0832153f7d
fixes file path option in samples ( #5377 )
...
fixes file path option in samples
2018-09-20 15:55:20 -07:00
3600f3dfa5
[Guide] Tokens & Leases guide **Correction** ( #5375 )
...
* Added Azure Key Vault
* Corrected the info about orphan token creation
2018-09-20 13:58:29 -07:00
189b893b35
Add ability to provide env vars to plugins ( #5359 )
...
* Add ability to provide env vars to plugins
* Update docs
* Update docs with examples
* Refactor TestAddTestPlugin, remove TestAddTestPluginTempDir
2018-09-20 10:50:29 -07:00
74ec835b3b
Docs: update Tidy API ( #5374 )
...
- Add a sample response to /auth/token/tidy API docs
- Document /auth/approle/tidy/secret-id API docs
2018-09-20 13:25:33 -04:00
6fcf6ea6fe
Add -dr-token flag to commands to generate OTP and decode with OTP (required on DR secondary as of 0.11) ( #5368 )
2018-09-20 09:19:01 -07:00
43837ecdf1
Documentation correction - update list identity whitelist sample request ( #5369 )
...
Path was incorrectly referencing the roletag-blacklist
Updated the sample to match the correct path
2018-09-19 21:21:57 -07:00
d05484b586
AliCloud Secrets Docs ( #5351 )
2018-09-19 08:42:59 -07:00
43aebacfa8
Fix default_max_request_duration HCL name and update docs ( #5321 )
...
* Fix default_max_request_duration HCL name and update docs
* Update tcp.html.md
2018-09-18 14:30:21 -07:00
512b64ad77
[Guide] Secure Introduction - Update ( #5323 )
...
* Adding Vault Agent to the Secure Intro guide
* Incorporated the feedback
* Deleted extra spaces
* methods -> approaches
2018-09-14 13:51:23 -07:00
2cc8610abb
[Guide] Namespaces policy ( #5296 )
...
* Added policy info
* Fixed the API URL
* Added webinar recording as a reference material
2018-09-14 11:23:46 -07:00
7f5c193ace
Fix small grammatical error in plugin docs ( #5334 )
2018-09-13 14:23:24 -07:00
04a0dd6d0e
ACL Policy Templating -> ACL Policy Path Templating ( #5330 )
2018-09-12 16:14:31 -07:00
5f5af90dfe
Update AWS auth backend iam_request_headers to be TypeHeader ( #5320 )
...
Update AWS Auth backend to use TypeHeader for iam request headers
- Remove parseIamRequestHeaders function and test, no longer needed with new TypeHeader
- Update AWS auth login docs
2018-09-12 16:16:16 -05:00
b2ff87c9c2
Poll for new creds in the AWS auth agent ( #5300 )
2018-09-12 13:30:57 -07:00
168b956fbb
Docs: clarify max_ttl in Database Secrets Create ( #5311 )
...
- Clarify max_ttl on Database Secrets Create API
- Crosslink to TTL general case docs
2018-09-11 19:55:15 -04:00
7c51265de9
Update pki-engine.html.md ( #5322 )
2018-09-11 19:49:31 -04:00
7683aa3e57
[Guide] Performance Standby Nodes ( #5272 )
...
* Performance Standby Nodes guide
* Added a link in the Vault HA guide
* Added links
* Clarified the node selection info
* Incorporated feedback
* Added 'when the Enterprise license includes this feature'
* Fixed the label: server 8 -> VM8
* Incorporated the feedback
2018-09-11 15:22:36 -07:00
d96d10957c
Update some text around encrypting with agent
2018-09-11 15:05:44 -04:00
625592c5e6
update to match aws ( #5315 )
2018-09-11 11:10:50 -07:00
67bd5e460b
Docs: namespaces edit lookup subcommand text ( #5310 )
...
* Docs: namespaces edit lookup subcommand text
* precise
2018-09-10 11:56:01 -04:00
f61a3709ee
Finish updating jwt auth docs
2018-09-10 11:46:50 -04:00
db56672529
resolve incorrect scope ( #5307 )
...
https://github.com/terraform-providers/terraform-provider-azurerm/issues/943
> Turns out the problem is that the scope was invalid. There was a missing s on resourceGroup. The error message though is absolutely awful for detecting that.
2018-09-07 16:56:02 -07:00
6331f8bdf3
Fix typos in Azure Secrets Engine docs ( #5295 )
2018-09-06 15:31:19 -07:00
3085c53ffe
Update relatedtools.html.md ( #5287 )
...
Add ansible-modules-hashivault to the list of third-party tools
2018-09-06 08:37:03 -07:00
79f707edd2
Create partnerships.html.erb
2018-09-05 17:06:49 -07:00
c97428a0cb
Update community.html.erb
2018-09-05 16:44:46 -07:00
c28ed23972
Allow most parts of Vault's logging to have its level changed on-the-fly ( #5280 )
...
* Allow most parts of Vault's logging to have its level changed on-the-fly
* Use a const for not set
2018-09-05 15:52:54 -04:00
0a482e9bd2
Fix misspelling ( #5279 )
2018-09-05 15:40:01 -04:00
76293834cc
Update terminology ( #5225 )
...
- Change "key ring" references to "key" to match Transit API docs
2018-09-05 12:05:02 -04:00
7e0e49656a
Add AliCloud auth to the Vault Agent ( #5179 )
2018-09-05 11:56:30 -04:00
81e9efb658
Fix resource binding examples ( #5273 )
2018-09-05 11:55:45 -04:00
19406ecd32
EA validation of material against Vault 0.11 ( #5276 )
...
* Validate RA against Vault 0.11
* Validate DG against Vault 0.11
2018-09-05 11:55:27 -04:00
c9b06f3b62
Remove certificates from store if tidying revoked certificates ( #5231 )
...
This will cause them to be removed even if they have not expired yet,
whereas before it would simply leave them in the store until they were
expired, but remove from revocation info.
2018-09-05 11:47:27 -04:00
cf525cb934
Documentation: Corrected typo in CLI init doc ( #5269 )
2018-09-04 15:44:41 -06:00
761f06d3a3
Update index.html.md
2018-09-04 12:15:05 -04:00
d7d6c295b4
Update Azure VM sizes in Reference Architecture ( #5251 )
2018-09-03 20:24:27 -07:00
0da1c762cb
[Guide] Updates on Namespaces guide ( #5243 )
...
* Added 'Additional Discussion' section
* s/at the root/in the root namespace/
* one more place that I said 'at the root' - fixed
2018-08-31 18:24:07 -07:00
218ca527be
adding known issue
2018-08-31 17:29:21 -04:00
5cfc84238d
Fixed the incomplete sentense ( #5240 )
2018-08-31 11:37:28 -07:00
c52f3c5a24
[Guide] ACL Templating ( #5226 )
...
* WIP - ACL Templating
* WIP
* WIP - ACL Templating
* WIP
* Updated
* ACL Policy Templating guide
* Updated to use kv-v2 instead of kv
* Fixed the incomplete sentense and cleaned it up a little
* WIP Formatting and grammar
* Minor fixes
2018-08-31 09:06:43 -07:00
3f56e989a3
adding known issues section
2018-08-30 19:09:30 -04:00
2e7e2778e1
[Guide] Update for Vault HA (0.11) ( #5104 )
...
* For 0.11 - Performance Nodes
* Added the doc link
* Performance Node -> Performance Standby Nodes
* Updated to say 'most read-only requests'
2018-08-30 14:45:34 -07:00
e8ef5afb5f
namespace docs updates
...
Post-launch clarifications on namespace docs
2018-08-30 14:20:14 -07:00
cc8eceb849
[Guide] Fixed the reported issue ( #5230 )
...
* Fixed the message
* Fixed the message
2018-08-30 09:45:18 -07:00
b1f462d7f9
Fix up sidebar JWT description
2018-08-30 12:00:20 -04:00
5da6fc2f77
Remove some confusing language on perf standby page
2018-08-29 19:51:23 -04:00
eeb3b71fc0
Minor edits ( #5221 )
...
- Correct typo
- Remove trailing spaces
2018-08-29 12:01:33 -04:00
774359f3b5
adding namespaces example
2018-08-29 11:26:23 -04:00
24946fe43e
Add namespace/mfa docs ( #5215 )
2018-08-28 15:33:34 -07:00
b509ea4926
Make the usernames match in all examples in userpass
2018-08-28 18:33:00 -04:00
85f06f7e88
Add Performance Standby Docs ( #5214 )
...
* Add Performance Standby Docs
* Review updates
2018-08-28 12:48:02 -07:00
d343f00b64
Fix ssh command in example ( #5209 )
2018-08-28 12:34:48 -07:00
5cf0e3e87e
Update API section index file with fixes, updates, and namespace info. ( #5213 )
2018-08-28 12:33:19 -07:00
4b87a0fd2c
remove beta language
2018-08-28 14:00:55 -04:00
d28e993e1b
Added Deployment Guide in the index ( #5211 )
2018-08-28 10:55:30 -07:00
d56682ee9d
Update upgrade guide
2018-08-28 12:17:43 -04:00
d986c8813b
Update upgrade guide for 0.11.0
2018-08-28 12:12:40 -04:00
2a8e510a27
Document disable_performance_standby
2018-08-28 12:09:13 -04:00
c81efa0fa2
fixing link
2018-08-28 07:19:35 -04:00
9954bddcf0
Add Deployment Guide, links and reformat Ref Arch ( #5041 )
...
* Add Deployment Guide, links and reformat Ref Arch
* Improve systemd service file and links
2018-08-28 04:53:36 -06:00
abe86a48f4
Fix Azure Secrets API example
2018-08-27 20:44:00 -06:00
e8991e8fe9
Adding documentation clarifying oracle plugin setup and requirements ( #5183 )
2018-08-25 12:27:13 -07:00
55b3dfbcc0
use ldaps in docs ( #5180 )
2018-08-24 10:36:20 -07:00
70bf87c25b
Update ad/creds/:rolename endpoint to include the table with method/path for consistency/clarity. Also, remove payload.json from example, since this endpoint doesn't take a payload. ( #5172 )
2018-08-24 09:19:51 -07:00
e6abba9558
Revert "Add Configuration Builder and Better Download page" ( #5171 )
2018-08-23 19:34:50 -04:00
7eb0403ad2
Fix Azure Secrets docs error
2018-08-23 14:27:47 -07:00
6819af20b5
Merge branch 'master' into oss-download-config-path
2018-08-23 14:01:39 -06:00
ba0d029247
Restricts ACL templating to paths but allows failures ( #5167 )
...
When a templating failure happens, we now simply ignore that path,
rather than fail all access to all policies
2018-08-23 12:15:02 -04:00
d736324b50
Docs: ACL Templating ( #5159 )
2018-08-23 10:05:44 -04:00
18b21275d9
Fix docs typos ( #5158 )
2018-08-22 18:26:48 -04:00
d5a3010498
Update delete.html.md ( #5155 )
...
Minor typo in `delete` command docs
2018-08-22 11:26:21 -07:00
fb6a06a3fe
Alibaba auth docs ( #5132 )
2018-08-22 10:23:33 -07:00
52af323257
fixing feature name
2018-08-22 11:41:28 -04:00
b1c5e1f91c
fixing feature name
2018-08-22 11:40:48 -04:00
203269a5d4
JWT/OIDC documentation fixes ( #5157 )
...
* Fix argument name in JWT/OIDC login CLI example
* Fix groups_claim documented as required when creating roles for JWT/OIDC
2018-08-22 10:44:08 -04:00
8dfedb2693
Fixed a typo in the Namespaces guide ( #5151 )
2018-08-21 13:33:40 -07:00
e58a8a63a7
Add the ability to specify token CIDR restrictions on secret IDs. ( #5136 )
...
Fixes #5034
2018-08-21 11:54:04 -04:00
051bb9fc13
Two PKI improvements: ( #5134 )
...
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
2018-08-21 11:20:57 -04:00
43c733b460
Edit, missing "to" ( #5147 )
2018-08-21 11:09:41 -04:00
4d574c1d6c
adding namespace docs ( #5133 )
2018-08-17 12:17:11 -04:00
d25b7fa477
Add additional clarification
2018-08-17 08:55:49 -04:00
797141f8ae
vaultsharp - multi platform capabilities ( #5127 )
2018-08-17 08:47:16 -04:00
56636735bc
[Guide] Multi-Tenant Pattern with ACL Namespaces (0.11) ( #5103 )
...
* WIP - ACL Namespace
* WIP - ACL Namepaces
* WIP
* WIP
* WIP
* WIP
* WIP
* Added UI screenshots
* Added summary at the end
* Added the Web UI steps in Step 5
* Update multi-tenant.html.md
Updated text to ensure that we use the final "ship" name of namespaces (namespaces vs. ACL Namespaces) and introduced some industry-specific terminology (highlighting this is about Secure Multi-Tenancy)
2018-08-16 16:51:53 -07:00
50edc43df0
Merge pull request #5112 from hashicorp/namespaces-docs
...
Merge for Beta Launch
2018-08-16 15:36:43 -07:00
b18d9cc830
doc updates
2018-08-16 17:59:39 -04:00
bf77a69f4d
Update upgrade-to-0.11.0.html.md
2018-08-16 14:29:18 -07:00
95800f76b0
Add upgrade notes ( #5125 )
2018-08-16 14:22:27 -07:00
8ef8da0886
Update docs.erb
2018-08-16 13:44:13 -07:00
de52752e86
Update index.html.md
...
Updated to include Yoko's guide URL
2018-08-16 13:38:24 -07:00
96d8bd4bf7
[WIP] Support custom max Nomad token name length [supersedes https://github.com/hashicorp/vault/pull/4361 ] ( #5117 )
...
* Nomad: updating max token length to 256
* Initial support for supporting custom max token name length for Nomad
* simplify/correct tests
* document nomad max_token_name_length
* removed support for max token length env var. Rename field for clarity
* cleanups after removing env var support
* move RandomWithPrefix to testhelpers
* fix spelling
* Remove default 256 value. Use zero as a sentinel value and ignore it
* update docs
2018-08-16 15:48:23 -04:00
4ced3b0f77
Initial Azure Secrets docs ( #5121 )
2018-08-16 12:10:56 -07:00
f79385346f
Add ha_enabled for mysql backend ( #5122 )
...
* Slight cleanup around mysql ha lock implementation
* Removes some duplication around lock table naming
* Escapes lock table name with backticks to handle weird characters
* Lock table defaults to regular table name + "_lock"
* Drop lock table after tests run
* Add `ha_enabled` option for mysql storage
It defaults to false, and we gate a few things like creating the lock
table and preparing lock related statements on it
2018-08-16 11:03:16 -07:00
6673e579a0
[etcd] fix the deafult prefix in website ( #5116 )
...
etcd storage stores all Vault data under a prefix.
The default prefix is "/vault/" according to source codes.
However, the default prefix shown in the website is "vault/".
If the access to etcd is restricted to this wrong prefix, vault
cannot use etcd.
2018-08-16 10:38:11 -04:00
0941c7a24a
Make AWS credential types more explicit ( #4360 )
...
* Make AWS credential types more explicit
The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.
With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.
Fixes #4229
Fixes #3751
Fixes #2817
* Add missing write action to STS endpoint
* Allow unsetting policy_document with empty string
This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.
* Respond to some PR feedback
* Refactor and simplify role reading/upgrading
This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.
* Eliminate duplicated AWS secret test code
The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.
* Switch to use AWS ARN parser
2018-08-16 06:38:13 -04:00
bd4c047713
Update index.html.md
2018-08-15 17:44:36 -07:00
9d41d4c407
Update index.html.md
2018-08-15 17:44:00 -07:00
48e5c71b33
Update apis.html.md ( #5071 )
...
We disable TLS for example purposes, not exemplary purposes 😄
2018-08-15 19:41:29 -04:00
24a368c1ba
Add support for "sovereign" Azure cloud environments ( #4997 )
...
* Add support for "sovereign" Azure cloud environments
* Shorten variable names
2018-08-15 19:40:36 -04:00
0a71ea9a58
Create index.html.md
2018-08-15 15:27:11 -07:00
8d7a983bba
Update usage section for kv-v1 docs ( #5105 )
...
While following along with the usage section in the kv-v1 docs I noticed this error.
Running the given command gives:
```text
$ vault kv list kv/my-secret
No value found at kv/my-secret/
```
Running `vault kv list kv/` gives the desired output.
Also, I removed some trailing whitespace.
2018-08-15 10:57:36 -07:00
324c8fab24
Fix docs typo (service-account => service_account) ( #5102 )
...
Fixes hashicorp/vault-plugin-auth-gcp#47
2018-08-14 15:46:41 -07:00
9192bd6b07
Add ttl params into csr signing docs ( #5094 )
2018-08-13 23:38:03 -04:00
1395d6ea1a
[Guide] Control Groups ( #5072 )
...
* Control Group guide
* Fixed user policy list
* Fixed a typo
* Replaced the wrong screenshot
* Added missing period
2018-08-13 14:51:32 -07:00
ddc77d62f0
Added a link to the "previous section" mentioned ( #5018 )
...
This is for clarity since I had to check back to remember where it was mentioned.
2018-08-13 17:13:42 -04:00
3822e2997b
Clarify "Commands" docs ( #5092 )
...
Fixes #4890
2018-08-13 14:09:48 -07:00
b9fab6375b
Alibaba Object Storage support ( #4783 )
2018-08-13 17:03:24 -04:00
63e7ac034f
MySQL HA Backend Support ( #4686 )
2018-08-13 17:02:31 -04:00
92f0e1a39e
Revert "Add ttl parameter to pki api docs ( #5063 )"
...
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
2018-08-13 09:34:05 -07:00
140e3d5402
[Guide] Vault Cluster Monitoring Guide ( #5084 )
...
* Vault cluster monitoring guide
* Updated the download link
* Fixed broken link
2018-08-10 13:52:02 -07:00
aa8dac9bd2
Add RDS notes to MSSQL docs ( #5062 )
2018-08-10 08:52:21 -07:00
65d2cc768c
Website typo fix
2018-08-08 15:53:40 -04:00
7b7f1cc7ff
Add ttl parameter to pki api docs ( #5063 )
2018-08-08 09:12:14 -07:00
5454c15a7e
Fix typo: Consult Template -> Consul Template ( #5066 )
2018-08-08 09:01:45 -07:00
931c289b95
Update policies.html.md ( #5007 )
...
Allow admins to run CLI: `vault secrets list`
2018-08-07 10:35:23 -07:00
2a21e85580
html syntax corrections ( #5009 )
2018-08-07 10:34:35 -07:00
ca3aa1f36b
Update dev-server.html.md ( #5035 )
...
The instructions were in backwards order. #3591
2018-08-07 10:33:30 -07:00
3ae63b06d7
Typo fix ( #5052 )
2018-08-06 15:50:39 -07:00
ef6579fed5
[Guide] Sentinel Policies ( #5049 )
...
* Sentinel policies guide
* Typo fix
2018-08-06 15:39:32 -07:00
06491fa6a6
[Guide] SSH Secrets Engine ( #5022 )
...
* OTP SSH guide
* Fixed the required policy
* Added the step to restart the SSH server
* Update ssh-otp.html.md
Just a few edits to highlight its cloud context. Looks great otherwise!
2018-08-06 15:04:24 -07:00
fee3c2072d
[Guide] Build Your Own CA Guide ( #4995 )
...
* WIP
* WIP
* WIP - Jake's PKI demo
* WIP
* PKI secret engine guide
* Added little more description about role
* Added tidy step
* Fixed a broken link
2018-08-06 14:42:46 -07:00
3975a2cddc
Better OS highlighting
2018-08-06 12:30:31 -06:00
f0f4097470
Javascript refactor for configuration builder
2018-08-06 11:55:36 -06:00
c7bd0145c0
Better JavaScript line wrapping in configuration
2018-08-03 23:37:58 -06:00
c4ef5fdece
JS Feedback fixes, make UI default on click
2018-08-03 22:57:17 -06:00
e7bd3efc04
Merge branch 'master' into oss-download-config-path
2018-08-03 16:53:45 -06:00
59a0099f89
Add Configuration Builder and Better Download page
...
- Make Download Link more prominent on home page
- Add UI Demo link to home page
- Download page now suggests download based on your current system
- Added links for next steps
- Added configuration builder form, including downloading your custom config
2018-08-03 16:31:22 -06:00
fcb82c2444
Fix two errors in docs ( #5042 )
...
Two small errors in documentation
2018-08-03 14:26:46 -07:00
8e91555807
Fix docs sidebar layout
2018-08-03 09:15:45 -07:00
df3e3ba43d
Fix typo in the AWS STS AssumeRole docs. ( #5032 )
2018-08-02 22:57:24 -07:00
43183af2c8
Fix gcp auth method link ( #5030 )
2018-08-02 22:55:59 -07:00
4841309cdf
correct Jenkins policy and mysql secret path when kv put in authentication guide ( #5023 )
...
* correct Jenkins policy and mysql secret path when kv put
* add a note for kv-v2 secret
2018-08-02 08:38:51 -07:00
62bcbd3dfe
Fix website typo
2018-08-01 16:52:11 -04:00
9c6a14ba6b
[Guide] Identity: Entities & Groups ( #4968 )
...
* Entities & Groups tutorial
* Re-wordig the persona section
* Incorporated the feedback
* Updated the policy requirements
* Incorporate the feedback
* Fixed grammar
* Made the final small adjustments
2018-08-01 11:07:09 -07:00
56fcd2e7b3
.net 2.0 standard leap ( #5019 )
...
2.0 is more conducive for consumers
2018-08-01 08:57:49 -04:00
aadfccaa6b
[Guide] Direct App Integration guide ( #4948 )
...
* Direct App Integration guide
* Added a tag for step3
2018-07-31 09:19:23 -07:00
7e9ec5afb4
Fix GCP auth docs typo ( #5017 )
...
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
2018-07-31 10:57:34 -04:00
a6d0ae5890
Add exit-after-auth functionality to agent ( #5013 )
...
This allows it to authenticate once, then exit once all sinks have
reported success. Useful for things like an init container vs. a
sidecard container.
Also adds command-level testing of it.
2018-07-30 10:37:04 -04:00
0ad44a7ac5
Expand TOFU acronym in AWS auto-auth docs ( #5011 )
2018-07-29 18:05:49 -07:00
3d8bf1441b
[Guide] Transit Secrets Engine beginner guide ( #4943 )
...
* Intro to Transit Secrets Engine guide
* Added the Katacoda scenario link in the Reference Materials section
* Referencig this guide in the existing encryption guides
2018-07-27 16:08:52 -07:00
05f944c580
Update index.html.md ( #5005 )
2018-07-27 15:30:59 -04:00
083157cb24
adding environment to azure auth docs ( #5004 )
2018-07-27 08:33:20 -04:00
d02284657e
adding missing properties ( #5003 )
2018-07-27 08:19:12 -04:00
c13ef667d3
adding upgrade guide for 0.10.4 ( #4992 )
2018-07-25 12:54:48 -04:00
e72890e83f
VSI ( #4985 )
2018-07-24 22:02:27 -04:00
b37c05cf64
updating azure auth plugin and docs ( #4975 )
2018-07-23 10:00:44 -04:00
a16300e593
Add FoundationDB link to sidebar
2018-07-20 20:10:52 -07:00
3cd55dc26d
Git repo folder name changed ( #4969 )
2018-07-20 11:46:12 -07:00
4604c00018
State in docs that FoundationDB backend is community supported ( #4964 )
2018-07-20 09:59:13 -04:00
db2970623d
Fix small typo in Vault website documentation ( #4962 )
2018-07-20 09:57:16 -04:00
e2dd0864c4
Add missing telemetry metrics ( #4785 )
...
* Add missing telemetry metrics
- Add merkle related telemetry
- Add WAL related telemetry
* additional wal metrics
* Use correct metrics naming
2018-07-19 18:36:55 -04:00
712652c318
Fixing formatting
2018-07-19 10:36:09 -04:00
6a169ab00d
Adding information on required azure permissions ( #4956 )
2018-07-19 10:24:55 -04:00
498a8d9456
fix Issue #4952 static-secrets small typo ( #4953 )
2018-07-18 22:36:47 -07:00
9ff2081e8b
add sequelize-vault to third-party tools ( #4945 )
2018-07-17 21:45:37 -07:00
b41a1c6134
Updated - Secure Introduction to Vault Clients guide ( #4944 )
...
* Incorporated Armon's feedback
* Added a diagram
2018-07-17 15:54:48 -07:00
67b349a107
Secure Introduction to Vault Clients Guide ( #4871 )
...
* WIP
* WIP - Secure Intro Guide
* WIP secure intro guide
* WIP Secure Intro Guide
* WIP Secure Intro Guide
* WIP Secure Intro Guide
2018-07-16 15:17:52 -07:00
c8fb9ed6a8
FoundationDB physical backend ( #4900 )
2018-07-16 10:18:09 -04:00
493752334a
Fix environment mismatch in MySQL cert step ( #4835 )
2018-07-16 10:13:44 -04:00
1259ee6743
Add plugin CLI for interacting with the plugin catalog ( #4911 )
...
* Add 'plugin list' command
* Add 'plugin register' command
* Add 'plugin deregister' command
* Use a shared plugin helper
* Add 'plugin read' command
* Rename to plugin info
* Add base plugin for help text
* Fix arg ordering
* Add docs
* Rearrange to alphabetize
* Fix arg ordering in example
* Don't use "sudo" in command description
2018-07-13 10:35:08 -07:00
a3d067c00b
PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired ( #4916 )
2018-07-13 09:32:32 -04:00
a379989da4
Update GCP docs ( #4898 )
...
* Consistently use "Google Cloud" where appropriate
* Update GCP docs
This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
2018-07-11 15:52:22 -04:00
2322eabc68
Add jwt auth docs ( #4891 )
2018-07-11 15:08:49 -04:00
935c045cfa
Fix permitted dns domain handling ( #4905 )
...
It should not require a period to indicate subdomains being allowed
Fixes #4863
2018-07-11 12:44:49 -04:00
7b9bedf94d
Add additional config keys for swift ( #4901 )
...
* Add additional config keys for swift
* Add additional swift config keys in the doc page
2018-07-11 08:29:29 -07:00
408fc1eac0
Properly capitalize H in GitHub ( #4889 )
...
It's really bothering me, sorry.
2018-07-10 08:11:03 -07:00
bfb7ba3843
Remove vault.rocks from some that were missed
2018-07-10 10:47:30 -04:00
4a3fe87a39
Allow max request size to be user-specified ( #4824 )
...
* Allow max request size to be user-specified
This turned out to be way more impactful than I'd expected because I
felt like the right granularity was per-listener, since an org may want
to treat external clients differently from internal clients. It's pretty
straightforward though.
This also introduces actually using request contexts for values, which
so far we have not done (using our own logical.Request struct instead),
but this allows non-logical methods to still get this benefit.
* Switch to ioutil.ReadAll()
2018-07-06 15:44:56 -04:00
66f035edc4
Fixed example file extensions from .hcl to .json ( #4810 )
2018-07-06 08:59:09 -04:00
514ffac5e2
Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners ( #4862 )
2018-07-06 08:51:51 -04:00
04332f5b3f
Add missing replication props, prettify tables ( #4816 )
...
* Add missing request.replication props, prettify tables
* Fix location of replication prop
2018-07-05 16:11:21 -04:00
32c94b2638
Update docs
2018-07-03 08:28:43 -04:00
7b106683f0
Clarify policies note ( #4832 )
...
- Make it even clearer that "*" is the glob character referred to
2018-07-03 08:27:12 -04:00
8f45bc69ba
Fix tuning visibility in CLI ( #4827 )
...
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
2018-07-02 12:13:25 -04:00
dcb229d36d
Updates made by Michael Lucas ( #4855 )
...
Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.
2018-07-02 08:56:15 -07:00
6b7d215e7e
Clarify performance replication token handling
2018-06-29 09:32:35 -04:00
6f5b8c0e6f
adding sample request to key status api docs ( #4853 )
2018-06-29 09:17:51 -04:00
619dd3c6ed
Typo fix ( #4822 )
2018-06-23 16:34:25 -07:00
59b87fae53
Small grammar fix ( #4821 )
2018-06-22 21:59:39 -07:00
2410a11156
Add a warning to syslog
...
Ping #3617
2018-06-22 09:00:07 -04:00
cda793f5b3
Fix typos ( #4813 )
2018-06-21 12:29:18 -07:00
01d50cd3eb
Fixed a typo ( #4812 )
2018-06-21 11:11:30 -07:00
fadb3eb6fd
Make documentation match API example ( #4809 )
...
Quick and easy change to make the passwords match.
2018-06-21 10:50:02 -07:00
c3b7d1fbb6
Vault DR Replication Setup Guide ( #4790 )
...
* WIP DR setup guide
* Fix typos
* Added the steps to demote & disable primary
* Clarified some of the explanation
2018-06-21 08:42:35 -07:00
73cbbe2a9f
Add bound cidrs to tokens in AppRole ( #4680 )
2018-06-19 22:57:11 -04:00
d9ac83569b
clarify aws role tag doc ( #4797 )
2018-06-19 15:59:57 -07:00
71977637d4
Update Active Directory secret engine docs ( #4788 )
...
* active directory rotate root docs
* update doc
2018-06-19 09:11:46 -07:00
418513bbd9
Be explicit about trailing slash on paths for list capability ( #4793 )
2018-06-19 12:10:39 -04:00
cffb1183a8
Database updates ( #4787 )
...
* Database updates
* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted
Fixes #3544
Fixes #4782
* Add create/update info to docs
2018-06-19 11:24:28 -04:00
c558fc5f3d
fix typo in Vault Encryption as a Service Guide ( #4789 )
2018-06-18 17:32:43 -07:00
4cae4abbab
Add example of min_wrapping_ttl and max_wrapping_ttl ( #4753 )
2018-06-18 19:59:21 -04:00
dc568f1376
Update policies.html.md ( #4780 )
...
Policy file name was incorrect, causing instructions to be unclear.
2018-06-15 15:49:09 -07:00
5551a63221
pki: add ext_key_usage to mirror key_usage and add to sign-verbatim ( #4777 )
...
* pki: add ext_key_usage parameter to role
* pki: add key_usage and ext_key_usage parameter to sign-verbatim
* pki: cleanup code as per comments
2018-06-15 18:20:43 -04:00
762f08eac2
Mention delegating change password privs in ad docs
2018-06-15 17:01:47 -04:00
164c7225f1
Remove msa info from AD page
2018-06-15 16:55:28 -04:00
91ca3d4b7f
Add URI SANs ( #4767 )
2018-06-15 15:32:25 -04:00
d4303bc53e
docs: kv 2 is used by default in the dev server only ( #4773 )
2018-06-15 09:09:27 -04:00
43d9ae5c0a
Update index.html.md
...
Fixes #4763
2018-06-14 10:19:38 -04:00
44e874e06f
Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) ( #4754 )
2018-06-13 16:44:15 -07:00
1b77db5138
Update replication status ( #4761 )
...
* Update replication-performance.html.md
* Update replication-dr.html.md
* Update replication.html.md
* Update replication-dr.html.md
* Update replication-dr.html.md
* Update replication-performance.html.md
* Update replication.html.md
2018-06-13 16:43:39 -07:00
aa390e0e7e
add link to api docs ( #4757 )
2018-06-13 09:35:37 -07:00
7df8b15451
Vault guides example update ( #4756 )
...
* Typos in the sample payload JSON
* AWS support files were added
* yet another typo
2018-06-13 09:34:07 -07:00
49834a3a83
Use shell highlighting in the command snippets ( #4736 )
2018-06-11 08:46:35 -04:00
dc7631b994
Fix typo ( #4738 )
2018-06-11 05:38:21 -07:00
ab6547383c
reorder sidebar
2018-06-08 17:22:27 -04:00
611244d337
Update gcpckms.html.md
2018-06-08 17:07:59 -04:00
3a690656ee
fix typo
2018-06-08 17:05:17 -04:00
5d07ff7c7a
Adding Azure Key Vault seal docs ( #4728 )
2018-06-08 17:04:14 -04:00
165a622d15
Add missing sidebar links for AD
2018-06-07 10:21:22 -04:00
d2519da5ad
Tiny formalized edit ( #4715 )
2018-06-07 06:44:57 -07:00
ed7992e8ae
update docs and help text to include 'operator' ( #4712 )
2018-06-06 21:11:21 -07:00
cfd3672cf3
Update 0.10.2 upgrade guide
2018-06-06 10:45:15 -04:00
4b7d2bed01
Transit convergent v3
2018-06-05 18:53:39 -04:00
809079cac2
Update usage of deprecated commands rekey and rotate in the documentation ( #4703 )
2018-06-05 12:37:26 -04:00
68ce3bed34
Add async python client to docs ( #4698 )
2018-06-05 10:23:56 -04:00
a36f91101a
Fix VAULT_LOG_LEVEL in docs ( #4696 )
2018-06-05 10:23:32 -04:00
6cafb12ff4
be more explicit about names ( #4695 )
2018-06-04 21:34:17 -04:00
55eb4a997d
Update mount-filter.html.md ( #4656 )
2018-05-30 08:28:51 -04:00
192c228931
Add GCP auth helper ( #4654 )
...
* update auth plugin vendoring
* add GCP auth helper and docs
2018-05-29 20:36:24 -04:00
9228659c5c
add formatter to ad docs ( #4653 )
2018-05-29 16:47:46 -07:00
f5c18d58ef
Fix typo in group parameter in Vault systemd file ( #4642 )
2018-05-29 15:04:43 -04:00
d8d6be423b
Make test-case output a little bit consistent ( #4645 )
...
As well as in some places `-d` were incorrectly replaced with `--data`, sample commands with `accessor` were added
2018-05-29 15:03:33 -04:00
bde0bda710
Merge pull request #4600 from hashicorp/rekey-verification
...
Rekey verification, allowing new key shares to be confirmed before committing the new key.
2018-05-29 15:00:07 -04:00
606889f005
Docs for the upcoming Active Directory secrets engine ( #4612 )
2018-05-29 08:49:09 -07:00
bd0ac25eb9
Merge branch 'master' into rekey-verification
2018-05-29 10:19:57 -04:00
43c5030eca
pkcs11 docs updates
2018-05-25 15:39:07 -04:00
12976bf60e
add userpass note on bound cidrs ( #4610 )
2018-05-25 14:35:09 -04:00
52cb8234a6
Changelogify and fix some minor website bits
2018-05-25 10:39:23 -04:00
17460461a0
Breakout parameters for x.509 certificate login ( #4463 )
2018-05-25 10:34:46 -04:00
6a2d0e71b6
Vault Interactive Tutorial updates ( #4623 )
...
* Added more tutorial steps
* Updated the step texts
2018-05-24 11:39:02 -07:00
196d054f70
Update kv-v2.html.md ( #4614 )
...
correct the payload format for "Configure the KV Engine" and "Update Metadata"
2018-05-24 12:44:44 -04:00
8a9cd42fe9
Interactive server now uses kvv2 so update text
2018-05-23 09:59:52 -04:00
d066c4a2a8
remove incorrect parameter
2018-05-23 08:58:27 -04:00
635fd18bf6
Minor website doc updates
2018-05-22 15:12:12 -04:00
11646db916
Seal Wrap / FIPS 140-2 Compliance guide ( #4558 )
...
* WIP - Seal Wrap guide
* WIP: Seal Wrap guide
* Added a brief description about the Seal Wrap guide
* Incorporated feedbacks
* Updated FIPS language
Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules.
It's a very specific update, but it's an important one for some VE customers.
Looks great - thanks!
* Removed 'Compliance' from title
* typo fix
2018-05-22 11:23:11 -07:00
d60360ddbe
Add instructions for both kvv1 and kvv2 to getting started policies info
2018-05-22 14:07:12 -04:00
d88e4d5019
Mount Filters guide ( #4536 )
...
* WIP: Mount filter guide
* WIP
* Mount filter guide for CLI, API, and UI
* updated the next step
* Updated the verification steps
* Added a note about the unseal key on secondaries
* Added more details
* Added a reference to mount filter guide
* Added a note about generating a new root token
* Added a note about local secret engine
2018-05-22 08:57:36 -07:00
3db5a6adaa
updating link
2018-05-22 10:00:20 -04:00
ae43f2c25e
adding options information to mount endpoint ( #4606 )
2018-05-21 16:39:43 -04:00
3e0dbc5ea7
Remove dupe website text
2018-05-21 16:30:45 -04:00
8ad0bbbc44
Address feedback
2018-05-21 16:13:38 -04:00
27ab8d1a20
Add verification documentation
2018-05-21 12:00:36 -04:00
c737778c8d
Make description of prehashed a bit more friendly
2018-05-21 09:08:22 -04:00
3a568b6175
Update key_type parameter description
2018-05-19 12:20:37 -04:00
6d93ea4d77
Docs: Clarify that revoking token revokes dynamic secrets ( #4592 )
2018-05-18 23:27:53 -07:00
5a35dac726
Add missing drsecondarycode to health API docs
2018-05-18 12:39:13 -04:00
30dc66221c
Flip documented resolve_aws_unique_id value
...
Fixes #4583
2018-05-18 12:05:52 -04:00
9813794bc2
Add documentation for MySQL 5.6 root rotation ( #4584 )
...
The default root rotation statement for MySQL is only valid for 5.7 and
up. This commit adds example documentation for 5.6.
Fixes #4567
2018-05-18 08:56:11 -07:00
9050bc809b
Rename Google Container Engine to Google Kubernetes Engine ( #4586 )
2018-05-18 08:19:56 -07:00
124271c1ec
Merge pull request #4580 from tavislikedavis/patch-1
...
Update policies.html.md
2018-05-17 09:14:35 -07:00
38f5f5f783
Updated for new syntax
2018-05-17 09:14:12 -07:00
4ab7275c95
Merge pull request #4575 from avoidik/patch-2
...
Add more essential notes into production hardening guide
2018-05-17 09:05:34 -07:00
63963a73a6
Update production.html.md
2018-05-17 09:05:08 -07:00
5dcfc63ee6
Fix GCP API parameter docs
2018-05-17 08:54:25 -07:00
21e79035e0
Move UI docs from enterprise to OSS ( #4565 )
2018-05-17 08:48:10 -07:00
3bd38517eb
Update KV response code ( #4568 )
...
Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.
2018-05-17 08:46:19 -07:00
50e05056d3
Update policies.html.md
2018-05-16 14:35:30 -05:00
ec876c21b3
Update website ldap url text
2018-05-16 11:58:10 -04:00
cc99d82e8f
Update production.html.md
2018-05-16 11:16:04 +03:00
095baa8263
fixed spelling error in step 1 ( #4572 )
2018-05-15 17:43:35 -07:00
aa98f33f63
Mention that you can actually rekey when using an HSM
2018-05-13 16:49:42 -04:00
821d347375
Update HSM documentation and fix GCP docs build
2018-05-13 16:39:22 -04:00
9765779622
Client side rate limiting ( #4421 )
2018-05-11 10:42:06 -04:00
a4fa046730
Update GCP secrets to be example-driven ( #4539 )
...
👍
2018-05-10 16:58:22 -04:00
407550bd89
Fix minor spelling mistake ( #4548 )
2018-05-10 13:42:01 -07:00
76c717b081
Restrict cert auth by CIDR ( #4478 )
2018-05-09 15:39:55 -07:00
ec4b839741
Add link to updated privacy policy in layout.erb ( #4533 )
...
Added link to updated privacy policy in footer of `layout.erb` for the OSS website.
2018-05-09 16:11:57 -04:00
fc97fc09ce
[Guide] DB Root Credential Rotation ( #4508 )
...
* DB root credential rotation guide
* Fixed typos
* Added a note about creating a dedicated superuser
* Incorporated Chris's feedback
* Added a reference to DB root credential rotation
* Rephrase some of the languages
* Minor re-wording of a sentence
2018-05-09 11:01:58 -07:00
a69e8d81b0
Update jq path for "excited" in JSON output example ( #4531 )
2018-05-09 08:41:41 -07:00
f8e1f82225
Updated proxy protocol config validation ( #4528 )
2018-05-09 10:53:44 -04:00
274732733e
Clarify that rotate requires sudo
2018-05-09 10:19:35 -04:00
c19e8d0dbc
Clarify HA params, fixed typos ( #4527 )
...
* Clarify HA params, fixed typos
* Additional clarifications to listener parameters
* Updated cluster_address values
2018-05-08 13:36:42 -07:00
64bb0bd58a
Updated link for k8s-tokenreview ( #4523 )
...
Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.
2018-05-08 13:36:12 -07:00
67b8d3dc40
Changed DR docs page to fix generating secondary DR token ( #4521 )
...
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
2018-05-08 13:35:48 -07:00
f95a913bd5
docs: s/entity/group-alias
2018-05-08 16:32:35 -04:00
7c0e590f54
docs update
2018-05-07 16:34:39 -04:00
e7bbe6fbed
docs updates
2018-05-07 16:33:38 -04:00
049df3da3e
updating pkcs11 docs ( #4520 )
2018-05-07 13:50:45 -04:00
9b06c0fb56
Fix typo in AppRole guide ( #4509 )
2018-05-04 10:10:21 -04:00
9b9be9622a
Typo ( #4505 )
2018-05-03 13:37:44 -07:00
d180e45cf5
Fix incorrect file path in Token Helper doc ( #4499 )
...
Vault stores the token in `~/.vault-token` and not `~/.vault_token`.
2018-05-02 21:56:38 -07:00
cef1b3b75c
Payload key should be dr_operation_token ( #4498 )
2018-05-02 18:35:51 -07:00
608f013bf2
s/aws_region/region/ ( #4497 )
...
The correct key name is 'region' as opposed to 'aws_region'.
2018-05-02 14:25:03 -07:00
cef52dae90
Fix role of example in Kubernetes Auth Method ( #4483 )
...
It was `test` but it should be `demo` to be aligned with the example.
2018-05-01 15:04:53 -07:00
6bd95c596c
add script defer to the demo app tag as well ( #4489 )
2018-04-29 22:14:54 -05:00
f8c18b11d8
fix fout issue ( #4477 )
2018-04-27 14:34:20 -07:00
5bcb5992c9
Spring Cloud Vault Java demo ( #4397 )
...
* WIP - Spring Cloud Vault Java demo
* Added 'Reloading the Static Secrets' step
* Fixed a typo
* Minor wording change
Remove redundant "a".
* Typos and grammar
Fixed a few misspellings ("spring") and the odd "a", "the", or "an".
2018-04-27 09:18:50 -07:00
cd344bdbb8
[website] fix Markdown formatting on GCP page ( #4471 )
2018-04-27 09:13:07 -07:00
7f69ff0546
Minor updates to Azure auth docs
2018-04-27 08:47:06 -07:00
8deb32fc80
adjust analytics and other js for turbolinks ( #4400 )
2018-04-26 16:02:25 -05:00
8a309e6406
fix docs ( #4466 )
2018-04-26 16:54:19 -04:00
1b4406fef5
Make a minor grammar edit for docs ( #4467 )
...
Previous version used `read` in stead of `get` for everything but the code block examples.
It's a minor oversight, and most of us are going to skim to the code blocks anyway. But maybe it'll help.
2018-04-26 16:41:23 -04:00
0f806d0950
Remove out of date text on HSM rekeying
2018-04-26 10:10:30 -04:00
063c225f97
Fix typo in aws auth docs
2018-04-25 22:57:39 -07:00
418be4cb54
Fix authentication example mentioning vault auth but using vault login ( #4458 )
2018-04-25 14:59:38 -07:00
f8156a4e68
Update authentication.html.md
...
Thanks!
2018-04-25 14:37:59 -07:00
fba759ab97
fix document formatting
2018-04-25 10:16:41 -04:00
2d05034dd3
Seal Rotation Docs ( #4449 )
...
* wip docs
* adding docs
* removing vendor supported mechanism
2018-04-25 09:59:06 -04:00
9cf56fe0df
Fix mapping read paths ( #4448 )
2018-04-25 09:22:30 -04:00
e2512d6d30
Website download page update ( #4444 )
...
* Update download page to include community resources
+ Added “downloads powered by” text to Fastly icon
+ changed to horizontal grid for download list (vs vertical list)
+ added community resources below page
* Reverting changes from earlier
* Added community links to downloads page
+ added community and getting-started links to sidebar as well
2018-04-24 20:29:36 -05:00
94f28e3c24
Merge branch 'master-oss' into approle-local-secretid
2018-04-24 16:17:56 -04:00
639dc005ee
uppercase Vault in plugin doc ( #4442 )
2018-04-24 10:41:37 -07:00
c35fe4e6f0
Update curl commands / replace invalid '--payload' flag ( #4440 )
2018-04-24 11:20:29 -04:00
7039f6dccd
Merge branch 'master-oss' into approle-local-secretid
2018-04-24 11:03:39 -04:00
48994aee39
Updated the link to the sample app folder which was moved ( #4437 )
...
* Updated the link to the sample app folder which was moved
* Folder name changed from vault-transit-rewrap-example to vault-transit-rewrap
2018-04-23 16:45:10 -07:00
6b7a042003
error on enable_local_secret_ids update after role creation
2018-04-23 17:05:53 -04:00
97d146ca69
update docs
2018-04-23 16:54:23 -04:00
0882e5afb6
Update audit text to make it clear that audit logs are for authenticated interactions
2018-04-23 10:49:32 -04:00
45fe086107
Corrects description for mode option in ssh command ( #4420 )
...
Fixes #4375
2018-04-22 13:42:46 -04:00
739362b081
Correct typo in Kubernetes auth backend docs
...
Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend
documentation.
Fixes #4417
2018-04-21 19:37:59 -07:00
6d95b4d266
Add the ability to restrict token usage by IP. Add to token roles. ( #4412 )
...
Fixes #815
2018-04-21 10:49:16 -04:00
b6b521d4db
Mrktfix ( #4411 )
...
* Updated hero with current logo
* Updated logos in these artifact images as well
* Added Branded Logo
with HashiCorp
* Updated logo with branded logo
(HashiCorp in the name)
* typo
* Wrong spot
* Updated logo
2018-04-20 14:43:11 -05:00
4881a53eb0
Updated hero with current logo ( #4410 )
2018-04-20 12:50:00 -05:00
84ffdbb7b5
remove redundant 'Vault' in approle docs ( #4405 )
2018-04-20 09:55:15 -04:00
77d59c527f
remove lingering mention of "vault write" command. ( #4388 )
2018-04-18 16:32:37 -04:00
5fa9e4ca5c
phys/consul: Allow tuning of session ttl and lock wait time ( #4352 )
...
* phys/consul: allow tuning of session ttl and lock wait time
* use parseutil
* udpate docs
2018-04-18 13:09:55 -04:00
805b5e5160
X-Forwarded-For ( #4380 )
2018-04-17 18:52:09 -04:00
43cb70c7bf
Versioned KV secret engine (kv-v2) tutorial ( #4367 )
...
* Added versioned kv secret engine tutorial
* Added check-and-set feature
* Fixed archived -> deleted
* Incorporated all suggested changes
2018-04-17 14:42:14 -07:00
2ae6d614b8
Add mode to the examples under automation steps ( #4374 )
2018-04-17 13:47:41 -04:00
da1d68969c
docs: update accessor lookup response
2018-04-17 11:52:58 -04:00
6e827d2b27
docs: update token lookup response
2018-04-17 11:40:00 -04:00
efd0023d89
Update index.html.md ( #4372 )
...
Remove duplicate of max_ttl description from end of period description under create role parameters.
2018-04-17 11:05:50 -04:00
444faec8e6
Touch up getting started doc ( #4373 )
...
The example uses `vault kv put` but the the commentary references `vault write`. Make them consistent (this commit) or explain the equivalence.
2018-04-16 13:57:12 -04:00
7ba953b969
Add docs for internal UI mounts endpoint ( #4369 )
...
* Add docs for internal UI mounts endpoint
* Update description section
2018-04-16 12:13:58 -04:00
530121c655
Add ability to disable an entity ( #4353 )
2018-04-13 21:49:40 -04:00
99cf5c6054
Fix token store role documentation around explicit max ttl
2018-04-13 09:59:12 -04:00
a82a612e2c
Fix indentation of code block in Consul Secrets Engine docs ( #4350 )
...
The indentation of the code block in the Consul Secrets Engine doc was
removed in #4224 , but the closing backticks remained indented one level,
resulting in the block swallowing all text after it. Removing the
indentation from the closing backticks fixes this.
2018-04-13 09:55:35 -04:00
8d9d64c7cf
switch from GA to segment tracking ( #4109 )
2018-04-12 21:35:38 -05:00
28f6d65032
Remove Enterprise Only flag ( #4337 )
2018-04-11 14:27:58 -04:00
efea4fb6a7
Fixes a reference to deprecated init command ( #4338 )
...
Replace "vault init" with "vault operator init" in initialising the vault section.
2018-04-11 14:26:53 -04:00
d4db624671
Remove beta tag from Google Cloud
2018-04-10 13:58:16 -04:00
2f43a20ebe
fix broken link ( #4329 )
2018-04-10 11:11:38 -05:00
c56abb0dd8
Add more info to upgrade guide and changelog
2018-04-10 12:09:54 -04:00
30792caa9f
adding 0.10 upgrade guide ( #4321 )
2018-04-09 17:32:15 -04:00
966e2b63af
Removed extra '( )' in the link ( #4316 )
2018-04-09 09:57:22 -07:00
a8b8ca136e
KV: Update 'versioned' naming to 'v2' ( #4293 )
...
* Update 'versioned' naming to 'v2'
* Make sure options are set
* Fix description of auth flag
* Review feedback
2018-04-09 09:39:32 -07:00
2982199c1f
Fixed a missing 's' ( #4314 )
2018-04-09 09:22:11 -07:00
f6a3a76f25
Docs for configuration UI headers ( #4313 )
...
* adding /sys/config/ui headers
* adding /sys/config/ui headers
2018-04-09 12:21:02 -04:00
19f9f6ee89
Root Credential Rotation Docs ( #4312 )
...
* updating root credential docs
* more docs updates
* more docs updates
2018-04-09 12:20:29 -04:00
c30133d415
AppRole with Terraform & Chef ( #4200 )
...
* WIP - Teddy's webinar
* WIP
* Added more details with diagram
* Fixed a typo
* Added a note about terraform bug with 0.11.4 & 0.11.5
* Minor adjustment
* Fixed typos
* Added matching CLI commands
* Added extra speace for readability
2018-04-09 08:50:50 -07:00
cff34e983f
UI - pki updates ( #4291 )
...
* add require_cn to pki roles
* add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form
* add new fields to the PKI docs
* add add_basic_constraints field
2018-04-08 21:09:29 -05:00
cbcf31c570
remove token from curl request for login paths ( #4303 )
2018-04-06 18:10:59 -04:00
f039404a8a
Added in-region DR scenario diagram ( #4292 )
...
This is a replica of the PR 4243 which has already been approved.
2018-04-05 16:08:55 -07:00
9c1db25639
Update index.html.md
2018-04-05 15:16:28 -07:00
3dd3247006
Auto Unseal with AWS KMS guide ( #4277 )
...
* WIP
* Added auto unseal
* Converting to a guide
* Added little more explanations
* Minor fixes
* Fixed a typo
* Fixed a typo
* Changed auto unseal to auto-unseal
* Found more typo... fixed
2018-04-05 13:28:39 -07:00
22c1766fc1
Correct the page title to read `re-wrapping` ( #4274 )
...
The title in the metadata used `re-rapping` instead of `re-wrapping`. This one line change fixes the spelling.
2018-04-04 16:55:46 -04:00
d8dab90113
Rename Example Key from "value" to "foo" ( #4270 )
...
It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.
2018-04-04 16:22:27 -04:00
7ef337ad86
Vault HA with Consul guide ( #4187 )
...
* Vault HA guide draft
* Fixed node_id to say node_name based on Brian's input
* Fixed the unwanted hyperlink
* Vault HA guide
* Updated the description of the Vault HA guide
* Typo fixes
* Added a reference to Vault HA with Consule guide
* Incorporated Teddy's feedback
* Fixed an env var name
* Vault configuration has been updated: 'api_addr'
2018-04-04 08:25:06 -07:00
a90467289a
Rename Google things to say "Google", update telemetry ( #4267 )
2018-04-04 10:37:44 -04:00
62ce5ec91d
Versioned K/V docs ( #4259 )
...
* Work on kv docs
* Add more kv docs
* Update kv docs
* More docs updates
* address some review coments
2018-04-03 23:22:41 -07:00
a9c717b44e
project is now project_id ( #4251 )
...
Verified both via vault CLI and direct curl'ing towards API endpoints.
2018-04-03 17:11:47 -04:00
f5ba4796f5
Case insensitive behavior for LDAP ( #4238 )
2018-04-03 09:52:43 -04:00
f2c302f920
Grammatical error ( #4246 )
...
As per Franklin Davis suggestion on the mailing list.
2018-04-03 07:53:38 -04:00
96fc0c2509
Update group alias by ID ( #4237 )
...
* update group alias by id
* update docs
2018-04-02 10:42:01 -04:00
032ca979dc
move identity docs from ent docs to oss ( #4235 )
2018-04-01 13:59:43 -04:00
ab3579aeb6
add entity merge API to docs ( #4234 )
2018-04-01 12:59:57 -04:00
cdd7cc1635
Update usage of the deprecated generated-root command in the documentation ( #4232 )
2018-03-31 11:17:08 -04:00
b48a9878e7
Add HA support to the Google Cloud Storage backend ( #4226 )
2018-03-30 12:36:37 -04:00
bf1b8709a6
Update Consuls Secrets quick start ( #4224 )
...
- Fix typo in role name
- Drop ordered list formatting on get credential example
2018-03-30 10:46:05 -04:00
d1b0d6efb3
Update mfa-totp.html.md ( #4220 )
2018-03-29 16:51:13 -04:00
2f90e0c2e1
Merge branch 'master-oss' into 0.10-beta
2018-03-27 12:40:30 -04:00
d03056eed3
Update Github auth method API reference ( #4202 )
...
* Update Github auth method API reference
* Replaced vault.rocks in API
2018-03-26 16:56:14 -07:00
37153482be
docs: update aws ec2 auth step
2018-03-26 17:26:48 -04:00
e8fc0a11ce
Remove a few more vault.rocks usages
2018-03-26 15:02:22 -04:00
a10f02ef7b
Add general recommendation for the `api_addr` config value ( #4198 )
...
We ran into some confusion about what we should be setting the api_addr config value to. I feel this general recommendation should nudge any others into a better understanding of what this value should point to.
2018-03-26 13:46:54 -04:00
65d8eb0914
Add more docs around list paths in policies.
...
CC #4199
2018-03-26 11:30:58 -04:00
0c30145325
Docs: add note about enterprise replication installations section to upgrade guide ( #3631 )
2018-03-26 10:25:09 -04:00
0b827774ae
Drop vault.rocks ( #4186 )
2018-03-23 11:41:51 -04:00
b7ef4a3a6f
adding Azure docs ( #4185 )
...
Adding Azure Auth Method docs
2018-03-22 18:28:42 -04:00
7842557e62
Fix minor docs and help text issues ( #4184 )
2018-03-22 09:29:59 -04:00
ad383e911f
Update kv backend and add some docs ( #4182 )
...
* Add kv backend
* Move kv in apha order
* Update kv backend and add some docs
2018-03-21 23:10:05 -04:00
3324d6dd12
Add kv backend ( #4181 )
2018-03-21 22:56:52 -04:00
25792df5a9
Passthrough request headers ( #4172 )
...
* Add passthrough request headers for secret/auth mounts
* Update comments
* Fix SyncCache deletion of passthrough_request_headers
* Remove debug line
* Case-insensitive header comparison
* Remove unnecessary allocation
* Short-circuit filteredPassthroughHeaders if there's nothing to filter
* Add whitelistedHeaders list
* Update router logic after merge
* Add whitelist test
* Add lowercase x-vault-kv-client to whitelist
* Add back const
* Refactor whitelist logic
2018-03-21 19:56:47 -04:00
f9b6f4b1c5
Docs for Vault GCP secrets plugin ( #4159 )
2018-03-21 15:02:38 -04:00
1fcf0c6a38
Docs: update formatting / heading ( #4175 )
...
- Correct Generate Disaster Recovery Operation Token heading level
- Tighten up formatting/trailing spaces
2018-03-21 10:14:52 -04:00
c25c60117a
Fix file location for 0.9.6 upgrade guide
2018-03-20 22:34:41 -04:00
f1aff69d92
Add 0.9.6 upgrade guide
2018-03-20 22:27:01 -04:00
73b1fde82f
Spelling ( #4119 )
2018-03-20 14:54:10 -04:00
b3e5ec865d
README Spelling error ( #4165 )
2018-03-20 11:45:56 -04:00
9e46f0f84a
Explicitly call out that we use aes-256 gcm-96 for the barrier.
...
Fixes #2913
2018-03-19 19:53:12 -04:00
9d030aaf37
Note that you can set a CA chain when using set-signed.
...
Fixes #2246
2018-03-19 19:44:07 -04:00
4a25c18134
Transit rewrap ( #4091 )
...
* Adding new guides
* Replaced backend with engine
* Grammar for the encryption guide
* Grammar and Markdown style for the Transite Rewrap guide
See
https://github.com/hashicorp/engineering-docs/blob/master/writing/markdown.md
for notes on numbered Markdown lists.
* grammar and wording updates for ref arch guide
* Updating replication diagram
* Removing multi-tenant pattern guide
* Added a note 'Enterprise Only'
* Removing multi-tenant pattern guide
* Modified the topic order
* Grammar and Markdown formatting
* Grammar, Markdown syntax, and phrasing
* Grammar and Markdown syntax
* Replaced 'backend' with appropriate terms
* Added a note clarifying that replication is an enterprise-only feature
* Updated the diagram & added additional resource links
* update some grammar and ordering
* Removed the inaccurate text in index for EaaS
2018-03-19 14:56:45 -07:00
35ccbe504c
Add Cryptr to related tools ( #4126 )
2018-03-19 14:46:54 -04:00
3a5e1792c0
Update path-help to make clear you shouldn't put things in the URL.
...
Remove from website docs as those have been long deprecated.
2018-03-19 11:50:16 -04:00
fe0a077e17
s/Methods/Method
2018-03-18 15:46:57 -04:00
3e2006eb13
Allow non-prefix-matched IAM role and instance profile ARNs in AWS auth backend ( #4071 )
...
* Update aws auth docs with new semantics
Moving away from implicitly globbed bound_iam_role_arn and
bound_iam_instance_profile_arn variables to make them explicit
* Refactor tests to reduce duplication
auth/aws EC2 login tests had the same flow duplicated a few times, so
refactoring to reduce duplication
* Add tests for aws auth explicit wildcard constraints
* Remove implicit prefix matching from AWS auth backend
In the aws auth backend, bound_iam_role_arn and
bound_iam_instance_profile_arn were ALWAYS prefix matched, and there was
no way to opt out of this implicit prefix matching. This now makes the
implicit prefix matching an explicit opt-in feature by requiring users
to specify a * at the end of an ARN if they want the prefix matching.
2018-03-17 21:24:49 -04:00
753f8a8545
Fixed broken k8s TokenReview API link ( #4144 )
2018-03-17 21:23:41 -04:00
3d44060b5f
Update interactive tutorial commands
2018-03-16 15:03:51 -04:00
04d1202426
Plugins need setcap too for syscall mlock ( #4138 )
2018-03-16 06:05:01 -07:00
2752855faa
Fixed the hyperlink ( #4140 )
2018-03-15 19:24:26 -07:00
fb8d1566e6
updating the AppRole diagram ( #4139 )
...
Fixing the build error
2018-03-15 18:23:25 -07:00
3a72bcc4ae
Approle diagram ( #4132 )
...
* Updates requested by the SE team
* Added links to AppRole blog and webinar
* Updated diagram
* Updated diagram
2018-03-15 17:16:59 -07:00
39dc981301
auth/aws: Allow binding by EC2 instance IDs ( #3816 )
...
* auth/aws: Allow binding by EC2 instance IDs
This allows specifying a list of EC2 instance IDs that are allowed to
bind to the role. To keep style formatting with the other bindings, this
is still called bound_ec2_instance_id rather than bound_ec2_instance_ids
as I intend to convert the other bindings to accept lists as well (where
it makes sense) and keeping them with singular names would be the
easiest for backwards compatibility.
Partially fixes #3797
2018-03-15 09:19:28 -07:00
76be90f384
Add PKCS1v15 as a RSA signature and verification option on the Transit secret engine ( #4018 )
...
Option to specify the RSA signature type, in specific add support for PKCS1v15
2018-03-15 09:17:02 -07:00
59b3e28151
Make the API docs around ed25519 more clear about what derivation means for this key type
2018-03-15 11:59:50 -04:00
3f1ed4eb0d
Fix description of parameter value globbing ( #4131 )
2018-03-14 17:03:00 -04:00
ac98730578
Vault user needed to use STS Federation Tokens ( #4108 )
...
If you try to use role authorization to get an STS token, you'll get this error:
* Error generating STS keys: AccessDenied: Cannot call GetFederationToken with session credentials
2018-03-14 10:24:29 -04:00
a0776eb703
Fix typo in recommended vault auth iam policy ( #4128 )
...
The resource arn for the `sts:AssumeRole` action is missing a `:` for the region and therefore invalid.
2018-03-14 03:45:21 -04:00
5c788e8642
docs: Alphabetize CLI commands ( #4127 )
...
status was appearing after token when it should be before
2018-03-14 01:44:41 -04:00
bbd4d7ab4c
Docs: grammatical clarification around community supported note ( #4122 )
2018-03-13 10:32:28 -04:00
5f5faec977
[doc] Change auth token in getting-started ( #4118 )
...
In the authentication section of the getting started doc, the token used
to login doesn't match with the one displayed as the command result.
This commit makes sure that both tokens correspond to avoid distracting
newcomers.
2018-03-13 10:28:09 -04:00
Roman Iuvshyn