Jeff Mitchell
c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly ( #5280 )
...
* Allow most parts of Vault's logging to have its level changed on-the-fly
* Use a const for not set
2018-09-05 15:52:54 -04:00
Steven Black
0a482e9bd2
Fix misspelling ( #5279 )
2018-09-05 15:40:01 -04:00
Brian Shumate
76293834cc
Update terminology ( #5225 )
...
- Change "key ring" references to "key" to match Transit API docs
2018-09-05 12:05:02 -04:00
Becca Petrin
7e0e49656a
Add AliCloud auth to the Vault Agent ( #5179 )
2018-09-05 11:56:30 -04:00
Seth Vargo
81e9efb658
Fix resource binding examples ( #5273 )
2018-09-05 11:55:45 -04:00
RobinsonWM
cf525cb934
Documentation: Corrected typo in CLI init doc ( #5269 )
2018-09-04 15:44:41 -06:00
Andy Manoske
e8ef5afb5f
namespace docs updates
...
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
Jeff Mitchell
5da6fc2f77
Remove some confusing language on perf standby page
2018-08-29 19:51:23 -04:00
Jeff Mitchell
24946fe43e
Add namespace/mfa docs ( #5215 )
2018-08-28 15:33:34 -07:00
Jeff Mitchell
b509ea4926
Make the usernames match in all examples in userpass
2018-08-28 18:33:00 -04:00
Brian Kassouf
85f06f7e88
Add Performance Standby Docs ( #5214 )
...
* Add Performance Standby Docs
* Review updates
2018-08-28 12:48:02 -07:00
Frederic Hemberger
d343f00b64
Fix ssh command in example ( #5209 )
2018-08-28 12:34:48 -07:00
Jeff Mitchell
2a8e510a27
Document disable_performance_standby
2018-08-28 12:09:13 -04:00
Austin Workman
e8991e8fe9
Adding documentation clarifying oracle plugin setup and requirements ( #5183 )
2018-08-25 12:27:13 -07:00
Becca Petrin
55b3dfbcc0
use ldaps in docs ( #5180 )
2018-08-24 10:36:20 -07:00
Chris Hoffman
e6abba9558
Revert "Add Configuration Builder and Better Download page" ( #5171 )
2018-08-23 19:34:50 -04:00
Joshua Ogle
6819af20b5
Merge branch 'master' into oss-download-config-path
2018-08-23 14:01:39 -06:00
Jeff Mitchell
ba0d029247
Restricts ACL templating to paths but allows failures ( #5167 )
...
When a templating failure happens, we now simply ignore that path,
rather than fail all access to all policies
2018-08-23 12:15:02 -04:00
Chris Hoffman
d736324b50
Docs: ACL Templating ( #5159 )
2018-08-23 10:05:44 -04:00
Greg Oledzki
d5a3010498
Update delete.html.md ( #5155 )
...
Minor typo in `delete` command docs
2018-08-22 11:26:21 -07:00
Becca Petrin
fb6a06a3fe
Alibaba auth docs ( #5132 )
2018-08-22 10:23:33 -07:00
Hugo Wood
203269a5d4
JWT/OIDC documentation fixes ( #5157 )
...
* Fix argument name in JWT/OIDC login CLI example
* Fix groups_claim documented as required when creating roles for JWT/OIDC
2018-08-22 10:44:08 -04:00
Chris Hoffman
4d574c1d6c
adding namespace docs ( #5133 )
2018-08-17 12:17:11 -04:00
Andy Manoske
50edc43df0
Merge pull request #5112 from hashicorp/namespaces-docs
...
Merge for Beta Launch
2018-08-16 15:36:43 -07:00
Andy Manoske
de52752e86
Update index.html.md
...
Updated to include Yoko's guide URL
2018-08-16 13:38:24 -07:00
Jim Kalafut
4ced3b0f77
Initial Azure Secrets docs ( #5121 )
2018-08-16 12:10:56 -07:00
brianvans
f79385346f
Add ha_enabled for mysql backend ( #5122 )
...
* Slight cleanup around mysql ha lock implementation
* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run
* Add `ha_enabled` option for mysql storage
It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
2018-08-16 11:03:16 -07:00
Yamamoto, Hirotaka
6673e579a0
[etcd] fix the deafult prefix in website ( #5116 )
...
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.
However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.
2018-08-16 10:38:11 -04:00
Joel Thompson
0941c7a24a
Make AWS credential types more explicit ( #4360 )
...
* Make AWS credential types more explicit
The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.
With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.
Fixes #4229
Fixes #3751
Fixes #2817
* Add missing write action to STS endpoint
* Allow unsetting policy_document with empty string
This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.
* Respond to some PR feedback
* Refactor and simplify role reading/upgrading
This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.
* Eliminate duplicated AWS secret test code
The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.
* Switch to use AWS ARN parser
2018-08-16 06:38:13 -04:00
Andy Manoske
bd4c047713
Update index.html.md
2018-08-15 17:44:36 -07:00
Andy Manoske
9d41d4c407
Update index.html.md
2018-08-15 17:44:00 -07:00
Christoph Ludwig
24a368c1ba
Add support for "sovereign" Azure cloud environments ( #4997 )
...
* Add support for "sovereign" Azure cloud environments
* Shorten variable names
2018-08-15 19:40:36 -04:00
Andy Manoske
0a71ea9a58
Create index.html.md
2018-08-15 15:27:11 -07:00
RichardWLaub
8d7a983bba
Update usage section for kv-v1 docs ( #5105 )
...
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:
```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```
Running `vault kv list kv/` gives the desired output.
Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
Seth Vargo
324c8fab24
Fix docs typo (service-account => service_account) ( #5102 )
...
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
Gerald
9192bd6b07
Add ttl params into csr signing docs ( #5094 )
2018-08-13 23:38:03 -04:00
Jim Kalafut
3822e2997b
Clarify "Commands" docs ( #5092 )
...
Fixes #4890
2018-08-13 14:09:48 -07:00
Nándor István Krácser
b9fab6375b
Alibaba Object Storage support ( #4783 )
2018-08-13 17:03:24 -04:00
Michael Schuett
63e7ac034f
MySQL HA Backend Support ( #4686 )
2018-08-13 17:02:31 -04:00
Jim Kalafut
aa8dac9bd2
Add RDS notes to MSSQL docs ( #5062 )
2018-08-10 08:52:21 -07:00
Jeff Mitchell
65d2cc768c
Website typo fix
2018-08-08 15:53:40 -04:00
Jeff Escalante
2a21e85580
html syntax corrections ( #5009 )
2018-08-07 10:34:35 -07:00
Joshua Ogle
f0f4097470
Javascript refactor for configuration builder
2018-08-06 11:55:36 -06:00
Joshua Ogle
c4ef5fdece
JS Feedback fixes, make UI default on click
2018-08-03 22:57:17 -06:00
Chris Hoffman
59a0099f89
Add Configuration Builder and Better Download page
...
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
Jason Martin
df3e3ba43d
Fix typo in the AWS STS AssumeRole docs. ( #5032 )
2018-08-02 22:57:24 -07:00
Jeff Mitchell
62bcbd3dfe
Fix website typo
2018-08-01 16:52:11 -04:00
Jeff Mitchell
a6d0ae5890
Add exit-after-auth functionality to agent ( #5013 )
...
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.
Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
Pat Downey
0ad44a7ac5
Expand TOFU acronym in AWS auto-auth docs ( #5011 )
2018-07-29 18:05:49 -07:00
Michael Herman
05f944c580
Update index.html.md ( #5005 )
2018-07-27 15:30:59 -04:00
Jeff Mitchell
e72890e83f
VSI ( #4985 )
2018-07-24 22:02:27 -04:00
Olivier Lemasle
4604c00018
State in docs that FoundationDB backend is community supported ( #4964 )
2018-07-20 09:59:13 -04:00
Peter Vandenabeele
db2970623d
Fix small typo in Vault website documentation ( #4962 )
2018-07-20 09:57:16 -04:00
Brian Shumate
e2dd0864c4
Add missing telemetry metrics ( #4785 )
...
* Add missing telemetry metrics
- Add merkle related telemetry
- Add WAL related telemetry
* additional wal metrics
* Use correct metrics naming
2018-07-19 18:36:55 -04:00
Chris Hoffman
712652c318
Fixing formatting
2018-07-19 10:36:09 -04:00
Chris Hoffman
6a169ab00d
Adding information on required azure permissions ( #4956 )
2018-07-19 10:24:55 -04:00
Julien Blache
c8fb9ed6a8
FoundationDB physical backend ( #4900 )
2018-07-16 10:18:09 -04:00
Seth Vargo
1259ee6743
Add plugin CLI for interacting with the plugin catalog ( #4911 )
...
* Add 'plugin list' command
* Add 'plugin register' command
* Add 'plugin deregister' command
* Use a shared plugin helper
* Add 'plugin read' command
* Rename to plugin info
* Add base plugin for help text
* Fix arg ordering
* Add docs
* Rearrange to alphabetize
* Fix arg ordering in example
* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
Seth Vargo
a379989da4
Update GCP docs ( #4898 )
...
* Consistently use "Google Cloud" where appropriate
* Update GCP docs
This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
Jeff Mitchell
2322eabc68
Add jwt auth docs ( #4891 )
2018-07-11 15:08:49 -04:00
Md. Nure Alam Nahid
7b9bedf94d
Add additional config keys for swift ( #4901 )
...
* Add additional config keys for swift
* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
Seth Vargo
408fc1eac0
Properly capitalize H in GitHub ( #4889 )
...
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
Jeff Mitchell
4a3fe87a39
Allow max request size to be user-specified ( #4824 )
...
* Allow max request size to be user-specified
This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.
This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.
* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
Chris Bednarski
514ffac5e2
Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners ( #4862 )
2018-07-06 08:51:51 -04:00
Calvin Leung Huang
04332f5b3f
Add missing replication props, prettify tables ( #4816 )
...
* Add missing request.replication props, prettify tables
* Fix location of replication prop
2018-07-05 16:11:21 -04:00
Chris Hoffman
32c94b2638
Update docs
2018-07-03 08:28:43 -04:00
Brian Shumate
7b106683f0
Clarify policies note ( #4832 )
...
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
Chris Hoffman
6b7d215e7e
Clarify performance replication token handling
2018-06-29 09:32:35 -04:00
Logan Rakai
619dd3c6ed
Typo fix ( #4822 )
2018-06-23 16:34:25 -07:00
Logan Rakai
59b87fae53
Small grammar fix ( #4821 )
2018-06-22 21:59:39 -07:00
Jeff Mitchell
2410a11156
Add a warning to syslog
...
Ping #3617
2018-06-22 09:00:07 -04:00
Steven Farage
fadb3eb6fd
Make documentation match API example ( #4809 )
...
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
Becca Petrin
73cbbe2a9f
Add bound cidrs to tokens in AppRole ( #4680 )
2018-06-19 22:57:11 -04:00
Calvin Leung Huang
418513bbd9
Be explicit about trailing slash on paths for list capability ( #4793 )
2018-06-19 12:10:39 -04:00
Laura Uva
4cae4abbab
Add example of min_wrapping_ttl and max_wrapping_ttl ( #4753 )
2018-06-18 19:59:21 -04:00
Jeff Mitchell
762f08eac2
Mention delegating change password privs in ad docs
2018-06-15 17:01:47 -04:00
Jeff Mitchell
164c7225f1
Remove msa info from AD page
2018-06-15 16:55:28 -04:00
Nándor István Krácser
d4303bc53e
docs: kv 2 is used by default in the dev server only ( #4773 )
2018-06-15 09:09:27 -04:00
Laura Uva
44e874e06f
Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) ( #4754 )
2018-06-13 16:44:15 -07:00
Becca Petrin
aa390e0e7e
add link to api docs ( #4757 )
2018-06-13 09:35:37 -07:00
Pavlos Ratis
49834a3a83
Use shell highlighting in the command snippets ( #4736 )
2018-06-11 08:46:35 -04:00
Chris Hoffman
611244d337
Update gcpckms.html.md
2018-06-08 17:07:59 -04:00
Chris Hoffman
3a690656ee
fix typo
2018-06-08 17:05:17 -04:00
Chris Hoffman
5d07ff7c7a
Adding Azure Key Vault seal docs ( #4728 )
2018-06-08 17:04:14 -04:00
Brian Shumate
d2519da5ad
Tiny formalized edit ( #4715 )
2018-06-07 06:44:57 -07:00
Kevin Hicks
ed7992e8ae
update docs and help text to include 'operator' ( #4712 )
2018-06-06 21:11:21 -07:00
Jeff Mitchell
4b7d2bed01
Transit convergent v3
2018-06-05 18:53:39 -04:00
LeSuisse
809079cac2
Update usage of deprecated commands rekey and rotate in the documentation ( #4703 )
2018-06-05 12:37:26 -04:00
Nándor István Krácser
a36f91101a
Fix VAULT_LOG_LEVEL in docs ( #4696 )
2018-06-05 10:23:32 -04:00
Becca Petrin
6cafb12ff4
be more explicit about names ( #4695 )
2018-06-04 21:34:17 -04:00
emily
192c228931
Add GCP auth helper ( #4654 )
...
* update auth plugin vendoring
* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
Becca Petrin
606889f005
Docs for the upcoming Active Directory secrets engine ( #4612 )
2018-05-29 08:49:09 -07:00
Chris Hoffman
43c5030eca
pkcs11 docs updates
2018-05-25 15:39:07 -04:00
Chris Hoffman
3db5a6adaa
updating link
2018-05-22 10:00:20 -04:00
Reid Wiggins
9813794bc2
Add documentation for MySQL 5.6 root rotation ( #4584 )
...
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.
Fixes #4567
2018-05-18 08:56:11 -07:00
Romain Vrignaud
9050bc809b
Rename Google Container Engine to Google Kubernetes Engine ( #4586 )
2018-05-18 08:19:56 -07:00
Jeff Mitchell
124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
...
Update policies.html.md
2018-05-17 09:14:35 -07:00
Jeff Mitchell
38f5f5f783
Updated for new syntax
2018-05-17 09:14:12 -07:00
Seth Vargo
21e79035e0
Move UI docs from enterprise to OSS ( #4565 )
2018-05-17 08:48:10 -07:00
Tavis Wilson
50e05056d3
Update policies.html.md
2018-05-16 14:35:30 -05:00
Jeff Mitchell
aa98f33f63
Mention that you can actually rekey when using an HSM
2018-05-13 16:49:42 -04:00
Jeff Mitchell
821d347375
Update HSM documentation and fix GCP docs build
2018-05-13 16:39:22 -04:00
Robbie McKinstry
9765779622
Client side rate limiting ( #4421 )
2018-05-11 10:42:06 -04:00
Seth Vargo
a4fa046730
Update GCP secrets to be example-driven ( #4539 )
...
👍
2018-05-10 16:58:22 -04:00
Tyler Marshall
407550bd89
Fix minor spelling mistake ( #4548 )
2018-05-10 13:42:01 -07:00
Shelby Moore
f8e1f82225
Updated proxy protocol config validation ( #4528 )
2018-05-09 10:53:44 -04:00
Jacob Friedman
64bb0bd58a
Updated link for k8s-tokenreview ( #4523 )
...
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
2018-05-08 13:36:12 -07:00
Chris Hoffman
7c0e590f54
docs update
2018-05-07 16:34:39 -04:00
Chris Hoffman
e7bbe6fbed
docs updates
2018-05-07 16:33:38 -04:00
Chris Hoffman
049df3da3e
updating pkcs11 docs ( #4520 )
2018-05-07 13:50:45 -04:00
Jerome Cheng
d180e45cf5
Fix incorrect file path in Token Helper doc ( #4499 )
...
Vault stores the token in `~/.vault-token` and not `~/.vault_token`.
2018-05-02 21:56:38 -07:00
Nathan Valentine
608f013bf2
s/aws_region/region/ ( #4497 )
...
The correct key name is 'region' as opposed to 'aws_region'.
2018-05-02 14:25:03 -07:00
Fabrizio Cucci
cef52dae90
Fix role of example in Kubernetes Auth Method ( #4483 )
...
It was `test` but it should be `demo` to be aligned with the example.
2018-05-01 15:04:53 -07:00
Pavlos Ratis
cd344bdbb8
[website] fix Markdown formatting on GCP page ( #4471 )
2018-04-27 09:13:07 -07:00
Jim Kalafut
7f69ff0546
Minor updates to Azure auth docs
2018-04-27 08:47:06 -07:00
emily
8a309e6406
fix docs ( #4466 )
2018-04-26 16:54:19 -04:00
Jeff Mitchell
0f806d0950
Remove out of date text on HSM rekeying
2018-04-26 10:10:30 -04:00
Jim Kalafut
063c225f97
Fix typo in aws auth docs
2018-04-25 22:57:39 -07:00
Andrew Speed
418be4cb54
Fix authentication example mentioning vault auth but using vault login ( #4458 )
2018-04-25 14:59:38 -07:00
Chris Hoffman
fba759ab97
fix document formatting
2018-04-25 10:16:41 -04:00
Chris Hoffman
2d05034dd3
Seal Rotation Docs ( #4449 )
...
* wip docs
* adding docs
* removing vendor supported mechanism
2018-04-25 09:59:06 -04:00
Becca Petrin
639dc005ee
uppercase Vault in plugin doc ( #4442 )
2018-04-24 10:41:37 -07:00
Jeff Mitchell
0882e5afb6
Update audit text to make it clear that audit logs are for authenticated interactions
2018-04-23 10:49:32 -04:00
Malhar Vora
45fe086107
Corrects description for mode option in ssh command ( #4420 )
...
Fixes #4375
2018-04-22 13:42:46 -04:00
Malhar Vora
739362b081
Correct typo in Kubernetes auth backend docs
...
Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend
documentation.
Fixes #4417
2018-04-21 19:37:59 -07:00
Jeff Mitchell
6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. ( #4412 )
...
Fixes #815
2018-04-21 10:49:16 -04:00
Alvin Huang
84ffdbb7b5
remove redundant 'Vault' in approle docs ( #4405 )
2018-04-20 09:55:15 -04:00
Vishal Nayak
5fa9e4ca5c
phys/consul: Allow tuning of session ttl and lock wait time ( #4352 )
...
* phys/consul: allow tuning of session ttl and lock wait time
* use parseutil
* udpate docs
2018-04-18 13:09:55 -04:00
Jeff Mitchell
805b5e5160
X-Forwarded-For ( #4380 )
2018-04-17 18:52:09 -04:00
Laura Uva
2ae6d614b8
Add mode to the examples under automation steps ( #4374 )
2018-04-17 13:47:41 -04:00
Jerome Cheng
a82a612e2c
Fix indentation of code block in Consul Secrets Engine docs ( #4350 )
...
The indentation of the code block in the Consul Secrets Engine doc was
removed in #4224 , but the closing backticks remained indented one level,
resulting in the block swallowing all text after it. Removing the
indentation from the closing backticks fixes this.
2018-04-13 09:55:35 -04:00
Peter Souter
28f6d65032
Remove Enterprise Only flag ( #4337 )
2018-04-11 14:27:58 -04:00
Matthew Irish
2f43a20ebe
fix broken link ( #4329 )
2018-04-10 11:11:38 -05:00
Brian Kassouf
a8b8ca136e
KV: Update 'versioned' naming to 'v2' ( #4293 )
...
* Update 'versioned' naming to 'v2'
* Make sure options are set
* Fix description of auth flag
* Review feedback
2018-04-09 09:39:32 -07:00
Chris Hoffman
19f9f6ee89
Root Credential Rotation Docs ( #4312 )
...
* updating root credential docs
* more docs updates
* more docs updates
2018-04-09 12:20:29 -04:00
Chris Hoffman
cbcf31c570
remove token from curl request for login paths ( #4303 )
2018-04-06 18:10:59 -04:00
Andy Manoske
9c1db25639
Update index.html.md
2018-04-05 15:16:28 -07:00
Seth Vargo
a90467289a
Rename Google things to say "Google", update telemetry ( #4267 )
2018-04-04 10:37:44 -04:00
Brian Kassouf
62ce5ec91d
Versioned K/V docs ( #4259 )
...
* Work on kv docs
* Add more kv docs
* Update kv docs
* More docs updates
* address some review coments
2018-04-03 23:22:41 -07:00
Roy Sindre Norangshol
a9c717b44e
project is now project_id ( #4251 )
...
Verified both via vault CLI and direct curl'ing towards API endpoints.
2018-04-03 17:11:47 -04:00
Vishal Nayak
032ca979dc
move identity docs from ent docs to oss ( #4235 )
2018-04-01 13:59:43 -04:00
LeSuisse
cdd7cc1635
Update usage of the deprecated generated-root command in the documentation ( #4232 )
2018-03-31 11:17:08 -04:00
Seth Vargo
b48a9878e7
Add HA support to the Google Cloud Storage backend ( #4226 )
2018-03-30 12:36:37 -04:00
Brian Shumate
bf1b8709a6
Update Consuls Secrets quick start ( #4224 )
...
- Fix typo in role name
- Drop ordered list formatting on get credential example
2018-03-30 10:46:05 -04:00
Jon Benson
d1b0d6efb3
Update mfa-totp.html.md ( #4220 )
2018-03-29 16:51:13 -04:00
Jeff Mitchell
2f90e0c2e1
Merge branch 'master-oss' into 0.10-beta
2018-03-27 12:40:30 -04:00
vishalnayak
37153482be
docs: update aws ec2 auth step
2018-03-26 17:26:48 -04:00
Jeff Mitchell
e8fc0a11ce
Remove a few more vault.rocks usages
2018-03-26 15:02:22 -04:00
Wilhelmina Drengwitz
a10f02ef7b
Add general recommendation for the api_addr
config value ( #4198 )
...
We ran into some confusion about what we should be setting the api_addr config value to. I feel this general recommendation should nudge any others into a better understanding of what this value should point to.
2018-03-26 13:46:54 -04:00
Jeff Mitchell
65d8eb0914
Add more docs around list paths in policies.
...
CC #4199
2018-03-26 11:30:58 -04:00
Seth Vargo
0b827774ae
Drop vault.rocks ( #4186 )
2018-03-23 11:41:51 -04:00
Chris Hoffman
b7ef4a3a6f
adding Azure docs ( #4185 )
...
Adding Azure Auth Method docs
2018-03-22 18:28:42 -04:00
Jim Kalafut
7842557e62
Fix minor docs and help text issues ( #4184 )
2018-03-22 09:29:59 -04:00
Brian Kassouf
3324d6dd12
Add kv backend ( #4181 )
2018-03-21 22:56:52 -04:00
emily
f9b6f4b1c5
Docs for Vault GCP secrets plugin ( #4159 )
2018-03-21 15:02:38 -04:00
Josh Soref
73b1fde82f
Spelling ( #4119 )
2018-03-20 14:54:10 -04:00
Jeff Mitchell
9e46f0f84a
Explicitly call out that we use aes-256 gcm-96 for the barrier.
...
Fixes #2913
2018-03-19 19:53:12 -04:00
Roger Berlind
753f8a8545
Fixed broken k8s TokenReview API link ( #4144 )
2018-03-17 21:23:41 -04:00
immutability
04d1202426
Plugins need setcap too for syscall mlock ( #4138 )
2018-03-16 06:05:01 -07:00
Jim Kalafut
3f1ed4eb0d
Fix description of parameter value globbing ( #4131 )
2018-03-14 17:03:00 -04:00
Edward Z. Yang
ac98730578
Vault user needed to use STS Federation Tokens ( #4108 )
...
If you try to use role authorization to get an STS token, you'll get this error:
* Error generating STS keys: AccessDenied: Cannot call GetFederationToken with session credentials
2018-03-14 10:24:29 -04:00
Malte
a0776eb703
Fix typo in recommended vault auth iam policy ( #4128 )
...
The resource arn for the `sts:AssumeRole` action is missing a `:` for the region and therefore invalid.
2018-03-14 03:45:21 -04:00
Brian Shumate
bbd4d7ab4c
Docs: grammatical clarification around community supported note ( #4122 )
2018-03-13 10:32:28 -04:00
Jeff Mitchell
9d2a0dc31f
Update text around default policy to make it clear that it is user-modifiable
2018-03-08 15:48:11 -05:00
Jim Kalafut
079de043e3
Fix instruction in installation docs ( #4097 )
2018-03-08 11:02:04 -05:00
Aleksandar
a8304e5d4d
Add the chunk_size optional parameter to gcs storage ( #4060 )
2018-03-05 08:32:48 -05:00
Mike
eb1c2b0732
Correct endpoint's path in Doc ( #4074 )
...
Fix typo in endpoint's path
2018-03-05 07:41:53 -05:00
Jim Kalafut
ef4537e5d4
Change "mount" to "secrets enable" in docs
2018-03-02 12:54:28 -08:00
Joel Thompson
e4949d644b
auth/aws: Allow lists in binds ( #3907 )
...
* auth/aws: Allow lists in binds
In the aws auth method, allow a number of binds to take in lists
instead of a single string value. The intended semantic is that, for
each bind type set, clients must match at least one of each of the bind
types set in order to authenticate.
2018-03-02 11:09:14 -05:00
Andy Manoske
942aa9bbdc
Update index.html.md
...
Updated for Unbound
2018-02-28 16:20:54 -08:00
Jeff Mitchell
20157fd56a
Fix broken link on Consul docs
2018-02-26 13:28:15 -05:00
chris trott
78df6a630e
Configurable Consul Service Address ( #3971 )
...
* Consul service address is blank
Setting an explicit service address eliminates the ability for Consul
to dynamically decide what it should be based on its translate_wan_addrs
setting.
translate_wan_addrs configures Consul to return its lan address to nodes
in its same datacenter but return its wan address to nodes in foreign
datacenters.
* service_address parameter for Consul storage backend
This parameter allows users to override the use of what Vault knows to
be its HA redirect address.
This option is particularly commpelling because if set to a blank
string, Consul will leverage the node configuration where the service is
registered which includes the `translate_wan_addrs` option. This option
conditionally associates nodes' lan or wan address based on where
requests originate.
* Add TestConsul_ServiceAddress
Ensures that the service_address configuration parameter is setting the
serviceAddress field of ConsulBackend instances properly.
If the "service_address" parameter is not set, the ConsulBackend
serviceAddress field must instantiate as nil to indicate that it can be
ignored.
2018-02-23 11:15:29 -05:00
Yoko
5389550cdc
Changed the layout category menu ( #4007 )
...
* Changed the layout category menu
* Fixed typos
* Fixed a typo, and removed the duplicated generate-root guide
* Fixed the redirect.txt
2018-02-22 16:24:01 -08:00
Jeff Mitchell
2dda3f6363
Make docs around regenerate_key more specific
2018-02-22 09:09:20 -05:00
Jeff Mitchell
c2ae25d588
Update PKCS11 seal information
2018-02-21 09:05:36 -05:00
Jeff Mitchell
857cdaeb2b
Add some info about cert reloading behavior on SIGHUP
...
CC #3990
2018-02-15 17:11:48 -05:00
Seth Vargo
cd930b1173
Add support for Google Cloud Spanner ( #3977 )
2018-02-14 20:31:20 -05:00
Jeff Mitchell
35906aaa6c
Add ChaCha20-Poly1305 support to transit ( #3975 )
2018-02-14 11:59:46 -05:00
Nick
11f197dfa5
Update lease.html.md ( #3759 )
2018-02-14 09:44:34 -05:00
Brian Shumate
e6bf69b96b
DOCS: update Telemetry with more coverage ( #3968 )
...
- Add initial secrets engines metrics
- Update metrics types/values
- Update language for auth methods, secrets engines, audit devices
- Add more linking to relevant documentation
2018-02-14 09:39:51 -05:00
Brian Shumate
bbc196a6e5
Clarify with example of file-backend specific metrics ( #3913 )
2018-02-13 11:04:11 -05:00
Brian Shumate
492b3e2277
DOCS: update Telemetry ( #3964 )
...
- Correct time to millis
- Correct storage backend summaries from # ops to duration of ops
2018-02-13 10:15:19 -05:00
Paul Stack
3c683dba92
Adding Manta Storage Backend ( #3720 )
...
This PR adds a new Storage Backend for Triton's Object Storage - Manta
```
make testacc TEST=./physical/manta
==> Checking that code complies with gofmt requirements...
==> Checking that build is using go version >= 1.9.1...
go generate
VAULT_ACC=1 go test -tags='vault' ./physical/manta -v -timeout 45m
=== RUN TestMantaBackend
--- PASS: TestMantaBackend (61.18s)
PASS
ok github.com/hashicorp/vault/physical/manta 61.210s
```
Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store
Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value
The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta
will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value`
The value of the key is *always* written to a directory tree of the name and put in a `.vault_value` file.
2018-02-12 18:22:41 -05:00
Calvin Leung Huang
60732577f5
CLI Enhancements ( #3897 )
...
* Use Colored UI if stdout is a tty
* Add format options to operator unseal
* Add format test on operator unseal
* Add -no-color output flag, and use BasicUi if no-color flag is provided
* Move seal status formatting logic to OutputSealStatus
* Apply no-color to warnings from DeprecatedCommands as well
* Add OutputWithFormat to support arbitrary data, add format option to auth list
* Add ability to output arbitrary list data on TableFormatter
* Clear up switch logic on format
* Add format option for list-related commands
* Add format option to rest of commands that returns a client API response
* Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead
* Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead
* Remove -no-color flag, use env var exclusively to toggle colored output
* Fix compile
* Remove -no-color flag in main.go
* Add missing FlagSetOutputFormat
* Fix generate-root/decode test
* Migrate init functions to main.go
* Add no-color flag back as hidden
* Handle non-supported data types for TableFormatter.OutputList
* Pull formatting much further up to remove the need to use c.flagFormat (#3950 )
* Pull formatting much further up to remove the need to use c.flagFormat
Also remove OutputWithFormat as the logic can cause issues.
* Use const for env var
* Minor updates
* Remove unnecessary check
* Fix SSH output and some tests
* Fix tests
* Make race detector not run on generate root since it kills Travis these days
* Update docs
* Update docs
* Address review feedback
* Handle --format as well as -format
2018-02-12 18:12:16 -05:00
Jeff Mitchell
4969505c7e
Add transaction-like behavior for Transit persists. ( #3959 )
2018-02-12 17:27:28 -05:00
Jeff Mitchell
db8772f15e
Minor website wording updates
2018-02-12 15:28:06 -05:00
Jeff Mitchell
5a047fba68
Document the disable_sealwrap parameter
2018-02-12 15:20:07 -05:00
alexandrumd
56f0ff4293
Change 'rules' parameter for Policies requests ( #3947 )
...
With Vault Version: 0.9.1, the following is returned when using "rules" for policies operation:
```The following warnings were returned from the Vault server:
* 'rules' is deprecated, please use 'policy' instead```
2018-02-09 07:43:18 -05:00
Roger Berlind
07f587dd05
Updated replication table ( #3929 )
2018-02-08 18:11:00 -05:00
Chris Hoffman
d723479b32
Fixing docs links and adding redirects for new guides ( #3939 )
...
* updating links
* updating links
* updating links
* updating links
* updating links
* adding redirects
2018-02-07 19:29:07 -05:00
cikenerd
e7973773ac
Update etcd storage doc ( #3753 )
2018-02-06 11:00:00 -05:00
Jeff Mitchell
193278f9a4
Minor grammatical update to MFA doc
2018-02-05 12:26:16 -05:00
Jeff Mitchell
0255d4ca10
Make the MFA support status more clear for the legacy system
2018-02-04 19:25:27 -05:00
Vishal Nayak
01b1b9ff6d
docs/telemetry: remove merge conflict remnant ( #3882 )
...
* remove merge conflict remnant
* s/auth/authentication
2018-02-01 12:09:58 -05:00
Brian Shumate
a7049247d9
Correct cofiguration option in example ( #3879 )
2018-01-31 13:41:31 -05:00
Jack Pearkes
a2f0f0a8e5
website: add note about the 0.9.2+ CLI changes to reduce confusion ( #3868 )
...
* website: add note about the 0.9.2+ CLI changes to reduce confusion
* website: fix frontmatter for 0.9.3 guide, add to guides index
* website: add overview title to 0.9.3 guide for spacing
2018-01-30 13:30:47 -05:00
Chris Bartlett
c7580b2961
#3850 Fixed documentation for aws/sts ttl ( #3851 )
2018-01-25 22:20:30 -05:00
Paweł Słomka
b994e83c65
Cleanup of deprecated commands in tests, docs ( #3788 )
2018-01-15 15:19:28 -05:00
Vishal Nayak
8ef51c0065
Delete group alias upon group deletion ( #3773 )
2018-01-11 10:58:05 -05:00
Jeff Mitchell
d1803098ae
Merge branch 'master-oss' into sethvargo/cli-magic
2018-01-03 14:02:31 -05:00
Jon Davies
66e2593ef9
s3.go: Added options to use paths with S3 and the ability to disable SSL ( #3730 )
2018-01-03 12:11:00 -05:00
Didi Kohen
089a0793bd
Clarify that keybase is supported only in the CLI ( #3744 )
2018-01-03 11:18:38 -05:00
Alexandre Nicastro
19b4062801
docs: fix typo (change 'a' to 'an' - indefinite article) ( #3741 )
2018-01-03 10:47:15 -05:00
Brian Shumate
4a9333b076
Docs: Updated Telemetry documentation ( #3722 )
2017-12-26 13:51:15 -05:00
Brian Shumate
bbf1c67d80
Update backend config docs - addresses #3718 ( #3724 )
2017-12-26 13:48:45 -05:00
Jeff Mitchell
1a2eba5f87
Port website changes from ent side
2017-12-21 09:00:35 -05:00
Roger Berlind
27cdb42258
Added example for Azure SQL Database ( #3700 )
2017-12-18 13:55:56 -05:00
Jeff Mitchell
77a7c52392
Merge branch 'master' into f-nomad
2017-12-18 12:23:39 -05:00
James Nugent
e320d0580a
physical/dynamodb: Clarify ha_enabled type ( #3703 )
...
The example in the documentation correctly passes a quoted boolean (i.e.
true or false as a string) instead of a "real" HCL boolean. This commit
corrects the parameter list to document that fact.
While it would be more desirable to change the implementation to accept
an unquoted boolean, it seems that the use of `hcl.DecodeObject` for
parameters which are not common to all storage back ends would make this
a rather more involved change than this necessarily warrants.
2017-12-18 09:30:29 -05:00
James Nugent
618b52d72d
docs: Add correct method for mlock on systemd ( #3704 )
...
Although the previously described method of running setcap works if
setcap is available, the built-in LimitMEMLOCK directive is better.
2017-12-18 09:29:37 -05:00
Chris Hoffman
ef56322369
Merge remote-tracking branch 'oss/master' into f-nomad
...
* oss/master:
Add support for encrypted TLS key files (#3685 )
2017-12-15 19:51:28 -05:00
Chris Hoffman
164849f056
Add support for encrypted TLS key files ( #3685 )
2017-12-15 17:33:55 -05:00
Jeff Mitchell
b478ba8bac
Merge branch 'master' into f-nomad
2017-12-14 16:44:28 -05:00
Brian Shumate
d5d265956d
Docs: fix typo in libtool ltdl name and link to avoid confusion and note about arch ( #3644 )
2017-12-11 13:42:19 -05:00
Brian Shumate
a8932fbcbd
Docs: Update PKI URL config examples to FQDN — addresses #3606 ( #3647 )
2017-12-11 13:25:59 -05:00
Brian Shumate
07a0d25aeb
Docs: Update PKI output examples - addresses #3606 ( #3628 )
2017-12-11 11:57:07 -05:00
Brad Sickles
295e11d40d
Adding mfa support to okta auth backend. ( #3653 )
2017-12-07 14:17:42 -05:00
Brian Shumate
a0d1092420
Conditionally set file audit log mode ( #3649 )
2017-12-07 11:44:15 -05:00
Brian Kassouf
34f5d1e637
Remove the note about GKE from the Kubernetes docs ( #3658 )
2017-12-06 13:38:00 -05:00
Calvin Leung Huang
8f87854b86
Clarify api_addr related errors on VaultPluginTLSProvider ( #3620 )
...
* Mention api_addr on VaultPluginTLSProvider logs, update docs
* Clarify message and mention automatic api_address detection
* Change error message to use api_addr
* Change error messages to use api_addr
2017-12-05 12:01:35 -05:00
Jeff Mitchell
e301ebe91b
Update secrets page
...
Fixes #3623
2017-12-04 12:05:34 -05:00
Chris Hoffman
b17fb19b52
Expanding on the quick start guide with how to set up an intermediate authority ( #3622 )
2017-12-04 11:23:58 -05:00
Brian Shumate
ac69680d7b
Docs: mlock() notes, fixes #3605 ( #3614 )
2017-12-04 10:56:16 -05:00
Marc Sensenich
92f937c021
Remove Trailing White space in Kubernetes Doc ( #3360 )
...
Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example
```
vault write auth/kubernetes/role/demo \
bound_service_account_names=vault-auth \
bound_service_account_namespaces=default \
policies=default \
ttl=1h
```
2017-12-02 14:12:39 -05:00
Nicolas Corrarello
b3799697a2
Rename policy into policies
2017-11-29 16:31:17 +00:00
Nicolas Corrarello
a6d3119e3e
Pull master into f-nomad
...
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:56:37 +00:00
Laura Uva
3b5cbe54fd
Added clarification to KV documentation about default CLI behavior and how to preserve non-string type values ( #3596 )
2017-11-27 11:43:49 -05:00
Brian Shumate
fa4af18b73
Docs: policy update for multiple policies, fixes #3611 ( #3613 )
2017-11-27 09:54:38 -05:00
mariachugunova
89a0919250
Fix typo in s3 storage backend docs ( #3603 )
2017-11-23 13:28:33 -08:00
Jeff Mitchell
141548fb33
Add now-necessary mfa import to sentinel MFA example
2017-11-14 21:42:43 -05:00
Brian Kassouf
85a5a75835
Add token_reviewer_jwt to the kubernetes docs ( #3586 )
2017-11-14 13:27:09 -08:00
Vishal Nayak
3c7f194797
Doc: Add groups to identity concepts ( #3581 )
...
* Add groups to the concepts page
* s/pulled-in and pulled-out/synced against
* Remove double spaces
2017-11-14 13:27:49 -05:00
Seth Vargo
68052f18d0
Flip seal pages upside down to put examples first
2017-11-14 13:12:35 -05:00
Seth Vargo
4efcfe03d1
Add an auto-unseal page to the docs
...
This helps with SEO and also is where I'd expect auto unsealing to be referenced.
2017-11-14 13:12:20 -05:00
Jeff Mitchell
8ba71a67e5
Minor website wording updates
2017-11-14 12:34:28 -05:00
Jeff Mitchell
40e3883788
Fix some broken links
2017-11-14 12:32:03 -05:00
Jeff Mitchell
7ac167f8a4
Sync docs
2017-11-14 06:13:11 -05:00
Vishal Nayak
5d976794d4
API refactoring and doc updates ( #3577 )
...
* Doc updates and API refactoring
* fix tests
* change metadata fieldtype to TypeKVPairs
* Give example for TypeKVPairs in CLI for metadata
* Update API docs examples to reflect the native expected value for TypeKVPairs
* Don't mention comma separation in the docs for TypeCommaStringSlice
* s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias
* Address review feedback
* Fix formatting
* fix sidebar links
2017-11-13 20:59:42 -05:00
Brian Shumate
697a506b7b
DOCS: Update telemetry docs - fixes #3557 ( #3571 )
2017-11-13 09:58:04 -05:00
Calvin Leung Huang
87feab4492
Docs update related to new top-level config values ( #3556 )
...
* Add new top level config value docs, add VAULT_API_ADDR, purge old references
* Fix indentation
* Update wording on ha.html
* Add section on split data/HA mode
* Fix grammar
2017-11-10 20:06:07 -05:00
James Soubry
f2a98cc662
Fix curl commands ( #3558 )
...
Curl commands require HCL within JSON to work.
2017-11-09 10:16:09 -05:00
Joel Thompson
2c8cd19e14
auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive ( #3291 )
2017-11-06 17:12:07 -05:00
Jonathan Freedman
4109473134
More Mount Conflict Detection ( #2919 )
2017-11-06 15:29:09 -05:00
Jason Antman
af649c60d0
Add third party tools list to website ( #3488 )
2017-11-06 12:11:02 -05:00
Nicolas Corrarello
5a317a1a32
Updated documentation
2017-11-06 15:13:50 +00:00
Vishal Nayak
06923430cc
docs: s/persona/alias ( #3529 )
2017-11-03 11:17:59 -04:00
Chris Hoffman
3d8d887676
Add ability to require parameters in ACLs ( #3510 )
2017-11-02 07:18:49 -04:00
Nicolas Corrarello
d540985926
Unifying Storage and API path in role
2017-10-31 21:06:10 +00:00
Nicolas Corrarello
0fc65cabc7
Minor/Cosmetic fixes
2017-10-31 19:11:24 +00:00
Nathan Valentine
0345dca20f
Should these names not reference Vault? ( #3506 )
...
Since we are in the Vault docs, should these names not reference Vault instead of Nomad?
2017-10-30 11:04:38 -05:00
Vishal Nayak
b16084fdaf
aws-ec2: Avoid audit logging of custom nonces ( #3381 )
2017-10-27 11:23:15 -04:00
smeach
c575435040
Updated cli arg to reflect text description ( #3487 )
2017-10-27 09:44:56 -05:00
AJ Bourg
a71add2973
Add a doc for the token helper ( #3411 )
...
* Add token helper docs.
* Update it so the new token helpers page appears in the navigation.
2017-10-27 09:42:33 -05:00
Seth Vargo
83b1eb900a
More naming cleanup
2017-10-24 09:35:03 -04:00
Seth Vargo
6c1411447c
Remove more references to auth backend
2017-10-24 09:34:12 -04:00
Seth Vargo
926ca5c125
Update k8s documentation
2017-10-24 09:34:12 -04:00
Seth Vargo
51a27b758b
Resolve the most painful merge conflict known on earth
2017-10-24 09:34:12 -04:00
Seth Vargo
c5665920f6
Standardize on "auth method"
...
This removes all references I could find to:
- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend
in favor of the unified:
- auth method
2017-10-24 09:32:15 -04:00
Seth Vargo
3bbeace911
Audit backend -> device
2017-10-24 09:30:52 -04:00
Seth Vargo
aa34fb17c7
Absorb help and read-write into index
2017-10-24 09:30:52 -04:00
Seth Vargo
162c525159
Add "write" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
6fa133852e
Add "unwrap" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4d80ccbb4c
Add "token" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
51e185b9a2
Add "status" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
4634949b9b
Add "ssh" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
a106350950
Add "server" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
28fa271c4e
Add "secrets" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
bcf6657e9c
Add "read" command documentation
2017-10-24 09:30:52 -04:00
Seth Vargo
c743167f4c
Add "policy" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
54f8e0adb2
Update "path-help" documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
f48bc06d93
Add "operator" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
a81ff9a97c
Add "login" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
50d6c9a642
Add "list" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
57c0d53121
Add "lease" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
d31bccccdf
Add "delete" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
48e84342c2
Add "auth" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
0fa0a5ca41
Add "audit" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
3c43409e6c
Add "token revoke" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
6d150b5228
Add "token renew" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
cac3515379
Add "token lookup" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
ffe608d535
Add "token create" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
61edbf3325
Add "token capabilities" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
529b9bd224
Add "secrets tune" command documentation
2017-10-24 09:30:51 -04:00
Seth Vargo
40b8f3c204
Add "secrets move" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f2bbb3cc18
Add "secrets list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c782b25e7c
Add "secrets enable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
087a87c59e
Add "secrets disable" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6995d1e06b
Add "policy write" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
79b3f7d8fe
Add "policy read" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
e29e78eb7d
Add "policy list" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
6522bd12d5
Add "policy fmt" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
b735d70922
Add "policy delete" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c9d74f77e4
Add "operator unseal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
f15eddf299
Add "operator step-down" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c62de019dd
Add "operator seal" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c2f31c503a
Add "operator rotate" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
310d4adc87
Add "operator rekey" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
83df4a8c4c
Add "operator key-status" command documentation
2017-10-24 09:30:50 -04:00
Seth Vargo
c35d67c9e3
Add "operator init" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
ed15b273ca
Add "operator generate-root" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
baf2edbc57
Add "lease revoke" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
a1de44f93c
Add "lease renew" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
21e74d73dd
Add "auth tune" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
7d880e3154
Add "auth list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
01780e9b75
Add "auth help" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
e04fb8423a
Add "auth enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
95af51f279
Add "auth disable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
89e23d0e84
Add "audit list" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
04ee9ce40a
Add "audit enable" command documentation
2017-10-24 09:30:49 -04:00
Seth Vargo
fd2a12bce4
Add "audit disable" command documentation
2017-10-24 09:30:49 -04:00
Chris Hoffman
df29bc4fc0
updating mssql docs ( #3477 )
2017-10-19 11:21:29 -04:00
Brian Shumate
d150f374fd
Match plugin name from releases ( #3453 )
2017-10-19 11:10:42 -04:00
Brian Kassouf
fdd76563eb
Add a note about the instant client libraries ( #3434 )
...
* Add a note about the instant client libraries
* Update oracle.html.md
2017-10-12 09:40:06 -04:00
emily
cbe41b590f
add GCP APIs that need to be enabled to GCP auth docs, small doc fixes ( #3446 )
2017-10-11 09:18:32 -04:00
Nicolas Corrarello
3380fd647d
Adding Nomad docs to the nav. Minor cosmetics fixes
2017-10-06 16:03:06 +01:00
David Dixon
cfd27317d8
Small typo corrections for policies doc ( #3413 )
2017-10-06 09:38:00 -04:00
Oluwafemi Sule
b6ec6351af
fix spellings errors ( #3400 )
2017-09-29 11:52:42 -04:00
Alex Dadgar
f56e191020
Fix spelling errors ( #3390 )
2017-09-28 07:54:40 -04:00
Brian Kassouf
b1db3765ca
Kubernetes Docs Update ( #3386 )
...
* Update Kubnernetes Docs
* Add a note about alpha clusters on GKE
* Fix JSON formatting
* Update kubernetes.html.md
* Fix a few review comments
2017-09-27 14:02:18 -07:00
Jeff Mitchell
17a15cd594
Add option to disable client certificate requesting. ( #3373 )
...
Fixes #3372
2017-09-25 14:41:46 -04:00
Nicolas Corrarello
5178e5f5f2
Adding Nomad secret backend documentation
2017-09-20 17:31:28 -05:00
Dave Pedu
19e4d8b6c3
Spelling fix ( #3351 )
2017-09-19 15:25:39 -04:00
Brian Kassouf
9b0d594d02
Kubernetes auth ( #3350 )
...
* Import the kubernetes credential backend
* Add kubernetes docs
* Escape * characters
* Revert "Import the kubernetes credential backend"
This reverts commit f12627a9427bcde7e73cea41dea19d0922f94789.
* Update the vendored directory
2017-09-19 09:27:26 -05:00
emily
ed3d75d0b1
Add GCE docs for GCP Auth Backend ( #3341 )
2017-09-19 07:44:05 -05:00
Bruno Miguel Custódio
2abddb248e
Fix a few quirks in the GCP auth backend's docs. ( #3322 )
2017-09-19 07:41:41 -05:00
Vishal Nayak
e99640f462
Add 'pid_file' config option ( #3321 )
...
* add pid_file config option
* address review feedback
* address review comments
2017-09-16 17:09:37 -04:00
Chris Hoffman
1029ad3b33
Rename "generic" secret backend to "kv" ( #3292 )
2017-09-15 09:02:29 -04:00
Chris Hoffman
a2d2f1a543
Adding support for base_url for Okta api ( #3316 )
...
* Adding support for base_url for Okta api
* addressing feedback suggestions, bringing back optional group query
* updating docs
* cleaning up the login method
* clear out production flag if base_url is set
* docs updates
* docs updates
2017-09-15 00:27:45 -04:00
Chris Hoffman
9d73c81f38
Disable the sys/raw
endpoint by default ( #3329 )
...
* disable raw endpoint by default
* adding docs
* config option raw -> raw_storage_endpoint
* docs updates
* adding listing on raw endpoint
* reworking tests for enabled raw endpoints
* root protecting base raw endpoint
2017-09-15 00:21:35 -04:00
Chris Hoffman
2e60b20eae
update enterprise urls /docs/vault-enterprise -> /docs/enterprise ( #3333 )
2017-09-13 15:37:40 -04:00
Bruno Miguel Custódio
886a0acee6
Fix navigation and prameters in the 'gcp' auth backend docs. ( #3317 )
2017-09-11 15:26:24 -04:00
Adam Duke
a3f97c5e3e
fix typo in policies documentation ( #3302 )
2017-09-07 11:55:24 -04:00
Jeff Mitchell
9578361513
Massive update to response-wrapping concept page
2017-09-01 08:32:55 -04:00
Jeff Mitchell
8acef196a8
Add 'discard' target to file audit backend ( #3262 )
...
Fixes #seth
2017-08-30 19:16:47 -04:00
Joel Thompson
caf90f58d8
auth/aws: Allow wildcard in bound_iam_principal_id ( #3213 )
2017-08-30 17:51:48 -04:00
stephan stachurski
e396d87bc5
add support to use application default credentials to gcs storage backend ( #3257 )
2017-08-30 15:42:02 -04:00
Seth Vargo
9f80099fae
Remove fake news about custom plugins
...
This also adds a redirect from the old page to the new one
2017-08-30 12:57:45 -04:00
Christopher Pauley
eccbb21ce8
stdout support for file backend via logger ( #3235 )
2017-08-29 14:51:16 -04:00
Brian Kassouf
23089dafbc
Add basic autocompletion ( #3223 )
...
* Add basic autocompletion
* Add autocomplete to some common commands
* Autocomplete the generate-root flags
* Add information about autocomplete to the docs
2017-08-24 15:23:40 -07:00
Serg
66b178f969
Update index.html.md ( #3233 )
2017-08-24 10:08:35 -04:00
Seth Vargo
ec9e187ce4
Thread stderr through too ( #3211 )
...
* Thread stderr through too
* Small docs typo
2017-08-21 17:23:29 -04:00
Seth Vargo
1f45a6c96e
Addd more SSH CA troubleshooting ( #3201 )
...
* Add notes about pty and other permit-* extensions
* Update troubleshooting
* Add an example of JSON for sign
* Fix a bug about what keys to push up
2017-08-21 17:22:54 -04:00
Calvin Leung Huang
73fd103456
Update gcp auth backend docs ( #3209 )
...
* Update gcp auth backend docs
* Minor formatting and wording fixes
* Minor formatting fixes
2017-08-18 16:25:52 -04:00
Seth Vargo
b4bec62d47
Typo fix
2017-08-16 18:38:35 -04:00
Seth Vargo
7b1e013511
Refactor SSH CA backend docs
2017-08-16 18:38:35 -04:00
Brian Kassouf
406396603a
Fix a few links ( #3188 )
2017-08-16 10:27:12 -07:00
Jeff Mitchell
bbcbe1f6d5
Fix ping docs location
2017-08-16 12:57:31 -04:00
emily
31a994e452
Initial GCP auth backend documentation ( #3167 )
2017-08-15 22:03:04 -04:00
Jeff Mitchell
0c2c078e48
Add PingID MFA docs ( #3182 )
2017-08-15 22:01:34 -04:00
Brian Kassouf
89b81bcb4c
Oracle plugin docs ( #3131 )
...
* Add oracle database docs
* Add oracle database docs
* Fix commas in json output
* Update oracle.html.md
2017-08-15 17:24:01 -07:00
Andy Manoske
bc7d77c83f
Update index.html.md
...
Updated replication docs for DR
2017-08-14 19:02:02 -07:00
Jeff Mitchell
035d37cd36
Fix hanadb link
2017-08-14 13:04:26 -04:00
Lucas Vasconcelos Santana
ea2d4c7d55
add scheme to the redirect_addr example
2017-08-14 10:59:44 -04:00
Lucas Vasconcelos Santana
914fab79ce
add scheme to the redirect_addr example
2017-08-14 10:59:44 -04:00
Seth Vargo
8ee362744b
Break SSH types into their own pages ( #3157 )
...
@jefferai and I discussed this on Friday. With three fully-documented
SSH backends, the page is lengthy, ungreppable, and intimidating. This
commit separates the SSH backends into their own pages with as little
text changes as possible.
2017-08-14 10:49:41 -04:00
Seth Vargo
0274a0f639
Rename database plugins for SEO ( #3156 )
...
When we "nest" like this, it's important to use a common suffix,
"Database Secret Backend" in this case, so that the SEO minions can
properly group search results for end users.
2017-08-14 10:46:39 -04:00
Jeff Mitchell
75bc43e961
Update github comment
2017-08-11 17:03:18 -04:00
Seth Vargo
d931a2fa85
Remove references to VSI ( #3143 )
...
Andy approved
2017-08-10 20:47:59 -04:00
Issac
07dc10cdc8
Add TLS config to skeleton plugin ( #3137 )
2017-08-09 11:41:17 -07:00
vishalnayak
c88db7b185
docs: Add API section for MFA docs
2017-08-09 13:26:29 -04:00
vishalnayak
0a0e697e05
docs: fix broken link
2017-08-09 13:17:56 -04:00
vishalnayak
254c1b6ae0
docs: Added identity concepts
2017-08-09 13:08:05 -04:00
vishalnayak
9844475b64
docs: Add X-Vault-MFA to the list of env vars
2017-08-09 11:31:30 -04:00
Chris Hoffman
e3e5be4617
API Docs updates ( #3135 )
2017-08-09 11:22:19 -04:00
Jeff Mitchell
d8a3bccb43
Fix cassandra doc link
2017-08-09 10:32:03 -04:00
Vishal Nayak
6d6e84f804
docs: MFA usage details ( #3133 )
2017-08-08 23:48:31 -04:00
Jeff Mitchell
5cb3a79568
Add an extra sentence to the github warning
2017-08-08 21:10:15 -04:00
Calvin Leung Huang
95af5bf6c7
Add plugin backends docs ( #3125 )
...
* Add docs on plugins/backend/reload, add plugin backend guide
* Fix docs headers
* Fix API endpoint description
* Update plugin guide and internals pages
2017-08-08 12:39:19 -04:00
Chris Hoffman
191d48f848
API Docs updates ( #3101 )
2017-08-08 12:28:17 -04:00
Jeff Mitchell
accba5287c
Add a note about GitHub auth backend security
2017-08-08 10:26:05 -04:00
Paulo Ribeiro
1e3c74862e
Fix minor grammatical error ( #3110 )
2017-08-04 11:08:49 -04:00
Jeff Mitchell
65d7face69
Merge branch 'master-oss' into issue-2241
2017-08-03 07:41:34 -04:00
Gobin Sougrakpam
8e01c994bf
tls_client_ca_file option for verifying client ( #3034 )
2017-08-03 07:33:06 -04:00
Jeff Mitchell
7e3ff5e56c
Add PROXY protocol support ( #3098 )
2017-08-02 18:24:12 -04:00
Minkyu Kim
68fd01e3fc
Fix outdated documentation about AWS STS credentials ( #3093 ) ( #3094 )
2017-08-02 11:18:35 -04:00
Jeff Mitchell
4885b3e502
Use RemoteCredProvider instead of EC2RoleProvider ( #2983 )
2017-07-31 18:27:16 -04:00
Brian Rodgers
d8e47e6f79
docs: Added text to clarify that root
does not refer to AWS root creds ( #2950 )
2017-07-31 17:31:44 -04:00
Oliver Beattie
e5a3156429
Fix docs to use new style
2017-07-31 15:24:08 +01:00
Filipe Varela
a5a480551c
Makes naming consistent w/ other storage backends (ie: etcd)
2017-07-31 15:18:07 +01:00
Filipe Varela
b0446a2b25
Adds docs for new configuration options
2017-07-31 15:18:06 +01:00
Oliver Beattie
3919f38bd5
Add a (basic) Cassandra storage backend
2017-07-31 15:18:01 +01:00
James Phillips
0ab5b0e26b
Fixes a typo in the VSI doc. ( #3047 )
2017-07-26 12:18:52 -04:00
Jeremy Voorhis
87d4014b6b
s/alterate/alternate/ ( #3056 )
2017-07-26 11:44:06 -04:00
Vishal Nayak
a80d7fb9c8
docs: Identity Store ( #3055 )
2017-07-25 18:33:17 -04:00
Chris Hoffman
2aa02fb3f0
CockroachDB Physical Backend ( #2713 )
2017-07-23 08:54:33 -04:00
Calvin Leung Huang
bb54e9c131
Backend plugin system ( #2874 )
...
* Add backend plugin changes
* Fix totp backend plugin tests
* Fix logical/plugin InvalidateKey test
* Fix plugin catalog CRUD test, fix NoopBackend
* Clean up commented code block
* Fix system backend mount test
* Set plugin_name to omitempty, fix handleMountTable config parsing
* Clean up comments, keep shim connections alive until cleanup
* Include pluginClient, disallow LookupPlugin call from within a plugin
* Add wrapper around backendPluginClient for proper cleanup
* Add logger shim tests
* Add logger, storage, and system shim tests
* Use pointer receivers for system view shim
* Use plugin name if no path is provided on mount
* Enable plugins for auth backends
* Add backend type attribute, move builtin/plugin/package
* Fix merge conflict
* Fix missing plugin name in mount config
* Add integration tests on enabling auth backend plugins
* Remove dependency cycle on mock-plugin
* Add passthrough backend plugin, use logical.BackendType to determine lease generation
* Remove vault package dependency on passthrough package
* Add basic impl test for passthrough plugin
* Incorporate feedback; set b.backend after shims creation on backendPluginServer
* Fix totp plugin test
* Add plugin backends docs
* Fix tests
* Fix builtin/plugin tests
* Remove flatten from PluginRunner fields
* Move mock plugin to logical/plugin, remove totp and passthrough plugins
* Move pluginMap into newPluginClient
* Do not create storage RPC connection on HandleRequest and HandleExistenceCheck
* Change shim logger's Fatal to no-op
* Change BackendType to uint32, match UX backend types
* Change framework.Backend Setup signature
* Add Setup func to logical.Backend interface
* Move OptionallyEnableMlock call into plugin.Serve, update docs and comments
* Remove commented var in plugin package
* RegisterLicense on logical.Backend interface (#3017 )
* Add RegisterLicense to logical.Backend interface
* Update RegisterLicense to use callback func on framework.Backend
* Refactor framework.Backend.RegisterLicense
* plugin: Prevent plugin.SystemViewClient.ResponseWrapData from getting JWTs
* plugin: Revert BackendType to remove TypePassthrough and related references
* Fix typo in plugin backends docs
2017-07-20 13:28:40 -04:00
Joel Thompson
3704751a8f
Improve sts header parsing ( #3013 )
2017-07-18 09:51:45 -04:00
Gobin Sougrakpam
2ddbc4a939
Adding option to set custom vault client timeout using env variable VAULT_CLIENT_TIMEOUT ( #3022 )
2017-07-18 09:48:31 -04:00
Andy Manoske
d82f231753
Update configuration.html.md ( #3029 )
2017-07-17 14:37:32 -04:00
Jeff Mitchell
4387871bca
Add max_parallel to mssql and postgresql ( #3026 )
...
For storage backends, set max open connections to value of max_parallel.
2017-07-17 13:04:49 -04:00
Seth Vargo
ce1808f77d
Update Policies and Auth concepts pages ( #3011 )
2017-07-14 11:15:22 -04:00
Jeff Mitchell
8903f68bf6
Reformat some wrapping docs
2017-07-13 19:02:15 -04:00
Tony Cai
07088fe8a0
Added HANA database plugin ( #2811 )
...
* Added HANA dynamic secret backend
* Added acceptance tests for HANA secret backend
* Add HANA backend as a logical backend to server
* Added documentation to HANA secret backend
* Added vendored libraries
* Go fmt
* Migrate hana credential creation to plugin
* Removed deprecated hana logical backend
* Migrated documentation for HANA database plugin
* Updated HANA DB plugin to use role name in credential generation
* Update HANA plugin tests
* If env vars are not configured, tests will skip rather than succeed
* Fixed some improperly named string variables
* Removed unused import
* Import SAP hdb driver
2017-07-07 13:11:23 -07:00
Will May
23ff17c769
Allow Okta auth backend to specify TTL and max TTL values ( #2915 )
2017-07-05 09:42:37 -04:00
Jasper Siepkes
5ae38eb745
Added documentation for working with MySQL wildcards in GRANT ( #2963 )
2017-07-04 13:59:08 -04:00
Brian Shumate
5fb9c73e1d
DOCS: fix typo ( #2965 )
2017-07-03 12:40:31 -04:00
Cameron Stokes
711d6e6569
[docs] Add requirements for hsm. ( #2941 )
2017-07-01 21:21:51 +01:00
Seth Vargo
00e2213790
Add rekeying guide & move guides to top-level ( #2935 )
2017-06-29 14:43:43 +01:00
Brian Shumate
7a8b16f441
Docs: Expand Telemetry documentation ( #2860 )
2017-06-29 04:02:48 +01:00
Brian Boerst
0631c02558
Typo fix in vault enterprise/replication docs. ( #2932 )
2017-06-29 04:01:32 +01:00