vishalnayak
e01f99f042
Check for prefix match instead of exact match for IAM bound parameters
2016-09-28 18:08:28 -04:00
vishalnayak
a9c719b555
changelog++
2016-09-28 15:41:53 -04:00
Vishal Nayak
4a30a6b4f8
Merge pull request #1913 from hashicorp/bound-iam-instance-profile-arn
...
Proper naming for bound_iam_instance_profile_arn
2016-09-28 15:34:56 -04:00
vishalnayak
31e450a175
Add some validation checks
2016-09-28 15:36:02 -04:00
vishalnayak
69df3fb95e
Added a few checks to the CIDR Subset checking util
2016-09-28 14:04:02 -04:00
Laura Bennett
62ea73ad6b
changelog++
2016-09-27 21:13:51 -04:00
Laura Bennett
010293ccc3
Merge pull request #1931 from hashicorp/cass-consistency
...
Adding consistency into cassandra
2016-09-27 21:12:02 -04:00
Jeff Mitchell
b8f2841376
changelog++
2016-09-27 21:05:52 -04:00
Jeff Mitchell
bcee7dce17
changelog++
2016-09-27 20:53:13 -04:00
Chris Hoffman
d235acf809
Adding support for chained intermediate CAs in pki backend ( #1694 )
2016-09-27 17:50:17 -07:00
Jeff Mitchell
447cb8d5fb
changelog++
2016-09-27 20:49:25 -04:00
Laura Bennett
5ac43873c4
minor updates
2016-09-27 20:35:11 -04:00
Laura Bennett
6f7428d4c0
changelog++
2016-09-27 16:46:09 -04:00
Laura Bennett
883b5db420
typo correction
2016-09-27 16:38:27 -04:00
Laura Bennett
648a71fa11
updates to the documents
2016-09-27 16:36:20 -04:00
Laura Bennett
e14fe05c13
added parsing at role creation
2016-09-27 16:01:51 -04:00
Laura Bennett
4938aa56bf
initial commit for consistency added into cassandra
2016-09-27 13:25:18 -04:00
Vishal Nayak
0dde3bb559
Merge pull request #1928 from legal90/fix-secretid-num-uses
...
Fix "SecretIDNumUses" in AppRole auth backend
2016-09-27 13:02:37 -04:00
vishalnayak
25ae17d0fe
changelog++
2016-09-27 13:01:16 -04:00
Vishal Nayak
38428e90ea
Merge pull request #1924 from hashicorp/token-entry-upgrade
...
Handle token entry upgrade gracefully
2016-09-27 12:55:06 -04:00
Mikhail Zholobov
5eff59c410
Fix "SecretIDNumUses" in AppRole auth backend
...
There was a typo.
2016-09-27 17:26:52 +03:00
vishalnayak
57b21acabb
Added unit tests for token entry upgrade
2016-09-26 18:17:50 -04:00
vishalnayak
af888573be
Handle upgrade of deprecated fields in token entry
2016-09-26 15:47:48 -04:00
Jeff Mitchell
96afb1d27a
Update getting started docs since root can no longer be used from github
2016-09-26 13:09:26 -04:00
Seth Vargo
be9fb99a99
Update middleman-hashicorp ( #1922 )
2016-09-26 12:40:48 -04:00
vishalnayak
69e662d374
changelog++
2016-09-26 10:49:59 -04:00
Vishal Nayak
b1ee56a15b
Merge pull request #1910 from hashicorp/secret-id-cidr-list
...
CIDR restrictions on Secret ID
2016-09-26 10:22:48 -04:00
Jeff Mitchell
f8e3cf4591
Add information about accessors to the token concepts page.
...
Fixes #1918
2016-09-26 10:18:38 -04:00
vishalnayak
ecf45e7e3d
changelog++
2016-09-26 10:10:00 -04:00
Vishal Nayak
a4b119dc25
Merge pull request #1920 from legal90/fix-approle-delete
...
Fix panic on deleting the AppRole which doesn't exist
2016-09-26 10:05:33 -04:00
Mikhail Zholobov
3f77013004
Fix panic on deleting the AppRole which doesn't exist
...
#pathRoleDelete should return silently if the specified AppRole doesn't exist
Fixes GH-1919
2016-09-26 16:55:08 +03:00
vishalnayak
da5b5d3a8e
Address review feedback from @jefferai
2016-09-26 09:53:24 -04:00
vishalnayak
d080107a87
Update docs to contain bound_iam_role_arn
2016-09-26 09:37:38 -04:00
vishalnayak
bf0b7f218e
Implemented bound_iam_role_arn constraint
2016-09-23 21:35:36 -04:00
John
c39eeecaea
tip to override VAULT_ADDR in getting started guide ( #1915 )
2016-09-23 19:34:07 -04:00
Jeff Mitchell
72b9c4c649
Fix parsing env var, needed to be in the helper too
2016-09-23 13:20:26 -04:00
vishalnayak
a31f9bb0e9
Fix zeroAddr check
2016-09-23 12:50:26 -04:00
Jeff Mitchell
be694f0287
changelog++
2016-09-23 12:33:26 -04:00
Jeff Mitchell
6bf871995b
Don't use time.Time in responses. ( #1912 )
...
This fixes #1911 but not directly; it doesn't address the cause of the
panic. However, it turns out that this is the correct fix anyways,
because it ensures that the value being logged is RFC3339 format, which
is what the time turns into in JSON but not the normal time string
value, so what we audit log (and HMAC) matches what we are returning.
2016-09-23 12:32:07 -04:00
vishalnayak
2d4bfeff49
Update website for bound_iam_instance_profile_arn
2016-09-23 11:23:59 -04:00
vishalnayak
e0c41f02c8
Fix incorrect naming of bound_iam_instance_profile_arn
2016-09-23 11:22:23 -04:00
Evan Phoenix
4214a0199d
Advertise the cluster_(id|name) in the Scada handshake ( #1906 )
2016-09-23 10:55:51 -04:00
vishalnayak
f560e20b28
Address review feedback
2016-09-22 18:07:35 -04:00
Jeff Mitchell
57f3904d74
Use VAULT_LOG_FORMAT as an analogue to LOGXI_FORMAT
2016-09-22 17:22:02 -04:00
vishalnayak
c26754000b
Fix ssh tests
2016-09-22 11:37:55 -04:00
vishalnayak
07b1b244d6
Use net.IPv4zero to check for zero address
2016-09-21 20:29:33 -04:00
vishalnayak
aaadd4ad97
Store the CIDR list in the secret ID storage entry.
...
Use the stored information to validate the source address and credential issue time.
Correct the logic used to verify BoundCIDRList on the role.
Reverify the subset requirements between secret ID and role during credential issue time.
2016-09-21 20:19:26 -04:00
vishalnayak
578b82acf5
Pass only valid inputs to validation methods
2016-09-21 15:44:54 -04:00
Jeff Mitchell
d65da5613c
Add missing dep
2016-09-21 14:02:35 -04:00
Jeff Mitchell
226ef5d78c
Make HA in etcd off by default. ( #1909 )
...
Fixes #1908
(Doesn't really "fix" it but someone from the community needs to step up
if they want to see this fixed.)
2016-09-21 14:01:36 -04:00