Commit graph

2457 commits

Author SHA1 Message Date
RobinsonWM cf525cb934 Documentation: Corrected typo in CLI init doc (#5269) 2018-09-04 15:44:41 -06:00
Jeff Mitchell 761f06d3a3
Update index.html.md 2018-09-04 12:15:05 -04:00
Dan Brown d7d6c295b4 Update Azure VM sizes in Reference Architecture (#5251) 2018-09-03 20:24:27 -07:00
Yoko 0da1c762cb
[Guide] Updates on Namespaces guide (#5243)
* Added 'Additional Discussion' section

* s/at the root/in the root namespace/

* one more place that I said 'at the root' - fixed
2018-08-31 18:24:07 -07:00
Chris Hoffman 218ca527be
adding known issue 2018-08-31 17:29:21 -04:00
Yoko 5cfc84238d
Fixed the incomplete sentense (#5240) 2018-08-31 11:37:28 -07:00
Yoko c52f3c5a24
[Guide] ACL Templating (#5226)
* WIP - ACL Templating

* WIP

* WIP - ACL Templating

* WIP

* Updated

* ACL Policy Templating guide

* Updated to use kv-v2 instead of kv

* Fixed the incomplete sentense and cleaned it up a little

* WIP Formatting and grammar

* Minor fixes
2018-08-31 09:06:43 -07:00
Chris Hoffman 3f56e989a3
adding known issues section 2018-08-30 19:09:30 -04:00
Yoko 2e7e2778e1
[Guide] Update for Vault HA (0.11) (#5104)
* For 0.11 - Performance Nodes

* Added the doc link

* Performance Node -> Performance Standby Nodes

* Updated to say 'most read-only requests'
2018-08-30 14:45:34 -07:00
Andy Manoske e8ef5afb5f
namespace docs updates
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
Yoko cc8eceb849
[Guide] Fixed the reported issue (#5230)
* Fixed the message

* Fixed the message
2018-08-30 09:45:18 -07:00
Jeff Mitchell b1f462d7f9 Fix up sidebar JWT description 2018-08-30 12:00:20 -04:00
Jeff Mitchell 5da6fc2f77 Remove some confusing language on perf standby page 2018-08-29 19:51:23 -04:00
Brian Shumate eeb3b71fc0 Minor edits (#5221)
- Correct typo
- Remove trailing spaces
2018-08-29 12:01:33 -04:00
Chris Hoffman 774359f3b5
adding namespaces example 2018-08-29 11:26:23 -04:00
Jeff Mitchell 24946fe43e
Add namespace/mfa docs (#5215) 2018-08-28 15:33:34 -07:00
Jeff Mitchell b509ea4926 Make the usernames match in all examples in userpass 2018-08-28 18:33:00 -04:00
Brian Kassouf 85f06f7e88
Add Performance Standby Docs (#5214)
* Add Performance Standby Docs

* Review updates
2018-08-28 12:48:02 -07:00
Frederic Hemberger d343f00b64 Fix ssh command in example (#5209) 2018-08-28 12:34:48 -07:00
Jeff Mitchell 5cf0e3e87e
Update API section index file with fixes, updates, and namespace info. (#5213) 2018-08-28 12:33:19 -07:00
Chris Hoffman 4b87a0fd2c
remove beta language 2018-08-28 14:00:55 -04:00
Yoko d28e993e1b
Added Deployment Guide in the index (#5211) 2018-08-28 10:55:30 -07:00
Jeff Mitchell d56682ee9d Update upgrade guide 2018-08-28 12:17:43 -04:00
Jeff Mitchell d986c8813b Update upgrade guide for 0.11.0 2018-08-28 12:12:40 -04:00
Jeff Mitchell 2a8e510a27 Document disable_performance_standby 2018-08-28 12:09:13 -04:00
Chris Hoffman c81efa0fa2
fixing link 2018-08-28 07:19:35 -04:00
Dan Brown 9954bddcf0 Add Deployment Guide, links and reformat Ref Arch (#5041)
* Add Deployment Guide, links and reformat Ref Arch

* Improve systemd service file and links
2018-08-28 04:53:36 -06:00
Jeff Mitchell efadc93c4a Update version numbers 2018-08-28 02:41:24 -04:00
Jim Kalafut abe86a48f4 Fix Azure Secrets API example 2018-08-27 20:44:00 -06:00
Austin Workman e8991e8fe9 Adding documentation clarifying oracle plugin setup and requirements (#5183) 2018-08-25 12:27:13 -07:00
Becca Petrin 55b3dfbcc0
use ldaps in docs (#5180) 2018-08-24 10:36:20 -07:00
Laura Gjerman-Uva 70bf87c25b Update ad/creds/:rolename endpoint to include the table with method/path for consistency/clarity. Also, remove payload.json from example, since this endpoint doesn't take a payload. (#5172) 2018-08-24 09:19:51 -07:00
Chris Hoffman e6abba9558
Revert "Add Configuration Builder and Better Download page" (#5171) 2018-08-23 19:34:50 -04:00
Jim Kalafut 7eb0403ad2
Fix Azure Secrets docs error 2018-08-23 14:27:47 -07:00
Joshua Ogle 6819af20b5
Merge branch 'master' into oss-download-config-path 2018-08-23 14:01:39 -06:00
Jeff Mitchell ba0d029247
Restricts ACL templating to paths but allows failures (#5167)
When a templating failure happens, we now simply ignore that path,
rather than fail all access to all policies
2018-08-23 12:15:02 -04:00
Chris Hoffman d736324b50 Docs: ACL Templating (#5159) 2018-08-23 10:05:44 -04:00
Jim Kalafut 18b21275d9 Fix docs typos (#5158) 2018-08-22 18:26:48 -04:00
Greg Oledzki d5a3010498 Update delete.html.md (#5155)
Minor typo in `delete` command docs
2018-08-22 11:26:21 -07:00
Becca Petrin fb6a06a3fe
Alibaba auth docs (#5132) 2018-08-22 10:23:33 -07:00
Chris Hoffman 52af323257
fixing feature name 2018-08-22 11:41:28 -04:00
Chris Hoffman b1c5e1f91c
fixing feature name 2018-08-22 11:40:48 -04:00
Hugo Wood 203269a5d4 JWT/OIDC documentation fixes (#5157)
* Fix argument name in JWT/OIDC login CLI example

* Fix groups_claim documented as required when creating roles for JWT/OIDC
2018-08-22 10:44:08 -04:00
Stenio Ferreira 8dfedb2693 Fixed a typo in the Namespaces guide (#5151) 2018-08-21 13:33:40 -07:00
Jeff Mitchell e58a8a63a7
Add the ability to specify token CIDR restrictions on secret IDs. (#5136)
Fixes #5034
2018-08-21 11:54:04 -04:00
Jeff Mitchell 051bb9fc13
Two PKI improvements: (#5134)
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
2018-08-21 11:20:57 -04:00
Gerardo Rodriguez 43c733b460 Edit, missing "to" (#5147) 2018-08-21 11:09:41 -04:00
Chris Hoffman 4d574c1d6c
adding namespace docs (#5133) 2018-08-17 12:17:11 -04:00
Chris Hoffman d25b7fa477
Add additional clarification 2018-08-17 08:55:49 -04:00
Raja Nadar 797141f8ae vaultsharp - multi platform capabilities (#5127) 2018-08-17 08:47:16 -04:00
Yoko 56636735bc [Guide] Multi-Tenant Pattern with ACL Namespaces (0.11) (#5103)
* WIP - ACL Namespace

* WIP - ACL Namepaces

* WIP

* WIP

* WIP

* WIP

* WIP

* Added UI screenshots

* Added summary at the end

* Added the Web UI steps in Step 5

* Update multi-tenant.html.md

Updated text to ensure that we use the final "ship" name of namespaces (namespaces vs. ACL Namespaces) and introduced some industry-specific terminology (highlighting this is about Secure Multi-Tenancy)
2018-08-16 16:51:53 -07:00
Andy Manoske 50edc43df0
Merge pull request #5112 from hashicorp/namespaces-docs
Merge for Beta Launch
2018-08-16 15:36:43 -07:00
Chris Hoffman b18d9cc830
doc updates 2018-08-16 17:59:39 -04:00
Brian Kassouf bf77a69f4d
Update upgrade-to-0.11.0.html.md 2018-08-16 14:29:18 -07:00
Brian Kassouf 95800f76b0
Add upgrade notes (#5125) 2018-08-16 14:22:27 -07:00
Andy Manoske 8ef8da0886
Update docs.erb 2018-08-16 13:44:13 -07:00
Andy Manoske de52752e86
Update index.html.md
Updated to include Yoko's guide URL
2018-08-16 13:38:24 -07:00
Clint 96d8bd4bf7 [WIP] Support custom max Nomad token name length [supersedes https://github.com/hashicorp/vault/pull/4361] (#5117)
* Nomad: updating max token length to 256

* Initial support for supporting custom max token name length for Nomad

* simplify/correct tests

* document nomad max_token_name_length

* removed support for max token length env var. Rename field for clarity

* cleanups after removing env var support

* move RandomWithPrefix to testhelpers

* fix spelling

* Remove default 256 value. Use zero as a sentinel value and ignore it

* update docs
2018-08-16 15:48:23 -04:00
Jim Kalafut 4ced3b0f77
Initial Azure Secrets docs (#5121) 2018-08-16 12:10:56 -07:00
brianvans f79385346f Add ha_enabled for mysql backend (#5122)
* Slight cleanup around mysql ha lock implementation

* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run

* Add `ha_enabled` option for mysql storage

It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
2018-08-16 11:03:16 -07:00
Yamamoto, Hirotaka 6673e579a0 [etcd] fix the deafult prefix in website (#5116)
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.

However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.
2018-08-16 10:38:11 -04:00
Joel Thompson 0941c7a24a Make AWS credential types more explicit (#4360)
* Make AWS credential types more explicit

The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.

With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.

Fixes #4229
Fixes #3751
Fixes #2817

* Add missing write action to STS endpoint

* Allow unsetting policy_document with empty string

This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.

* Respond to some PR feedback

* Refactor and simplify role reading/upgrading

This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.

* Eliminate duplicated AWS secret test code

The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.

* Switch to use AWS ARN parser
2018-08-16 06:38:13 -04:00
Andy Manoske bd4c047713
Update index.html.md 2018-08-15 17:44:36 -07:00
Andy Manoske 9d41d4c407
Update index.html.md 2018-08-15 17:44:00 -07:00
Clint 48e5c71b33 Update apis.html.md (#5071)
We disable TLS for example purposes, not exemplary purposes 😄
2018-08-15 19:41:29 -04:00
Christoph Ludwig 24a368c1ba Add support for "sovereign" Azure cloud environments (#4997)
* Add support for "sovereign" Azure cloud environments

* Shorten variable names
2018-08-15 19:40:36 -04:00
Andy Manoske 0a71ea9a58
Create index.html.md 2018-08-15 15:27:11 -07:00
RichardWLaub 8d7a983bba Update usage section for kv-v1 docs (#5105)
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:

```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```

Running `vault kv list kv/` gives the desired output. 

Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
Seth Vargo 324c8fab24 Fix docs typo (service-account => service_account) (#5102)
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
Gerald 9192bd6b07 Add ttl params into csr signing docs (#5094) 2018-08-13 23:38:03 -04:00
Yoko 1395d6ea1a
[Guide] Control Groups (#5072)
* Control Group guide

* Fixed user policy list

* Fixed a typo

* Replaced the wrong screenshot

* Added missing period
2018-08-13 14:51:32 -07:00
Frank Allenby ddc77d62f0 Added a link to the "previous section" mentioned (#5018)
This is for clarity since I had to check back to remember where it was mentioned.
2018-08-13 17:13:42 -04:00
Jim Kalafut 3822e2997b
Clarify "Commands" docs (#5092)
Fixes #4890
2018-08-13 14:09:48 -07:00
Nándor István Krácser b9fab6375b Alibaba Object Storage support (#4783) 2018-08-13 17:03:24 -04:00
Michael Schuett 63e7ac034f MySQL HA Backend Support (#4686) 2018-08-13 17:02:31 -04:00
Jim Kalafut 92f0e1a39e Revert "Add ttl parameter to pki api docs (#5063)"
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
2018-08-13 09:34:05 -07:00
Yoko 140e3d5402
[Guide] Vault Cluster Monitoring Guide (#5084)
* Vault cluster monitoring guide

* Updated the download link

* Fixed broken link
2018-08-10 13:52:02 -07:00
Jim Kalafut aa8dac9bd2
Add RDS notes to MSSQL docs (#5062) 2018-08-10 08:52:21 -07:00
Jeff Mitchell 65d2cc768c Website typo fix 2018-08-08 15:53:40 -04:00
Jim Kalafut 7b7f1cc7ff
Add ttl parameter to pki api docs (#5063) 2018-08-08 09:12:14 -07:00
Conor Mongey 5454c15a7e Fix typo: Consult Template -> Consul Template (#5066) 2018-08-08 09:01:45 -07:00
Ian Grayson 931c289b95 Update policies.html.md (#5007)
Allow admins to run CLI: `vault secrets list`
2018-08-07 10:35:23 -07:00
Jeff Escalante 2a21e85580 html syntax corrections (#5009) 2018-08-07 10:34:35 -07:00
Rob ca3aa1f36b Update dev-server.html.md (#5035)
The instructions were in backwards order. #3591
2018-08-07 10:33:30 -07:00
Yoko 3ae63b06d7
Typo fix (#5052) 2018-08-06 15:50:39 -07:00
Yoko ef6579fed5
[Guide] Sentinel Policies (#5049)
* Sentinel policies guide

* Typo fix
2018-08-06 15:39:32 -07:00
Yoko 06491fa6a6
[Guide] SSH Secrets Engine (#5022)
* OTP SSH guide

* Fixed the required policy

* Added the step to restart the SSH server

* Update ssh-otp.html.md

Just a few edits to highlight its cloud context. Looks great otherwise!
2018-08-06 15:04:24 -07:00
Yoko fee3c2072d
[Guide] Build Your Own CA Guide (#4995)
* WIP

* WIP

* WIP - Jake's PKI demo

* WIP

* PKI secret engine guide

* Added little more description about role

* Added tidy step

* Fixed a broken link
2018-08-06 14:42:46 -07:00
Joshua Ogle 3975a2cddc Better OS highlighting 2018-08-06 12:30:31 -06:00
Joshua Ogle f0f4097470 Javascript refactor for configuration builder 2018-08-06 11:55:36 -06:00
Joshua Ogle c7bd0145c0 Better JavaScript line wrapping in configuration 2018-08-03 23:37:58 -06:00
Joshua Ogle c4ef5fdece JS Feedback fixes, make UI default on click 2018-08-03 22:57:17 -06:00
Joshua Ogle e7bd3efc04
Merge branch 'master' into oss-download-config-path 2018-08-03 16:53:45 -06:00
Chris Hoffman 59a0099f89 Add Configuration Builder and Better Download page
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
Olivier Lemasle fcb82c2444 Fix two errors in docs (#5042)
Two small errors in documentation
2018-08-03 14:26:46 -07:00
Jim Kalafut 8e91555807 Fix docs sidebar layout 2018-08-03 09:15:45 -07:00
Jason Martin df3e3ba43d Fix typo in the AWS STS AssumeRole docs. (#5032) 2018-08-02 22:57:24 -07:00
Gerald 43183af2c8 Fix gcp auth method link (#5030) 2018-08-02 22:55:59 -07:00
Jiang Yong 4841309cdf correct Jenkins policy and mysql secret path when kv put in authentication guide (#5023)
* correct Jenkins policy and mysql secret path when kv put

* add a note for kv-v2 secret
2018-08-02 08:38:51 -07:00
Jeff Mitchell 62bcbd3dfe Fix website typo 2018-08-01 16:52:11 -04:00
Yoko 9c6a14ba6b
[Guide] Identity: Entities & Groups (#4968)
* Entities & Groups tutorial

* Re-wordig the persona section

* Incorporated the feedback

* Updated the policy requirements

* Incorporate the feedback

* Fixed grammar

* Made the final small adjustments
2018-08-01 11:07:09 -07:00
Raja Nadar 56fcd2e7b3 .net 2.0 standard leap (#5019)
2.0 is more conducive for consumers
2018-08-01 08:57:49 -04:00
Yoko aadfccaa6b
[Guide] Direct App Integration guide (#4948)
* Direct App Integration guide

* Added a tag for step3
2018-07-31 09:19:23 -07:00
Sean Malloy 7e9ec5afb4 Fix GCP auth docs typo (#5017)
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
2018-07-31 10:57:34 -04:00
Jeff Mitchell a6d0ae5890
Add exit-after-auth functionality to agent (#5013)
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.

Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
Pat Downey 0ad44a7ac5 Expand TOFU acronym in AWS auto-auth docs (#5011) 2018-07-29 18:05:49 -07:00
Yoko 3d8bf1441b
[Guide] Transit Secrets Engine beginner guide (#4943)
* Intro to Transit Secrets Engine guide

* Added the Katacoda scenario link in the Reference Materials section

* Referencig this guide in the existing encryption guides
2018-07-27 16:08:52 -07:00
Michael Herman 05f944c580 Update index.html.md (#5005) 2018-07-27 15:30:59 -04:00
Chris Hoffman 083157cb24
adding environment to azure auth docs (#5004) 2018-07-27 08:33:20 -04:00
Chris Hoffman d02284657e
adding missing properties (#5003) 2018-07-27 08:19:12 -04:00
Chris Hoffman c13ef667d3
adding upgrade guide for 0.10.4 (#4992) 2018-07-25 12:54:48 -04:00
Jeff Mitchell 6e1e326199 Prep for 0.10.4 2018-07-25 09:52:09 -04:00
Jeff Mitchell e72890e83f
VSI (#4985) 2018-07-24 22:02:27 -04:00
Chris Hoffman b37c05cf64
updating azure auth plugin and docs (#4975) 2018-07-23 10:00:44 -04:00
Jim Kalafut a16300e593
Add FoundationDB link to sidebar 2018-07-20 20:10:52 -07:00
Yoko 3cd55dc26d
Git repo folder name changed (#4969) 2018-07-20 11:46:12 -07:00
Olivier Lemasle 4604c00018 State in docs that FoundationDB backend is community supported (#4964) 2018-07-20 09:59:13 -04:00
Peter Vandenabeele db2970623d Fix small typo in Vault website documentation (#4962) 2018-07-20 09:57:16 -04:00
Brian Shumate e2dd0864c4 Add missing telemetry metrics (#4785)
* Add missing telemetry metrics

- Add merkle related telemetry
- Add WAL related telemetry

* additional wal metrics

* Use correct metrics naming
2018-07-19 18:36:55 -04:00
Chris Hoffman 712652c318
Fixing formatting 2018-07-19 10:36:09 -04:00
Chris Hoffman 6a169ab00d
Adding information on required azure permissions (#4956) 2018-07-19 10:24:55 -04:00
John Naulty Jr 498a8d9456 fix Issue #4952 static-secrets small typo (#4953) 2018-07-18 22:36:47 -07:00
Tomohisa Oda 9ff2081e8b add sequelize-vault to third-party tools (#4945) 2018-07-17 21:45:37 -07:00
Yoko b41a1c6134
Updated - Secure Introduction to Vault Clients guide (#4944)
* Incorporated Armon's feedback

* Added a diagram
2018-07-17 15:54:48 -07:00
Yoko 67b349a107
Secure Introduction to Vault Clients Guide (#4871)
* WIP

* WIP - Secure Intro Guide

* WIP secure intro guide

* WIP Secure Intro Guide

* WIP Secure Intro Guide

* WIP Secure Intro Guide
2018-07-16 15:17:52 -07:00
Julien Blache c8fb9ed6a8 FoundationDB physical backend (#4900) 2018-07-16 10:18:09 -04:00
Ram Nadella 493752334a Fix environment mismatch in MySQL cert step (#4835) 2018-07-16 10:13:44 -04:00
Seth Vargo 1259ee6743 Add plugin CLI for interacting with the plugin catalog (#4911)
* Add 'plugin list' command

* Add 'plugin register' command

* Add 'plugin deregister' command

* Use a shared plugin helper

* Add 'plugin read' command

* Rename to plugin info

* Add base plugin for help text

* Fix arg ordering

* Add docs

* Rearrange to alphabetize

* Fix arg ordering in example

* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
dmicanzerofox a3d067c00b PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired (#4916) 2018-07-13 09:32:32 -04:00
Seth Vargo a379989da4 Update GCP docs (#4898)
* Consistently use "Google Cloud" where appropriate

* Update GCP docs

This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
Jeff Mitchell 2322eabc68
Add jwt auth docs (#4891) 2018-07-11 15:08:49 -04:00
Jeff Mitchell 935c045cfa
Fix permitted dns domain handling (#4905)
It should not require a period to indicate subdomains being allowed

Fixes #4863
2018-07-11 12:44:49 -04:00
Md. Nure Alam Nahid 7b9bedf94d Add additional config keys for swift (#4901)
* Add additional config keys for swift

* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
Seth Vargo 408fc1eac0 Properly capitalize H in GitHub (#4889)
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
Jeff Mitchell bfb7ba3843 Remove vault.rocks from some that were missed 2018-07-10 10:47:30 -04:00
Jeff Mitchell 4a3fe87a39
Allow max request size to be user-specified (#4824)
* Allow max request size to be user-specified

This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.

This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.

* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Kawsar Kamal 66f035edc4 Fixed example file extensions from .hcl to .json (#4810) 2018-07-06 08:59:09 -04:00
Chris Bednarski 514ffac5e2 Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners (#4862) 2018-07-06 08:51:51 -04:00
Calvin Leung Huang 04332f5b3f
Add missing replication props, prettify tables (#4816)
* Add missing request.replication props, prettify tables

* Fix location of replication prop
2018-07-05 16:11:21 -04:00
Chris Hoffman 32c94b2638
Update docs 2018-07-03 08:28:43 -04:00
Brian Shumate 7b106683f0 Clarify policies note (#4832)
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
Jeff Mitchell 8f45bc69ba Fix tuning visibility in CLI (#4827)
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
2018-07-02 12:13:25 -04:00
Yoko dcb229d36d
Updates made by Michael Lucas (#4855)
Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.
2018-07-02 08:56:15 -07:00
Chris Hoffman 6b7d215e7e
Clarify performance replication token handling 2018-06-29 09:32:35 -04:00
Chris Hoffman 6f5b8c0e6f
adding sample request to key status api docs (#4853) 2018-06-29 09:17:51 -04:00
Matthew Irish 873c131b71
update lockfile (#4839) 2018-06-26 11:29:14 -05:00
Logan Rakai 619dd3c6ed Typo fix (#4822) 2018-06-23 16:34:25 -07:00
Logan Rakai 59b87fae53 Small grammar fix (#4821) 2018-06-22 21:59:39 -07:00
Jeff Mitchell 2410a11156 Add a warning to syslog
Ping #3617
2018-06-22 09:00:07 -04:00
Kevin Hicks cda793f5b3 Fix typos (#4813) 2018-06-21 12:29:18 -07:00
Yoko 01d50cd3eb
Fixed a typo (#4812) 2018-06-21 11:11:30 -07:00
Steven Farage fadb3eb6fd Make documentation match API example (#4809)
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
Yoko c3b7d1fbb6
Vault DR Replication Setup Guide (#4790)
* WIP DR setup guide

* Fix typos

* Added the steps to demote & disable primary

* Clarified some of the explanation
2018-06-21 08:42:35 -07:00
Jeff Mitchell bf33d5d849 Prep for release 2018-06-20 09:27:04 -04:00
Becca Petrin 73cbbe2a9f Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00
Becca Petrin d9ac83569b
clarify aws role tag doc (#4797) 2018-06-19 15:59:57 -07:00
Becca Petrin 71977637d4
Update Active Directory secret engine docs (#4788)
* active directory rotate root docs

* update doc
2018-06-19 09:11:46 -07:00
Calvin Leung Huang 418513bbd9 Be explicit about trailing slash on paths for list capability (#4793) 2018-06-19 12:10:39 -04:00
Jeff Mitchell cffb1183a8
Database updates (#4787)
* Database updates

* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted

Fixes #3544
Fixes #4782

* Add create/update info to docs
2018-06-19 11:24:28 -04:00
Ryan Loomba c558fc5f3d fix typo in Vault Encryption as a Service Guide (#4789) 2018-06-18 17:32:43 -07:00
Laura Uva 4cae4abbab Add example of min_wrapping_ttl and max_wrapping_ttl (#4753) 2018-06-18 19:59:21 -04:00
Mike Fortuno dc568f1376 Update policies.html.md (#4780)
Policy file name was incorrect, causing instructions to be unclear.
2018-06-15 15:49:09 -07:00
Mr Talbot 5551a63221 pki: add ext_key_usage to mirror key_usage and add to sign-verbatim (#4777)
* pki: add ext_key_usage parameter to role

* pki: add key_usage and ext_key_usage parameter to sign-verbatim

* pki: cleanup code as per comments
2018-06-15 18:20:43 -04:00
Jeff Mitchell 762f08eac2 Mention delegating change password privs in ad docs 2018-06-15 17:01:47 -04:00
Jeff Mitchell 164c7225f1 Remove msa info from AD page 2018-06-15 16:55:28 -04:00
Jeff Mitchell 91ca3d4b7f
Add URI SANs (#4767) 2018-06-15 15:32:25 -04:00
Nándor István Krácser d4303bc53e docs: kv 2 is used by default in the dev server only (#4773) 2018-06-15 09:09:27 -04:00
Jeff Mitchell 43d9ae5c0a
Update index.html.md
Fixes #4763
2018-06-14 10:19:38 -04:00
Laura Uva 44e874e06f Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) (#4754) 2018-06-13 16:44:15 -07:00
Brian Kassouf 1b77db5138
Update replication status (#4761)
* Update replication-performance.html.md

* Update replication-dr.html.md

* Update replication.html.md

* Update replication-dr.html.md

* Update replication-dr.html.md

* Update replication-performance.html.md

* Update replication.html.md
2018-06-13 16:43:39 -07:00
Becca Petrin aa390e0e7e
add link to api docs (#4757) 2018-06-13 09:35:37 -07:00
Yoko 7df8b15451
Vault guides example update (#4756)
* Typos in the sample payload JSON

* AWS support files were added

* yet another typo
2018-06-13 09:34:07 -07:00
Pavlos Ratis 49834a3a83 Use shell highlighting in the command snippets (#4736) 2018-06-11 08:46:35 -04:00
Tom Schlenkhoff dc7631b994 Fix typo (#4738) 2018-06-11 05:38:21 -07:00
Chris Hoffman ab6547383c
reorder sidebar 2018-06-08 17:22:27 -04:00
Chris Hoffman 611244d337
Update gcpckms.html.md 2018-06-08 17:07:59 -04:00
Chris Hoffman 3a690656ee
fix typo 2018-06-08 17:05:17 -04:00
Chris Hoffman 5d07ff7c7a
Adding Azure Key Vault seal docs (#4728) 2018-06-08 17:04:14 -04:00
Jeff Mitchell 165a622d15 Add missing sidebar links for AD 2018-06-07 10:21:22 -04:00
Brian Shumate d2519da5ad Tiny formalized edit (#4715) 2018-06-07 06:44:57 -07:00
Kevin Hicks ed7992e8ae update docs and help text to include 'operator' (#4712) 2018-06-06 21:11:21 -07:00
Jeff Mitchell cfd3672cf3 Update 0.10.2 upgrade guide 2018-06-06 10:45:15 -04:00
Jeff Mitchell ad27dc1c89 Prep for release 2018-06-05 23:54:54 -04:00
Jeff Mitchell 4b7d2bed01 Transit convergent v3 2018-06-05 18:53:39 -04:00
LeSuisse 809079cac2 Update usage of deprecated commands rekey and rotate in the documentation (#4703) 2018-06-05 12:37:26 -04:00
Eli Oxman 68ce3bed34 Add async python client to docs (#4698) 2018-06-05 10:23:56 -04:00
Nándor István Krácser a36f91101a Fix VAULT_LOG_LEVEL in docs (#4696) 2018-06-05 10:23:32 -04:00
Becca Petrin 6cafb12ff4 be more explicit about names (#4695) 2018-06-04 21:34:17 -04:00
amcbarnett 55eb4a997d Update mount-filter.html.md (#4656) 2018-05-30 08:28:51 -04:00
emily 192c228931 Add GCP auth helper (#4654)
* update auth plugin vendoring

* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
Becca Petrin 9228659c5c
add formatter to ad docs (#4653) 2018-05-29 16:47:46 -07:00
Eduardo Criado Mascaray f5c18d58ef Fix typo in group parameter in Vault systemd file (#4642) 2018-05-29 15:04:43 -04:00
Viacheslav Vasilyev d8d6be423b Make test-case output a little bit consistent (#4645)
As well as in some places `-d` were incorrectly replaced with `--data`, sample commands with `accessor` were added
2018-05-29 15:03:33 -04:00
Jeff Mitchell bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification
Rekey verification, allowing new key shares to be confirmed before committing the new key.
2018-05-29 15:00:07 -04:00
Becca Petrin 606889f005
Docs for the upcoming Active Directory secrets engine (#4612) 2018-05-29 08:49:09 -07:00
Jeff Mitchell bd0ac25eb9
Merge branch 'master' into rekey-verification 2018-05-29 10:19:57 -04:00
Chris Hoffman 43c5030eca
pkcs11 docs updates 2018-05-25 15:39:07 -04:00
Becca Petrin 12976bf60e add userpass note on bound cidrs (#4610) 2018-05-25 14:35:09 -04:00
Jeff Mitchell 52cb8234a6 Changelogify and fix some minor website bits 2018-05-25 10:39:23 -04:00
Nicholas Jackson 17460461a0 Breakout parameters for x.509 certificate login (#4463) 2018-05-25 10:34:46 -04:00
Yoko 6a2d0e71b6
Vault Interactive Tutorial updates (#4623)
* Added more tutorial steps

* Updated the step texts
2018-05-24 11:39:02 -07:00
nelson 196d054f70 Update kv-v2.html.md (#4614)
correct the payload format for "Configure the KV Engine" and "Update Metadata"
2018-05-24 12:44:44 -04:00
Jeff Mitchell 8a9cd42fe9 Interactive server now uses kvv2 so update text 2018-05-23 09:59:52 -04:00
Chris Hoffman d066c4a2a8
remove incorrect parameter 2018-05-23 08:58:27 -04:00
Jeff Mitchell 635fd18bf6 Minor website doc updates 2018-05-22 15:12:12 -04:00
Yoko 11646db916
Seal Wrap / FIPS 140-2 Compliance guide (#4558)
* WIP - Seal Wrap guide

* WIP: Seal Wrap guide

* Added a brief description about the Seal Wrap guide

* Incorporated feedbacks

* Updated FIPS language

Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.

It's a very specific update, but it's an important one for some VE customers.

Looks great - thanks!

* Removed 'Compliance' from title

* typo fix
2018-05-22 11:23:11 -07:00
Jeff Mitchell d60360ddbe Add instructions for both kvv1 and kvv2 to getting started policies info 2018-05-22 14:07:12 -04:00
Yoko d88e4d5019
Mount Filters guide (#4536)
* WIP: Mount filter guide

* WIP

* Mount filter guide for CLI, API, and UI

* updated the next step

* Updated the verification steps

* Added a note about the unseal key on secondaries

* Added more details

* Added a reference to mount filter guide

* Added a note about generating a new root token

* Added a note about local secret engine
2018-05-22 08:57:36 -07:00
Chris Hoffman 3db5a6adaa
updating link 2018-05-22 10:00:20 -04:00
Chris Hoffman ae43f2c25e
adding options information to mount endpoint (#4606) 2018-05-21 16:39:43 -04:00
Jeff Mitchell 3e0dbc5ea7 Remove dupe website text 2018-05-21 16:30:45 -04:00
Jeff Mitchell 8ad0bbbc44 Address feedback 2018-05-21 16:13:38 -04:00
Jeff Mitchell 27ab8d1a20 Add verification documentation 2018-05-21 12:00:36 -04:00
Jeff Mitchell c737778c8d Make description of prehashed a bit more friendly 2018-05-21 09:08:22 -04:00
Jeff Mitchell 3a568b6175 Update key_type parameter description 2018-05-19 12:20:37 -04:00
Kevin Paulisse 6d93ea4d77 Docs: Clarify that revoking token revokes dynamic secrets (#4592) 2018-05-18 23:27:53 -07:00
Jeff Mitchell 5a35dac726 Add missing drsecondarycode to health API docs 2018-05-18 12:39:13 -04:00
Jeff Mitchell 30dc66221c Flip documented resolve_aws_unique_id value
Fixes #4583
2018-05-18 12:05:52 -04:00
Reid Wiggins 9813794bc2 Add documentation for MySQL 5.6 root rotation (#4584)
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.

Fixes #4567
2018-05-18 08:56:11 -07:00
Romain Vrignaud 9050bc809b Rename Google Container Engine to Google Kubernetes Engine (#4586) 2018-05-18 08:19:56 -07:00
Jeff Mitchell 124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
Update policies.html.md
2018-05-17 09:14:35 -07:00
Jeff Mitchell 38f5f5f783
Updated for new syntax 2018-05-17 09:14:12 -07:00
Jeff Mitchell 4ab7275c95
Merge pull request #4575 from avoidik/patch-2
Add more essential notes into production hardening guide
2018-05-17 09:05:34 -07:00
Jeff Mitchell 63963a73a6
Update production.html.md 2018-05-17 09:05:08 -07:00
Jim Kalafut 5dcfc63ee6
Fix GCP API parameter docs 2018-05-17 08:54:25 -07:00
Seth Vargo 21e79035e0 Move UI docs from enterprise to OSS (#4565) 2018-05-17 08:48:10 -07:00
Andrew Slattery 3bd38517eb Update KV response code (#4568)
Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.
2018-05-17 08:46:19 -07:00
Tavis Wilson 50e05056d3
Update policies.html.md 2018-05-16 14:35:30 -05:00
Jeff Mitchell ec876c21b3 Update website ldap url text 2018-05-16 11:58:10 -04:00
Viacheslav Vasilyev cc99d82e8f
Update production.html.md 2018-05-16 11:16:04 +03:00
Jacob Friedman 095baa8263 fixed spelling error in step 1 (#4572) 2018-05-15 17:43:35 -07:00
Jeff Mitchell aa98f33f63 Mention that you can actually rekey when using an HSM 2018-05-13 16:49:42 -04:00
Jeff Mitchell 821d347375 Update HSM documentation and fix GCP docs build 2018-05-13 16:39:22 -04:00
Robbie McKinstry 9765779622 Client side rate limiting (#4421) 2018-05-11 10:42:06 -04:00
Seth Vargo a4fa046730 Update GCP secrets to be example-driven (#4539)
👍
2018-05-10 16:58:22 -04:00
Tyler Marshall 407550bd89 Fix minor spelling mistake (#4548) 2018-05-10 13:42:01 -07:00
Becca Petrin 76c717b081
Restrict cert auth by CIDR (#4478) 2018-05-09 15:39:55 -07:00
Jeff Kohrman ec4b839741 Add link to updated privacy policy in layout.erb (#4533)
Added link to updated privacy policy in footer of `layout.erb` for the OSS website.
2018-05-09 16:11:57 -04:00
Yoko fc97fc09ce
[Guide] DB Root Credential Rotation (#4508)
* DB root credential rotation guide

* Fixed typos

* Added a note about creating a dedicated superuser

* Incorporated Chris's feedback

* Added a reference to DB root credential rotation

* Rephrase some of the languages

* Minor re-wording of a sentence
2018-05-09 11:01:58 -07:00
Jeff VanSickle a69e8d81b0 Update jq path for "excited" in JSON output example (#4531) 2018-05-09 08:41:41 -07:00
Shelby Moore f8e1f82225 Updated proxy protocol config validation (#4528) 2018-05-09 10:53:44 -04:00
Jeff Mitchell 274732733e Clarify that rotate requires sudo 2018-05-09 10:19:35 -04:00
tdsacilowski c19e8d0dbc Clarify HA params, fixed typos (#4527)
* Clarify HA params, fixed typos

* Additional clarifications to listener parameters

* Updated cluster_address values
2018-05-08 13:36:42 -07:00
Jacob Friedman 64bb0bd58a Updated link for k8s-tokenreview (#4523)
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
2018-05-08 13:36:12 -07:00
Jacob Friedman 67b8d3dc40 Changed DR docs page to fix generating secondary DR token (#4521)
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
2018-05-08 13:35:48 -07:00
vishalnayak f95a913bd5 docs: s/entity/group-alias 2018-05-08 16:32:35 -04:00
Chris Hoffman 7c0e590f54
docs update 2018-05-07 16:34:39 -04:00
Chris Hoffman e7bbe6fbed
docs updates 2018-05-07 16:33:38 -04:00
Chris Hoffman 049df3da3e
updating pkcs11 docs (#4520) 2018-05-07 13:50:45 -04:00
Anthony Dong 9b06c0fb56 Fix typo in AppRole guide (#4509) 2018-05-04 10:10:21 -04:00