUID in PutWAL and discard logical.UUID()
2016-07-13 11:36:28 -06:00
Vishal Nayak
cdf58da43b
Merge pull request #1610 from hashicorp/min-tls-ver-12
...
Set minimum TLS version in all tls.Config objects
2016-07-13 10:53:14 -06:00
vishalnayak
09a4142fd3
Handled upgrade path for TLSMinVersion
2016-07-13 12:42:51 -04:00
Vishal Nayak
9f1e6c7b26
Merge pull request #1607 from hashicorp/standardize-time
...
Remove redundant invocations of UTC() call on `time.Time` objects
2016-07-13 10:19:23 -06:00
vishalnayak
de19314f18
Address review feedback
2016-07-13 11:52:26 -04:00
vishalnayak
f78f303787
git add tlsutil
2016-07-13 11:29:17 -04:00
vishalnayak
407722a9b4
Added tls_min_version to consul storage backend
2016-07-12 20:10:54 -04:00
Nathan J. Mehl
314a5ecec0
allow overriding the default truncation length for mysql usernames
...
see https://github.com/hashicorp/vault/issues/1605
2016-07-12 17:05:43 -07:00
vishalnayak
f34f0ef503
Make 'tls_min_version' configurable
2016-07-12 19:32:47 -04:00
vishalnayak
46d34130ac
Set minimum TLS version in all tls.Config objects
2016-07-12 17:06:28 -04:00
vishalnayak
8269f323d3
Revert 'risky' changes
2016-07-12 16:38:07 -04:00
Jeff Mitchell
04cfa4f88d
Whoops, fix vendoring
2016-07-11 23:13:26 +00:00
Jeff Mitchell
a6682405a3
Migrate number of retries down by one to have it be max retries, not tries
2016-07-11 21:57:14 +00:00
Jeff Mitchell
57cdb58374
Switch to pester from go-retryablehttp to avoid swallowing 500 error messages
2016-07-11 21:37:46 +00:00
Jeff Mitchell
5f1c101ad3
Merge pull request #1608 from hashicorp/tune-duration-second
...
Factor out parsing duration second type and use it for parsing tune v…
2016-07-11 14:26:36 -06:00
Jeff Mitchell
5b210b2a1f
Return a duration instead and port a few other places to use it
2016-07-11 18:19:35 +00:00
Jeff Mitchell
ab6c2bc5e8
Factor out parsing duration second type and use it for parsing tune values too
2016-07-11 17:53:39 +00:00
Mick Hansen
9ee4542a7c
incorporate code style guidelines
2016-07-11 13:35:35 +02:00
Mick Hansen
c25788e1d4
handle revocations for roles that have privileges on sequences
2016-07-11 13:16:45 +02:00
Nathan J. Mehl
2cf4490b37
use role name rather than token displayname in generated mysql usernames
...
If a single token generates multiple myself roles, the generated mysql
username was previously prepended with the displayname of the vault
user; this makes the output of `show processlist` in mysql potentially
difficult to correlate with the roles actually in use without cross-
checking against the vault audit log.
See https://github.com/hashicorp/vault/pull/1603 for further discussion.
2016-07-10 15:57:47 -07:00
Matt Hurne
8232de5095
Merge branch 'master' into mongodb-secret-backend
2016-07-09 21:14:21 -04:00
Matt Hurne
6505e85dae
mongodb secret backend: Improve safety of MongoDB roles storage
2016-07-09 21:12:42 -04:00
vishalnayak
fcb0b580ab
Fix broken build
2016-07-08 23:16:58 -04:00
vishalnayak
55a667b8cd
Fix broken build
2016-07-08 20:30:27 -04:00
vishalnayak
dc690d6233
Place error check before the response check in expiration test
2016-07-08 19:01:36 -04:00
vishalnayak
e09b40e155
Remove Unix() invocations on 'time.Time' objects and removed conversion of time to UTC
2016-07-08 18:30:18 -04:00
Jeff Mitchell
7a224ec0bd
changelog++
2016-07-08 10:42:13 -04:00
Jeff Mitchell
4aa557ffa6
Add documentation of retry env vars
2016-07-08 10:41:11 -04:00
Jeff Mitchell
1c0a96a815
Merge pull request #1594 from hashicorp/api-retryable
...
Make the API client retry on 5xx errors.
2016-07-08 10:34:56 -04:00
Jeff Mitchell
c7d72fea90
Do some extra checking in the modified renewal check
2016-07-08 10:34:49 -04:00
Matt Hurne
253d4e86fc
Merge branch 'master' into mongodb-secret-backend
2016-07-08 08:32:03 -04:00
Jeff Mitchell
96a6bc388e
Merge pull request #1601 from hashicorp/clarify-policy
...
Some policy concept page clarifications
2016-07-08 01:06:16 -04:00
Jeff Mitchell
cf42b28487
Some policy concept page clarifications
2016-07-08 05:05:46 +00:00
Matt Hurne
bb8a45eb8b
Format code in mongodb secret backend
2016-07-07 23:16:11 -04:00
Matt Hurne
8d5a7992c1
mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages
2016-07-07 23:09:45 -04:00
Matt Hurne
1d5133b8c0
Add note about MongoDB secret backend to changelog
2016-07-07 22:53:57 -04:00
Matt Hurne
a5f5b26e4b
Update mongodb secret backend documentation to indicate that ttl and max_ttl lease config parameters are optional rather than required
2016-07-07 22:34:00 -04:00
Matt Hurne
b1dd5bf449
mongodb secret backend documentation: Use single quotes around roles JSON to avoid needing to escape double quotes within the JSON
2016-07-07 22:31:35 -04:00
Matt Hurne
eee6f04e40
mongodb secret backend: Refactor to eliminate unnecessary variable
2016-07-07 22:29:17 -04:00
Matt Hurne
ce845df43c
mongodb secret backend: Consider a "user not found" response a success when removing a user from Mongo
2016-07-07 22:27:47 -04:00
Matt Hurne
138d74f745
mongodb secret backend: Improve roles path help
2016-07-07 22:16:34 -04:00