Commit graph

1763 commits

Author SHA1 Message Date
vishalnayak 2ab27e6087 Agent doc update for beta testers 2019-02-26 10:20:55 -05:00
vishalnayak f04b4d1668 Change agent's default port number to 8100 2019-02-26 10:02:12 -05:00
Calvin Leung Huang 5b5ec851c7 Agent caching docs (#6272)
* WIP agent caching docs

* More docs updates

* Add caching/index.html to docs_detailed_categories.yml

* Some more docs updates

* Some more docs updates

* updates

* address review feedback

* fix sample config

* Update website/source/docs/agent/caching/index.html.md

Co-Authored-By: calvn <cleung2010@gmail.com>

* fix config for sidebar display

* Add environment variable to the docs
2019-02-26 09:57:17 -05:00
Jim Kalafut 9bac5158cd
Update JWT docs for OIDC feature (#6270) 2019-02-21 17:06:23 -08:00
Becca Petrin 81cfa79d02 add note about sts region to doc 2019-02-21 16:57:52 -08:00
Chris Hoffman 481c38c7d0
adding 1.1 upgrade docs (#6279) 2019-02-21 17:41:06 -05:00
Becca Petrin 65b8ad9187 allow aws region in cli login 2019-02-20 16:43:21 -08:00
dp-h e8bc0e7ab2 Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]"
This reverts commit 7726fdd1aaf7848dc5af9d4867e76bd1588f7bac.

Revert to go through proper PR. Apologies.
2019-02-14 13:40:17 -07:00
Brian Shumate c7ceffba30 Update configuration/listener documentation (#6228)
- Clarify that PROXY protocol version 1 is currently supported
- Add missing backtick to fix formatting issue
2019-02-13 09:27:05 -05:00
dp-h 72880b965a Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 17:05:31 -07:00
dominic ed6d45eece Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]"
This reverts commit b275f2a1e6d74400bb3cf702d1e03c90d31624cb.

Pushed to master, my apologies. Will do proper PR for this.
2019-02-12 16:49:34 -07:00
dominic f11a29d13c Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 16:47:17 -07:00
vishalnayak 8a6cd92f85 Update transit docs 2019-02-12 14:27:17 -05:00
Graham Land 13e60dbb40 Add Vault supported log levels (#6185)
Documentation : Add the supported log level configurations

`Supported log levels: Trace, Debug, Error, Warn, Info.`
2019-02-07 11:27:08 -08:00
Eero Niemi f9cb767d9c Fixed typo (newtwork -> network) (#6177) 2019-02-07 13:06:38 -05:00
Jeff Mitchell ea61e8fbec Remove refresh_interval from kvv1 API docs and CLI docs since kv get doesn't use it 2019-02-06 21:51:08 -05:00
d 97a73d6bf8 Revert "fixed trailing slash in consul.html.md example"
This reverts commit 4310bb58c83285ebd9cfcb302b70d1db432a11e2.

Accidental push to master, my apologies. See PR https://github.com/hashicorp/vault/pull/6175
2019-02-05 17:42:15 -07:00
Dominic Porreco 778e6add49 fixed trailing slash in consul.html.md example 2019-02-05 17:01:39 -07:00
Yoko a9392f9840
Adding a mention for 'kv-v2' as type (#6151) 2019-02-01 11:26:08 -08:00
Jeff Mitchell b2cc9ebd3a Remove regenerate-key docs as it no longer exists 2019-02-01 09:29:40 -05:00
Donald Guy 4363453017 Docs: Azure auth example using metadata service (#6124)
There are probably better ways to massage this but I think it would be helpful to have something like this included
2019-01-30 12:13:39 -08:00
Brian Shumate 2337df4b2b Update documentation for command operator unseal (#6117)
- Add migrate command option
2019-01-28 10:27:51 -05:00
Gordon Shankman cd2f7bbde8 Adding support for SSE in the S3 storage backend. (#5996) 2019-01-26 16:48:08 -05:00
Calvin Leung Huang 34af3daeb0 docs: update agent sample config (#6096) 2019-01-24 07:25:03 -05:00
Jeff Mitchell 3f1a7d4fdd
Update to latest etcd and use the new repository packages (#6087)
This will be necessary for go mod work

Additionally, the srv api has changed. This adapts to it.
2019-01-23 14:35:03 -05:00
gitirabassi 1aaacda3ec small fixes to docs and indexes 2019-01-18 02:14:57 +01:00
Yoko e09f058ada
Adding the CLI flag placement info (#6027)
* Adding the CLI flag placement info

* Adding the definition of 'options' and 'args'

* tweaked the wording a little bit

* Added more description in the example

* Added a link to 'Flags' in the doc for options def
2019-01-15 11:24:50 -08:00
Jim Kalafut 960eb45014
Remove unnecessary permission 2019-01-10 16:18:10 -08:00
Seth Vargo e726f13957 Simplify permission requirements for GCP things (#6012) 2019-01-10 10:05:21 -08:00
Yoko 0a97f95ff4
Document upper limit on Transit encryption size (#6014) 2019-01-08 17:57:43 -08:00
Giacomo Tirabassi 0d3845c537 Influxdb secret engine built-in plugin (#5924)
* intial work for influxdb secret plugin

* fixed typo

* added comment

* added documentation

* added tests

* fixed tests

* added vendoring

* minor testing issue with hardcoded values

* minor fixes
2019-01-08 17:26:16 -08:00
Julien Blache 91d432fc85 FoundationDB backend TLS support and housekeeping (#5800)
* Fix typo in documentation

* Update fdb-go-install.sh for new release tags

* Exclude FoundationDB bindings from vendoring, delete vendored copy

FoundationDB bindings are tightly coupled to the server version and
client library version used in a specific deployment. Bindings need
to be installed using the fdb-go-install.sh script, as documented in
the foundationdb backend documentation.

* Add TLS support to FoundationDB backend

TLS support appeared in FoundationDB 5.2.4, raising the minimum API version
for TLS-aware FoundationDB code to 520.

* Update documentation for FoundationDB TLS support
2019-01-08 09:01:44 -08:00
Seth Vargo 46cbfb0e4b Fix formatting (#6009)
The new markdown parser is less forgiving
2019-01-08 08:51:37 -08:00
Thomas Kula 4265579aaa Fix small typo in azure.html.md (#6004) 2019-01-07 10:03:22 -05:00
Aric Walker c065b46f42 Remove duplicate "Users can" from policy md (#6002) 2019-01-07 07:02:28 -08:00
Seth Vargo c3f1043c24 Reduce required permissions for the GCPCKMS auto-unsealer (#5999)
This changes the behavior of the GCPCKMS auto-unsealer setup to attempt
encryption instead of a key lookup. Key lookups are a different API
method not covered by roles/cloudkms.cryptoKeyEncrypterDecrypter. This
means users must grant an extended scope to their service account
(granting the ability to read key data) which only seems to be used to
validate the existence of the key.

Worse, the only roles that include this permission are overly verbose
(e.g. roles/viewer which gives readonly access to everything in the
project and roles/cloudkms.admin which gives full control over all key
operations). This leaves the user stuck between choosing to create a
custom IAM role (which isn't fun) or grant overly broad permissions.

By changing to an encrypt call, we get better verification of the unseal
permissions and users can reduce scope to a single role.
2019-01-04 16:29:31 -05:00
Seth Vargo 1917bb406d Fix audit docs (#6000)
These appear to have been converted to (bad) HTML. This returns them to
their original markdown format.
2019-01-04 13:45:50 -06:00
Graham Land 2e92372710 Docs: Add Auto Unseal Rekey example (#5952)
* Add KMS Rekey example

I've had customers looking for AWS KMS rekeying examples today - when using pgp keys.
This example would have clarified what they needed to do.

* Replaced KMS reference with Auto Unseal

``` bash
Rekey an Auto Unseal vault and encrypt the resulting recovery keys with PGP:
```
2019-01-03 09:23:43 -05:00
Becca Petrin d7f31fe5e4
Merge pull request #5892 from jen20/jen20/dynamodb-capacity-doc
docs: Clarify the utility of DynamoDB capacities
2018-12-20 11:54:26 -08:00
Graham Land c1fa76e9e2 Docs: Add example for Vault init Auto Unseal with PGP Keys (#5951)
* Add example for AWS KMS AutoUnseal with PGP Keys

A customer could not figure how to get this working today. 
This example would have helped them. We don't mention KMS anywhere in this section.

* Changed reference from AWS KMS to Auto Unseal

``` bash
Initialize Auto Unseal, but encrypt the recovery keys with pgp keys:
```
2018-12-18 11:42:10 -05:00
vishalnayak 689163e7ed Upgrade guide for 0.11.6 2018-12-14 12:22:50 -05:00
Jeff Mitchell d9d47bb252 Update Consul ACL example
Fixes #5831
2018-12-13 17:18:28 -05:00
Joel Thompson 286b3f4e9f auth/aws: Clarify docs for cross-account access with IAM auth (#5900)
The docs hadn't been updated to reflect the ability to do cross-account
AWS IAM auth, and so it was a bit confusing as to whether that was
supported. This removes the ambiguity by explicitly mentioning AWS IAM
principals.
2018-12-12 15:21:27 -05:00
Bert Roos cfa008896d Added comma for readability (#5941)
Signed-off-by: Bert Roos <Bert-R@users.noreply.github.com>
2018-12-12 09:23:20 -05:00
Graham Land 53c6b36613 Fixing a couple of small typos (#5942) 2018-12-12 05:56:58 -08:00
emily 94c03d1072 Update GCP auth BE docs (#5753)
Documented changes from https://github.com/hashicorp/vault-plugin-auth-gcp/pull/55
* Deprecating `project_id` for `bound_projects` and making it optional
* Deprecating `google_certs_endpoint` (unused)
* Adding group aliases 

Also, some general reformatting
2018-12-10 12:54:18 -08:00
Tommy Murphy d3774e6aaa Correct GCE Token Parameter (#5667)
As written the GCE token curl results in an error: "non-empty audience parameter required".

Google's docs (https://cloud.google.com/compute/docs/instances/verifying-instance-identity) confirm that the parameter is 'audience' not 'aud'.
2018-12-07 15:10:30 -08:00
Matthew Irish a447dac803
change ui url so that it includes the trailing slash (#5890) 2018-12-05 12:25:16 -06:00
Chris Hoffman cebbe43f70
removing beta tag (#5904) 2018-12-05 10:45:22 -05:00
Chris Hoffman 1da490e929
adding upgrade guide for 1.0 (#5903)
* adding upgrade guide for 1.0

* fixing sidebar
2018-12-05 10:33:53 -05:00
Jim Kalafut 3552019795
Update operator migrate docs (#5895) 2018-12-04 08:49:42 -08:00
James Nugent 65e7a2660d docs: Clarify the utility of DynamoDB capacities
When configuring DynamoDB, the read and write capacities configured only
have any effect if the table does not exist. As per the comment in the
code [1], the configuration of an existing table is never modified. This
was not previously reflected in the documentation - this commit
rectifies that.

[1]: https://github.com/hashicorp/vault/blob/master/physical/dynamodb/dynamodb.go#L743-L745
2018-12-03 17:55:18 -06:00
Martin 6c0ce0b11f Typo in policy template doc (#5887) 2018-12-03 14:36:17 -05:00
Clint dfe585c7f7 Agent kube projected token (#5725)
* Add support for custom JWT path in Agent: kubernetes auth

- add support for "token_path" configuration
- add a reader for mocking in tests

* add documentation for token_path
2018-11-19 14:28:17 -08:00
Atthavit Wannasakwong 4344bb8ec1 fix wrong IAM action name in docs (#5812)
Reference:
https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/api-permissions-reference.html
2018-11-17 09:10:50 -08:00
Becca Petrin 8f82809c78
Update docs to match running builtins as plugins (#5727) 2018-11-14 09:17:12 -08:00
Vishal Nayak c144bc4b34
Recommend IAM auth over EC2 (#5772)
* Recommend IAM auth over EC2

* Update website/source/docs/auth/aws.html.md

Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com>

* Update website/source/docs/auth/aws.html.md

Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com>

* Update website/source/docs/auth/aws.html.md

Co-Authored-By: vishalnayak <vishalnayak@users.noreply.github.com>
2018-11-13 18:49:25 -05:00
Vishal Nayak 086e7c6a41
Fix CLI flag name for rekeying (#5774) 2018-11-13 14:27:14 -05:00
Jeff Mitchell 41460ffb29
Add note about seal migration not being supported for secondaries currently (#5762) 2018-11-12 09:41:05 -05:00
Jeff Mitchell b30cd2e97f Update forwarded-for docs to indicate it supports cidrs, not just single hosts 2018-11-09 10:28:00 -05:00
Seth Vargo f79d2f06fa Add missing link to API docs (#5719) 2018-11-07 07:04:16 -08:00
Jeff Mitchell 6e4f990902 Better documentation around increment
Fixes #5701
2018-11-06 17:42:20 -05:00
Chris Griggs 275559deb4 moving VIP guide (#5693) 2018-11-05 19:50:55 -05:00
Nicolas Corrarello 0b44a55d22 Adding support for Consul 1.4 ACL system (#5586)
* Adding support for Consul 1.4 ACL system

* Working tests

* Fixed logic gate

* Fixed logical gate that evaluate empty policy or empty list of policy names

* Ensure tests are run against appropiate Consul versions

* Running tests against official container with a 1.4.0-rc1 tag

* policies can never be nil (as even if it is empty will be an empty array)

* addressing feedback, refactoring tests

* removing cast

* converting old lease field to ttl, adding max ttl

* cleanup

* adding missing test

* testing wrong version

* adding support for local tokens

* addressing feedback
2018-11-02 10:44:12 -04:00
Raymond Kao 24187b2e99 Fixed wording from "SQL" to "MongoDB" for clarity (#5643)
The original wording made it appear as if SQL statements were being executed against a MongoDB backend, which is incorrect and confusing.  Fixed to better reflect what is actually occurring.
2018-11-01 09:26:05 -04:00
Brian Shumate 113380c461 docs: update JWT auth method (#5655)
- Add convenience/contextual link to API documnetation
2018-10-31 11:03:04 -04:00
Jeff Mitchell 605a7e30ad
Add the ability for secret IDs in agent approle to be wrapped (#5654) 2018-10-30 20:53:49 -04:00
Jeff Mitchell 6d20c8fce2
Add approle agent method removing secret ID file by default. (#5648)
Also, massively update tests.
2018-10-30 14:09:04 -04:00
Aleksey Zhukov 5361205d5b WIP Agent AppRole auto-auth (#5621) 2018-10-30 12:17:19 -04:00
RJ Spiker fca7cb3794 website: update sidebar_title in front matter to use <code> (#5636)
* website: replace deprecated <tt> with <code> in front matter sidebar_title

* website: wrap front matter sidebar_title in <code> for commands pages
2018-10-29 15:58:37 -04:00
Ben Boeckel 1e3d41ffa9 website: add missing @ to example (#5560)
* website: remove mention of `@` in command

The command does not contain the mentioned `@` symbol and can be
confusing.

* docs: use `policy-name` instead of `my-policy`

Just making things consistent.
2018-10-29 13:12:48 -04:00
Seth Vargo 5fcdd6c4e3 More formatting fixes (#5582) 2018-10-29 13:12:19 -04:00
Jeff Mitchell 3c1a82e60c
Add token type to sentinel docs, fix up some names, and better codify what Sentinel reports for various token types (#5630) 2018-10-27 11:07:27 -07:00
Chris Hoffman fa380e9be4
Fix seal migration docs (#5623)
* fixing seal migration docs

* do not use deprecated command

* adding redirect for old docs
2018-10-26 10:04:51 -07:00
Joel Thompson 62b54c8a5c Update awskms seal docs (#5618)
The seal already supported an endpoint configuration, but it wasn't
documented, so adding the docs for it. Also adding a note on required
KMS permissions.
2018-10-26 06:18:04 -07:00
Chris Hoffman bbca4729b6
Updating seal docs (#5616)
* updating seal docs

* fixing api docs
2018-10-25 16:44:53 -07:00
Seth Vargo a0cffd4c3f Update docs and permissions (#5612) 2018-10-25 14:10:11 -07:00
Alan Tang a69793ae32 fix duplicated word (#5599)
I think that is a duplicated word.
2018-10-24 18:15:24 -07:00
Jeff Escalante bff998390e Website: small fix for the sidebar (#5595)
* sidebar attempted fix

* fix html errors

* a couple css updates
2018-10-24 12:21:37 -07:00
Andy Manoske 9c2c9d5e13
Update partnerships.html.md 2018-10-23 14:56:55 -07:00
Andy Manoske e19b90e056
Update partnerships.html.md 2018-10-23 14:56:17 -07:00
Andy Manoske f8314f47aa
Update partnerships.html.md 2018-10-23 14:55:51 -07:00
Andy Manoske caad3aff9c
Fix broken links
fix links to old guides infrastructure
2018-10-23 14:22:18 -07:00
Andy Manoske b355c6a3ce
Update partnerships.html.md 2018-10-23 13:58:33 -07:00
Andy Manoske 8b65b243d2
Update partnerships.html.md 2018-10-23 13:48:16 -07:00
Andy Manoske 67c8883a8c
Partnerships docs updates
Updates to include partnerships within new site
2018-10-23 13:45:53 -07:00
Chris Hoffman fc85623b5f
Adding gcpkms docs (#5590)
* adding gcpkms docs

* adding detail links

* adding 1.0 Beta badge
2018-10-23 12:14:32 -07:00
Jeff Mitchell b2f2568a21 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-23 04:02:28 -04:00
Thomas Kula 434b0a30fb Document that periodic tokens do expire unless explicitly renewed (#5581) 2018-10-22 15:48:16 -04:00
Jeff Mitchell 12f32ad22c Merge branch 'master-oss' into 1.0-beta-oss 2018-10-22 12:32:44 -04:00
Seth Vargo 1fa851eeeb Fix website formatting (#5576) 2018-10-20 20:35:33 -04:00
Matthew Irish 8073ebcd1e Merge branch 'oss-master' into 1.0-beta-oss 2018-10-19 20:40:36 -05:00
Jim Kalafut 51a240ec74
Fix docs typo 2018-10-19 15:43:45 -07:00
Jeff Mitchell 9f6dd376e2 Merge branch 'master-oss' into 1.0-beta-oss 2018-10-19 17:47:58 -04:00
Mitchell Hashimoto 78dedf1f25
website: fix broken link in docs header 2018-10-19 14:10:18 -07:00
RJ Spiker 7ce0ecaad1 fix product-subnav broken links (#5561) 2018-10-19 14:05:23 -07:00
Jim Kalafut c1d435c80c
Update Azure Secrets docs (#5554)
Add coverage of application_object_id parameter.
2018-10-19 13:48:15 -07:00
Jeff Escalante a3dfde5cec New Docs Website (#5535)
* conversion stage 1

* correct image paths

* add sidebar title to frontmatter

* docs/concepts and docs/internals

* configuration docs and multi-level nav corrections

* commands docs, index file corrections, small item nav correction

* secrets converted

* auth

* add enterprise and agent docs

* add extra dividers

* secret section, wip

* correct sidebar nav title in front matter for apu section, start working on api items

* auth and backend, a couple directory structure fixes

* remove old docs

* intro side nav converted

* reset sidebar styles, add hashi-global-styles

* basic styling for nav sidebar

* folder collapse functionality

* patch up border length on last list item

* wip restructure for content component

* taking middleman hacking to the extreme, but its working

* small css fix

* add new mega nav

* fix a small mistake from the rebase

* fix a content resolution issue with middleman

* title a couple missing docs pages

* update deps, remove temporary markup

* community page

* footer to layout, community page css adjustments

* wip downloads page

* deps updated, downloads page ready

* fix community page

* homepage progress

* add components, adjust spacing

* docs and api landing pages

* a bunch of fixes, add docs and api landing pages

* update deps, add deploy scripts

* add readme note

* update deploy command

* overview page, index title

* Update doc fields

Note this still requires the link fields to be populated -- this is solely related to copy on the description fields

* Update api_basic_categories.yml

Updated API category descriptions. Like the document descriptions you'll still need to update the link headers to the proper target pages.

* Add bottom hero, adjust CSS, responsive friendly

* Add mega nav title

* homepage adjustments, asset boosts

* small fixes

* docs page styling fixes

* meganav title

* some category link corrections

* Update API categories page

updated to reflect the second level headings for api categories

* Update docs_detailed_categories.yml

Updated to represent the existing docs structure

* Update docs_detailed_categories.yml

* docs page data fix, extra operator page remove

* api data fix

* fix makefile

* update deps, add product subnav to docs and api landing pages

* Rearrange non-hands-on guides to _docs_

Since there is no place for these on learn.hashicorp, we'll put them
under _docs_.

* WIP Redirects for guides to docs

* content and component updates

* font weight hotfix, redirects

* fix guides and intro sidenavs

* fix some redirects

* small style tweaks

* Redirects to learn and internally to docs

* Remove redirect to `/vault`

* Remove `.html` from destination on redirects

* fix incorrect index redirect

* final touchups

* address feedback from michell for makefile and product downloads
2018-10-19 08:40:11 -07:00
Jeff Mitchell d843e0b52c Merge branch 'master-oss' into 1.0-beta-oss 2018-10-18 10:28:14 -04:00
Brian Shumate e2aad73e72 Docs: Basics: Tokens: Note (#5479)
- Add note about token values
2018-10-17 10:40:55 -04:00
Martin f31aee7d47 add mentions of authorization header support in doc (#5478) 2018-10-17 10:38:15 -04:00
Kevin Buchs 1cd1b5a98e Update dynamodb.html.md (#5519) 2018-10-17 10:36:52 -04:00
Jeff Mitchell a64fc7d7cb
Batch tokens (#755) 2018-10-15 12:56:24 -04:00
Jeff Mitchell ab582c80e8 Remove outdated references to UUIDs for token values 2018-10-08 12:45:17 -04:00
Jim Kalafut b7c8082960
Fix docs typos 2018-10-05 22:53:09 -07:00
Jim Kalafut 24dc42c908
Update examples to use sha256 (#5468)
sha_256 is supported but not referenced in our API docs.
2018-10-04 09:51:54 -07:00
Martins Sipenko 2e27e96441 Fix missing > (#5452) 2018-10-03 09:16:36 -04:00
Becca Petrin 8bfb2a335b alicloud auto-unseal docs (#5446) 2018-10-02 17:21:26 -07:00
Saurabh Pal 77e635f7e1 Enable TLS based communication with Zookeeper Backend (#4856)
* The added method customTLSDial() creates a tls connection to the zookeeper backend when 'tls_enabled' is set to true in config

* Update to the document for TLS configuration that is  required to enable TLS connection to Zookeeper backend

* Minor formatting update

* Minor update to the description for example config

* As per review comments from @kenbreeman, additional property description indicating support for multiple Root CAs in a single file has been added

* minor formatting
2018-10-01 14:12:08 -07:00
Calvin Leung Huang 253d999c55 docs: Update CLI page to include namespace and flags info (#5363) 2018-09-27 17:08:14 -07:00
Jim Kalafut 462dc06a88 operator migrate docs (#5400)
* operator migrate docs

* Address feedback

* Fix title
2018-09-26 10:55:04 -07:00
emily b37b8b7edf Docs PR for GCP secrets backend access token changes (#5366)
* initial docs pass

* fix docs
2018-09-21 10:31:49 -07:00
Brian Shumate b43c52d89b Add Enterprise Replication metrics (#3981) 2018-09-21 12:01:44 -04:00
Becca Petrin d05484b586
AliCloud Secrets Docs (#5351) 2018-09-19 08:42:59 -07:00
Jeff Mitchell 43aebacfa8 Fix default_max_request_duration HCL name and update docs (#5321)
* Fix default_max_request_duration HCL name and update docs

* Update tcp.html.md
2018-09-18 14:30:21 -07:00
Evan Grim 7f5c193ace Fix small grammatical error in plugin docs (#5334) 2018-09-13 14:23:24 -07:00
Becca Petrin b2ff87c9c2
Poll for new creds in the AWS auth agent (#5300) 2018-09-12 13:30:57 -07:00
Jeff Mitchell d96d10957c Update some text around encrypting with agent 2018-09-11 15:05:44 -04:00
Becca Petrin 625592c5e6
update to match aws (#5315) 2018-09-11 11:10:50 -07:00
Brian Shumate 67bd5e460b Docs: namespaces edit lookup subcommand text (#5310)
* Docs: namespaces edit lookup subcommand text

* precise
2018-09-10 11:56:01 -04:00
Jeff Mitchell f61a3709ee Finish updating jwt auth docs 2018-09-10 11:46:50 -04:00
mg db56672529 resolve incorrect scope (#5307)
https://github.com/terraform-providers/terraform-provider-azurerm/issues/943

> Turns out the problem is that the scope was invalid. There was a missing s on resourceGroup. The error message though is absolutely awful for detecting that.
2018-09-07 16:56:02 -07:00
Joakim Bakke Hellum 6331f8bdf3 Fix typos in Azure Secrets Engine docs (#5295) 2018-09-06 15:31:19 -07:00
Jeff Mitchell c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly (#5280)
* Allow most parts of Vault's logging to have its level changed on-the-fly

* Use a const for not set
2018-09-05 15:52:54 -04:00
Steven Black 0a482e9bd2 Fix misspelling (#5279) 2018-09-05 15:40:01 -04:00
Brian Shumate 76293834cc Update terminology (#5225)
- Change "key ring" references to "key" to match Transit API docs
2018-09-05 12:05:02 -04:00
Becca Petrin 7e0e49656a Add AliCloud auth to the Vault Agent (#5179) 2018-09-05 11:56:30 -04:00
Seth Vargo 81e9efb658 Fix resource binding examples (#5273) 2018-09-05 11:55:45 -04:00
RobinsonWM cf525cb934 Documentation: Corrected typo in CLI init doc (#5269) 2018-09-04 15:44:41 -06:00
Andy Manoske e8ef5afb5f
namespace docs updates
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
Jeff Mitchell 5da6fc2f77 Remove some confusing language on perf standby page 2018-08-29 19:51:23 -04:00
Jeff Mitchell 24946fe43e
Add namespace/mfa docs (#5215) 2018-08-28 15:33:34 -07:00
Jeff Mitchell b509ea4926 Make the usernames match in all examples in userpass 2018-08-28 18:33:00 -04:00
Brian Kassouf 85f06f7e88
Add Performance Standby Docs (#5214)
* Add Performance Standby Docs

* Review updates
2018-08-28 12:48:02 -07:00
Frederic Hemberger d343f00b64 Fix ssh command in example (#5209) 2018-08-28 12:34:48 -07:00
Jeff Mitchell 2a8e510a27 Document disable_performance_standby 2018-08-28 12:09:13 -04:00
Austin Workman e8991e8fe9 Adding documentation clarifying oracle plugin setup and requirements (#5183) 2018-08-25 12:27:13 -07:00
Becca Petrin 55b3dfbcc0
use ldaps in docs (#5180) 2018-08-24 10:36:20 -07:00
Chris Hoffman e6abba9558
Revert "Add Configuration Builder and Better Download page" (#5171) 2018-08-23 19:34:50 -04:00
Joshua Ogle 6819af20b5
Merge branch 'master' into oss-download-config-path 2018-08-23 14:01:39 -06:00
Jeff Mitchell ba0d029247
Restricts ACL templating to paths but allows failures (#5167)
When a templating failure happens, we now simply ignore that path,
rather than fail all access to all policies
2018-08-23 12:15:02 -04:00
Chris Hoffman d736324b50 Docs: ACL Templating (#5159) 2018-08-23 10:05:44 -04:00
Greg Oledzki d5a3010498 Update delete.html.md (#5155)
Minor typo in `delete` command docs
2018-08-22 11:26:21 -07:00
Becca Petrin fb6a06a3fe
Alibaba auth docs (#5132) 2018-08-22 10:23:33 -07:00
Hugo Wood 203269a5d4 JWT/OIDC documentation fixes (#5157)
* Fix argument name in JWT/OIDC login CLI example

* Fix groups_claim documented as required when creating roles for JWT/OIDC
2018-08-22 10:44:08 -04:00
Chris Hoffman 4d574c1d6c
adding namespace docs (#5133) 2018-08-17 12:17:11 -04:00
Andy Manoske 50edc43df0
Merge pull request #5112 from hashicorp/namespaces-docs
Merge for Beta Launch
2018-08-16 15:36:43 -07:00
Andy Manoske de52752e86
Update index.html.md
Updated to include Yoko's guide URL
2018-08-16 13:38:24 -07:00
Jim Kalafut 4ced3b0f77
Initial Azure Secrets docs (#5121) 2018-08-16 12:10:56 -07:00
brianvans f79385346f Add ha_enabled for mysql backend (#5122)
* Slight cleanup around mysql ha lock implementation

* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run

* Add `ha_enabled` option for mysql storage

It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
2018-08-16 11:03:16 -07:00
Yamamoto, Hirotaka 6673e579a0 [etcd] fix the deafult prefix in website (#5116)
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.

However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.
2018-08-16 10:38:11 -04:00
Joel Thompson 0941c7a24a Make AWS credential types more explicit (#4360)
* Make AWS credential types more explicit

The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.

With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.

Fixes #4229
Fixes #3751
Fixes #2817

* Add missing write action to STS endpoint

* Allow unsetting policy_document with empty string

This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.

* Respond to some PR feedback

* Refactor and simplify role reading/upgrading

This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.

* Eliminate duplicated AWS secret test code

The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.

* Switch to use AWS ARN parser
2018-08-16 06:38:13 -04:00
Andy Manoske bd4c047713
Update index.html.md 2018-08-15 17:44:36 -07:00
Andy Manoske 9d41d4c407
Update index.html.md 2018-08-15 17:44:00 -07:00
Christoph Ludwig 24a368c1ba Add support for "sovereign" Azure cloud environments (#4997)
* Add support for "sovereign" Azure cloud environments

* Shorten variable names
2018-08-15 19:40:36 -04:00
Andy Manoske 0a71ea9a58
Create index.html.md 2018-08-15 15:27:11 -07:00
RichardWLaub 8d7a983bba Update usage section for kv-v1 docs (#5105)
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:

```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```

Running `vault kv list kv/` gives the desired output. 

Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
Seth Vargo 324c8fab24 Fix docs typo (service-account => service_account) (#5102)
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
Gerald 9192bd6b07 Add ttl params into csr signing docs (#5094) 2018-08-13 23:38:03 -04:00
Jim Kalafut 3822e2997b
Clarify "Commands" docs (#5092)
Fixes #4890
2018-08-13 14:09:48 -07:00
Nándor István Krácser b9fab6375b Alibaba Object Storage support (#4783) 2018-08-13 17:03:24 -04:00
Michael Schuett 63e7ac034f MySQL HA Backend Support (#4686) 2018-08-13 17:02:31 -04:00
Jim Kalafut aa8dac9bd2
Add RDS notes to MSSQL docs (#5062) 2018-08-10 08:52:21 -07:00
Jeff Mitchell 65d2cc768c Website typo fix 2018-08-08 15:53:40 -04:00
Jeff Escalante 2a21e85580 html syntax corrections (#5009) 2018-08-07 10:34:35 -07:00
Joshua Ogle f0f4097470 Javascript refactor for configuration builder 2018-08-06 11:55:36 -06:00
Joshua Ogle c4ef5fdece JS Feedback fixes, make UI default on click 2018-08-03 22:57:17 -06:00
Chris Hoffman 59a0099f89 Add Configuration Builder and Better Download page
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
Jason Martin df3e3ba43d Fix typo in the AWS STS AssumeRole docs. (#5032) 2018-08-02 22:57:24 -07:00
Jeff Mitchell 62bcbd3dfe Fix website typo 2018-08-01 16:52:11 -04:00
Jeff Mitchell a6d0ae5890
Add exit-after-auth functionality to agent (#5013)
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.

Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
Pat Downey 0ad44a7ac5 Expand TOFU acronym in AWS auto-auth docs (#5011) 2018-07-29 18:05:49 -07:00
Michael Herman 05f944c580 Update index.html.md (#5005) 2018-07-27 15:30:59 -04:00
Jeff Mitchell e72890e83f
VSI (#4985) 2018-07-24 22:02:27 -04:00
Olivier Lemasle 4604c00018 State in docs that FoundationDB backend is community supported (#4964) 2018-07-20 09:59:13 -04:00
Peter Vandenabeele db2970623d Fix small typo in Vault website documentation (#4962) 2018-07-20 09:57:16 -04:00
Brian Shumate e2dd0864c4 Add missing telemetry metrics (#4785)
* Add missing telemetry metrics

- Add merkle related telemetry
- Add WAL related telemetry

* additional wal metrics

* Use correct metrics naming
2018-07-19 18:36:55 -04:00
Chris Hoffman 712652c318
Fixing formatting 2018-07-19 10:36:09 -04:00
Chris Hoffman 6a169ab00d
Adding information on required azure permissions (#4956) 2018-07-19 10:24:55 -04:00
Julien Blache c8fb9ed6a8 FoundationDB physical backend (#4900) 2018-07-16 10:18:09 -04:00
Seth Vargo 1259ee6743 Add plugin CLI for interacting with the plugin catalog (#4911)
* Add 'plugin list' command

* Add 'plugin register' command

* Add 'plugin deregister' command

* Use a shared plugin helper

* Add 'plugin read' command

* Rename to plugin info

* Add base plugin for help text

* Fix arg ordering

* Add docs

* Rearrange to alphabetize

* Fix arg ordering in example

* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
Seth Vargo a379989da4 Update GCP docs (#4898)
* Consistently use "Google Cloud" where appropriate

* Update GCP docs

This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
Jeff Mitchell 2322eabc68
Add jwt auth docs (#4891) 2018-07-11 15:08:49 -04:00
Md. Nure Alam Nahid 7b9bedf94d Add additional config keys for swift (#4901)
* Add additional config keys for swift

* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
Seth Vargo 408fc1eac0 Properly capitalize H in GitHub (#4889)
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
Jeff Mitchell 4a3fe87a39
Allow max request size to be user-specified (#4824)
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Chris Bednarski 514ffac5e2 Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners (#4862) 2018-07-06 08:51:51 -04:00
Calvin Leung Huang 04332f5b3f
Add missing replication props, prettify tables (#4816)
* Add missing request.replication props, prettify tables

* Fix location of replication prop
2018-07-05 16:11:21 -04:00
Chris Hoffman 32c94b2638
Update docs 2018-07-03 08:28:43 -04:00
Brian Shumate 7b106683f0 Clarify policies note (#4832)
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
Chris Hoffman 6b7d215e7e
Clarify performance replication token handling 2018-06-29 09:32:35 -04:00
Logan Rakai 619dd3c6ed Typo fix (#4822) 2018-06-23 16:34:25 -07:00
Logan Rakai 59b87fae53 Small grammar fix (#4821) 2018-06-22 21:59:39 -07:00
Jeff Mitchell 2410a11156 Add a warning to syslog
Ping #3617
2018-06-22 09:00:07 -04:00
Steven Farage fadb3eb6fd Make documentation match API example (#4809)
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
Becca Petrin 73cbbe2a9f Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00
Calvin Leung Huang 418513bbd9 Be explicit about trailing slash on paths for list capability (#4793) 2018-06-19 12:10:39 -04:00
Laura Uva 4cae4abbab Add example of min_wrapping_ttl and max_wrapping_ttl (#4753) 2018-06-18 19:59:21 -04:00
Jeff Mitchell 762f08eac2 Mention delegating change password privs in ad docs 2018-06-15 17:01:47 -04:00
Jeff Mitchell 164c7225f1 Remove msa info from AD page 2018-06-15 16:55:28 -04:00
Nándor István Krácser d4303bc53e docs: kv 2 is used by default in the dev server only (#4773) 2018-06-15 09:09:27 -04:00
Laura Uva 44e874e06f Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) (#4754) 2018-06-13 16:44:15 -07:00
Becca Petrin aa390e0e7e
add link to api docs (#4757) 2018-06-13 09:35:37 -07:00
Pavlos Ratis 49834a3a83 Use shell highlighting in the command snippets (#4736) 2018-06-11 08:46:35 -04:00
Chris Hoffman 611244d337
Update gcpckms.html.md 2018-06-08 17:07:59 -04:00
Chris Hoffman 3a690656ee
fix typo 2018-06-08 17:05:17 -04:00
Chris Hoffman 5d07ff7c7a
Adding Azure Key Vault seal docs (#4728) 2018-06-08 17:04:14 -04:00
Brian Shumate d2519da5ad Tiny formalized edit (#4715) 2018-06-07 06:44:57 -07:00
Kevin Hicks ed7992e8ae update docs and help text to include 'operator' (#4712) 2018-06-06 21:11:21 -07:00
Jeff Mitchell 4b7d2bed01 Transit convergent v3 2018-06-05 18:53:39 -04:00
LeSuisse 809079cac2 Update usage of deprecated commands rekey and rotate in the documentation (#4703) 2018-06-05 12:37:26 -04:00
Nándor István Krácser a36f91101a Fix VAULT_LOG_LEVEL in docs (#4696) 2018-06-05 10:23:32 -04:00
Becca Petrin 6cafb12ff4 be more explicit about names (#4695) 2018-06-04 21:34:17 -04:00
emily 192c228931 Add GCP auth helper (#4654)
* update auth plugin vendoring

* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
Becca Petrin 606889f005
Docs for the upcoming Active Directory secrets engine (#4612) 2018-05-29 08:49:09 -07:00
Chris Hoffman 43c5030eca
pkcs11 docs updates 2018-05-25 15:39:07 -04:00
Chris Hoffman 3db5a6adaa
updating link 2018-05-22 10:00:20 -04:00
Reid Wiggins 9813794bc2 Add documentation for MySQL 5.6 root rotation (#4584)
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.

Fixes #4567
2018-05-18 08:56:11 -07:00
Romain Vrignaud 9050bc809b Rename Google Container Engine to Google Kubernetes Engine (#4586) 2018-05-18 08:19:56 -07:00
Jeff Mitchell 124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
Update policies.html.md
2018-05-17 09:14:35 -07:00
Jeff Mitchell 38f5f5f783
Updated for new syntax 2018-05-17 09:14:12 -07:00
Seth Vargo 21e79035e0 Move UI docs from enterprise to OSS (#4565) 2018-05-17 08:48:10 -07:00
Tavis Wilson 50e05056d3
Update policies.html.md 2018-05-16 14:35:30 -05:00
Jeff Mitchell aa98f33f63 Mention that you can actually rekey when using an HSM 2018-05-13 16:49:42 -04:00
Jeff Mitchell 821d347375 Update HSM documentation and fix GCP docs build 2018-05-13 16:39:22 -04:00
Robbie McKinstry 9765779622 Client side rate limiting (#4421) 2018-05-11 10:42:06 -04:00
Seth Vargo a4fa046730 Update GCP secrets to be example-driven (#4539)
👍
2018-05-10 16:58:22 -04:00
Tyler Marshall 407550bd89 Fix minor spelling mistake (#4548) 2018-05-10 13:42:01 -07:00
Shelby Moore f8e1f82225 Updated proxy protocol config validation (#4528) 2018-05-09 10:53:44 -04:00
Jacob Friedman 64bb0bd58a Updated link for k8s-tokenreview (#4523)
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
2018-05-08 13:36:12 -07:00
Chris Hoffman 7c0e590f54
docs update 2018-05-07 16:34:39 -04:00
Chris Hoffman e7bbe6fbed
docs updates 2018-05-07 16:33:38 -04:00
Chris Hoffman 049df3da3e
updating pkcs11 docs (#4520) 2018-05-07 13:50:45 -04:00
Jerome Cheng d180e45cf5 Fix incorrect file path in Token Helper doc (#4499)
Vault stores the token in `~/.vault-token` and not `~/.vault_token`.
2018-05-02 21:56:38 -07:00
Nathan Valentine 608f013bf2 s/aws_region/region/ (#4497)
The correct key name is 'region' as opposed to 'aws_region'.
2018-05-02 14:25:03 -07:00
Fabrizio Cucci cef52dae90 Fix role of example in Kubernetes Auth Method (#4483)
It was `test` but it should be `demo` to be aligned with the example.
2018-05-01 15:04:53 -07:00
Pavlos Ratis cd344bdbb8 [website] fix Markdown formatting on GCP page (#4471) 2018-04-27 09:13:07 -07:00
Jim Kalafut 7f69ff0546 Minor updates to Azure auth docs 2018-04-27 08:47:06 -07:00
emily 8a309e6406 fix docs (#4466) 2018-04-26 16:54:19 -04:00
Jeff Mitchell 0f806d0950 Remove out of date text on HSM rekeying 2018-04-26 10:10:30 -04:00
Jim Kalafut 063c225f97
Fix typo in aws auth docs 2018-04-25 22:57:39 -07:00
Andrew Speed 418be4cb54 Fix authentication example mentioning vault auth but using vault login (#4458) 2018-04-25 14:59:38 -07:00
Chris Hoffman fba759ab97
fix document formatting 2018-04-25 10:16:41 -04:00
Chris Hoffman 2d05034dd3
Seal Rotation Docs (#4449)
* wip docs

* adding docs

* removing vendor supported mechanism
2018-04-25 09:59:06 -04:00
Becca Petrin 639dc005ee
uppercase Vault in plugin doc (#4442) 2018-04-24 10:41:37 -07:00
Jeff Mitchell 0882e5afb6 Update audit text to make it clear that audit logs are for authenticated interactions 2018-04-23 10:49:32 -04:00
Malhar Vora 45fe086107 Corrects description for mode option in ssh command (#4420)
Fixes #4375
2018-04-22 13:42:46 -04:00
Malhar Vora 739362b081 Correct typo in Kubernetes auth backend docs
Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend
documentation.

Fixes #4417
2018-04-21 19:37:59 -07:00
Jeff Mitchell 6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. (#4412)
Fixes #815
2018-04-21 10:49:16 -04:00
Alvin Huang 84ffdbb7b5 remove redundant 'Vault' in approle docs (#4405) 2018-04-20 09:55:15 -04:00