Yoko Hyakuna
155a32fc77
Fix the GDPR link ( #20382 )
2023-04-27 08:57:23 -07:00
Josh Black
80a9d7d4ce
Correct an oversight re: skip_flush in the docs ( #20383 )
2023-04-26 17:30:09 -07:00
Brian Shumate
7fcdb23376
Docs: DR replication API updates ( #20373 )
...
* Docs: DR replication API updates
- Add clarification for secondary_public_key parameter
- Update section header
* During activation
2023-04-26 16:15:46 -07:00
Braulio Gomes Rodrigues
627fe60044
Vault change doc main couchbase ( #20314 )
...
* changing chouchbase host variable
* Alterando linha 82 couchbase
* Changing couchbase host address in main document
2023-04-25 10:21:25 -07:00
miagilepner
7d631cb44f
VAULT-15791: Update docs to use vault-java-driver fork ( #20316 )
2023-04-25 11:08:05 +02:00
Nick Cabatoff
3ddb69bd2b
Fix docs-nav-data.json that I broke in #20312 ( #20322 )
2023-04-24 13:10:53 -04:00
Nick Cabatoff
4d42b08644
Add guidelines for agent/server version compatibility ( #20312 )
2023-04-24 11:49:50 -04:00
Braulio Gomes Rodrigues
03fa9432a4
changing chouchbase host variable ( #19812 )
...
* changing chouchbase host variable
* Alterando linha 82 couchbase
2023-04-24 13:56:56 +00:00
Josh Black
4b9599fddb
update website docs for new update-primary mode ( #20302 )
2023-04-21 15:21:28 -07:00
John Children
bebe6dcaa0
Docs: Fix k8s injector templating example ( #20271 )
...
From every other example I can find, the secret name in the template should match the one in the inject annotation. Indeed the same example appears in the examples page.
https://github.com/hashicorp/vault/blob/main/website/content/docs/platform/k8s/injector/examples.mdx#patching-existing-pods
2023-04-21 17:12:13 +00:00
melmus
c5d10e0b8b
doc/Update service_registration if use Vault HA ( #19920 )
...
* Update service_registration if use Vault HA
* Update protocol
* Minor updates for style consistency
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-04-21 17:04:25 +00:00
Luis (LT) Carbonell
d308c31cbf
Add Configurable LDAP Max Page Size ( #19032 )
...
* Add config flag for LDAP max page size
* Add changelog
* move changelog to correct file
* cleanup
* Default to non-paged searching for with -1
* Update website/content/api-docs/auth/ldap.mdx
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
* Update website/content/docs/auth/ldap.mdx
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
* Update tests
---------
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-04-20 20:39:27 +00:00
Austin Gebauer
eaf67b7c0e
Add OIDC provider docs for IBM ISAM ( #19247 )
...
* Add OIDC provider docs for IBM ISAM
* Add changelog, api docs and docs-nav-data
---------
Co-authored-by: Benjamin Voigt <benjamin.voigt@god.dev>
2023-04-20 11:30:59 -07:00
Hugo Puntos
dae5489787
Fix link for the tutorial about Key Management Secrets Engine with GCP Cloud KMS ( #19418 )
2023-04-19 12:43:21 -04:00
Jason O'Donnell
b5822e612b
cli/namespace: add detailed flag to namespace list ( #20243 )
...
* cli/namespace: add detailed flag to namespace list
* changelog
2023-04-19 09:31:51 -04:00
Sohil Kaushal
5424eb2e8f
docs(postgresql): Update Postgresql SE API doco ( #19931 )
...
* docs(postgresql): Update Postgresql SE API doco
Update the postgresql secret engine API docs to include some "caveats"
of the pgx library. In particular, this enhances the docs to inform the
user that if any sslcreds are supplied as a part of the Database
connection string, the user/vault admin will need to ensure that the
certificates are present at those paths.
* Chore: fixup minor error with db docs
* Keep the language simple
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-04-19 00:17:44 +00:00
Yoko Hyakuna
e7a43f86ba
[Docs] Mark the 'policies' parameter as deprecated for tokens ( #20238 )
...
* Mark the 'policies' parameter as deprecated
* Update website/content/partials/tokenfields.mdx
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
---------
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2023-04-18 23:55:05 +00:00
Tom Proctor
f2d8762679
Docs: CSI encoding config released in v1.3.0 ( #20237 )
2023-04-18 23:55:25 +01:00
Nathan Handler
ad1c669d4b
Fix Indentation in Kubernetes Auth Example ( #20216 )
...
In the Kubernetes Auth Code Example, the indentation for the `auth` import is off, causing it to not be indented the same amount as the previous `vault` import. This change ensures that both imports use the same indentation.
2023-04-18 15:23:25 -07:00
Yura Shutkin
7de8a3bc31
Update wrapping-unwrap.mdx ( #20109 )
...
* Update wrapping-unwrap.mdx
It is possible to unwrap data without authentication in Vault. I've added an example of a curl request.
* Add changelog record
2023-04-18 14:20:27 -07:00
Jason O'Donnell
bb82c679ad
docs/debug: add example policy for debug command ( #20232 )
2023-04-18 14:17:19 -04:00
Max Bowsher
91abc177bb
Minor follow-ups to #16865 ( #20220 )
...
* Minor follow-ups to #16865
Fix PKI issuer upgrade logic when upgrading to 1.12 or later, to
actually turn off the issuer crl-signing usage when it intended to.
Fix minor typo in docs.
* changelog
2023-04-18 07:39:05 -04:00
Milena Zlaticanin
42400699c0
add missing mongodb atlas fields to the docs ( #20207 )
2023-04-17 14:10:07 -07:00
Niranjan Shrestha
adbfffc47b
Update userpass.mdx ( #20121 )
...
* Update userpass.mdx
vault write auth/userpass/users/mitchellh password=foo policies=admins
in the path "userpass" is actually a path, if custom path is defined, custom path need to used, instead of userpass.
* Add extra description
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-04-17 16:52:13 +00:00
Scott Miller
5be4d61d13
Add documentation for cert auth OCSP checking ( #18064 )
2023-04-13 18:33:21 +00:00
Jason O'Donnell
ec9e08c931
sdk/ldaputil: add connection_timeout configurable ( #20144 )
...
* sdk/ldaputil: add connection_timeout configurable
* changelog
* Update doc
* Fix test
* Change default to 30s
2023-04-13 12:43:28 -04:00
Josh Black
cf20bb9233
Add additional clarity around autopilot upgrade versions ( #20129 )
2023-04-12 17:21:50 -07:00
James King
0b6327eda9
Potentially Malicious Link ( #20114 )
...
* Potentially Malicious Link
The current link redirects to a personal beauty sales site.
* Create 20114.txt
2023-04-12 20:23:41 +00:00
Matt Schultz
2310e13cf1
Update docs to include specifics and caveats around Transit Managed Keys support. ( #20099 )
2023-04-12 12:19:25 -05:00
Mike Palmiotto
1b5d527521
api: Add reporting fields to activitylog config endpoint ( #20086 )
...
This PR adds the internal reporting state to the
`internal/counters/config` read endpoint:
* reporting_enabled
* billing_start_timestamp
2023-04-12 12:02:28 -04:00
Violet Hynes
918d1001e0
Docs: remove use_auto_auth token from cache docs ( #20111 )
2023-04-12 13:26:36 +00:00
Yoko Hyakuna
0b3f24a2d8
Update the HTTP verb for consistency ( #20056 )
2023-04-11 13:35:06 -07:00
Austin Gebauer
787c5971ab
docs/oidc: fixes Azure user.read permission link ( #20079 )
2023-04-11 11:34:38 -07:00
Jonathan Frappier
6980579388
Fix list formatting ( #20076 )
2023-04-11 09:25:12 -07:00
John-Michael Faircloth
8a4e50fa64
secrets/openldap: add creds/ endpoint to API docs ( #19973 )
2023-04-11 08:42:50 -05:00
Yoko Hyakuna
de1eeffdcf
[Docs] Add tutorial links to install doc ( #20051 )
...
* Add tutorial links for additional guidance
* Removed extra space
2023-04-10 08:52:48 -07:00
Christopher Swenson
43912fe0e2
Update docs for Helm 0.24.0 release ( #20049 )
...
Release: https://github.com/hashicorp/vault-helm/releases/tag/v0.24.0
2023-04-07 14:03:43 -07:00
Kyle Schochenmaier
c3ef3d9c3f
add upgrade documentation around STS lease_duration issue ( #20011 )
...
* add upgrade documentation around STS lease_duration issue
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
2023-04-07 17:34:42 +00:00
Andreas Gruhler
0036a35c58
Update helm.mdx ( #20020 )
...
I was wondering why the default VaultAuth CR was not created. It was due the fact that I copy/pasted the snippet from the docs here, which has the wrong key.
2023-04-07 09:31:08 -07:00
ram-parameswaran
29182ae562
update index.mdx with correct installation doc ref ( #19932 )
...
* update index.mdx with correct installation doc ref
update index.mdx with installation doc ref to point to the right installation.mdx path
* Update installation ref
Update installation ref
* Update index ref without relative path
Update installation doc index ref without relative path
2023-04-07 08:48:23 -07:00
Brian Shumate
29fdfeeb04
API docs: update Transit restore payload example ( #20032 )
...
- Correct JSON payload example
2023-04-07 08:14:43 -04:00
Chip Stepowski
8cd90fc1e2
Update Create Role heading to Create/Update Role ( #20000 )
...
The subheading states you can update a named role but for navigation purposes I think it would also make sense to add it to the heading too.
2023-04-06 11:42:22 +01:00
Florin Cătălin Țiucra-Popa
59d3f5110d
Update create.mdx ( #19981 )
...
Add the missing Command Option `-wrap-ttl`
2023-04-05 17:54:07 +02:00
Yoko Hyakuna
f649c9e20c
Updated the example config with api_addr parameter ( #19985 )
2023-04-04 17:58:08 -07:00
Yoko Hyakuna
e90d94b97e
Extends the PR19488 ( #19928 )
2023-04-04 14:52:57 -07:00
Theron Voran
74d87239af
docs/vault-k8s: example using pkiCert and writeToFile ( #19926 )
...
Adding an example of using pkiCert and writeToFile to write cert and
key files from a template.
---------
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2023-04-03 16:39:26 -07:00
Alain Chiasson
9ee73e38fb
Update replication-dr.mdx ( #19604 )
...
In testing, disabling the dr secondary requires a DR Operations token, not a vault token.
2023-04-03 13:35:16 -04:00
Alexander Scheel
a94541080f
Clarify that other operations run while tidy is paused ( #19914 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-31 16:09:37 -04:00
Mark Lewis
d90f6daee9
Update kubernetes.mdx ( #19567 )
...
Correct 2 typos
2023-03-30 16:42:25 -07:00
Anthony Burke
95472e0ae5
fixes oracle plugin whitespace ( #19470 )
2023-03-30 16:40:25 -07:00
Chip Stepowski
256e20e862
Added note about Autopilot default values. ( #19515 )
...
* Added note about Autopilot default values.
* Update website/content/docs/concepts/integrated-storage/autopilot.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-03-30 16:30:29 -07:00
Peter Wilson
538e66ffea
Add available types to API documentation for enable audit ( #19850 )
2023-03-30 15:30:35 +00:00
Kit Haines
d2ecf8ffc5
Add PKI-CLI to docs ( #19669 )
...
* Add pki-cli docs.
* Tiny updates.
* Whitespace fix, include description
* Closing-tags.
* Update website/content/docs/commands/pki/verify-sign.mdx
Title Code as Shell
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update website/content/docs/commands/pki/reissue.mdx
Title More Code as Shell
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update website/content/docs/commands/pki/list-intermediates.mdx
Title code block as shell
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update website/content/docs/commands/pki/issue.mdx
Title code-block as shell
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Apply suggestions from code review
Label Code-Blocks as Shell-Session
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Apply suggestions from code review
Comma and Period Changes.
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Apply suggestions from code review
ascheels highlighting-1
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix highlighting throughout.
* Update website/content/docs/commands/pki/list-intermediates.mdx
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/docs/commands/pki/reissue.mdx
Clarifying note on why unknown fields might be there.
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/docs/commands/pki/reissue.mdx
cipherboy request
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add Key-ID RFC link.
* k=v add link
* correct link
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-30 07:31:48 -04:00
Theron Voran
f0391962a2
docs/vault-secrets-operator: update for beta install ( #19835 )
...
Update the helm commands to work with the beta release.
2023-03-29 22:51:34 +00:00
Brian Shumate
f4fbca8050
Docs: API: Update token_period description ( #19821 )
...
- Clarify token_period per feedback in SPE-34
2023-03-29 13:53:16 -07:00
Ben Ash
7322dd952b
Add vault-secrets-operator beta docs. ( #19827 )
...
Co-authored-by: Kyle Schochenmaier <kschoche@gmail.com>
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
2023-03-29 20:33:06 +00:00
Robert
71071fd954
docs: Change wording for AssumeRole permissions in AWS secrets ( #19823 )
...
Co-authored-by: wernerwws <wernerwws@users.noreply.github.com>
2023-03-29 13:03:26 -05:00
Raymond Ho
554674fb59
add docs for VAULT_RUN_MODE ( #19808 )
2023-03-28 21:18:45 -07:00
Victor Rodriguez
bd76f6c539
Update Vault PKCS#11 Provider documentation for v0.2.0. ( #19783 )
2023-03-28 14:57:45 -04:00
Anton Averchenkov
41466b9eca
docs: Fix duration format link in kv-v2 docs page ( #19768 )
2023-03-27 13:18:25 -04:00
Raymond Ho
f725e151b8
add warning for vault lambda extension cache ttl ( #19738 )
2023-03-24 23:37:38 +00:00
ram-parameswaran
f491cc8225
Update username template description for AWS ( #19690 )
...
Update username template description for AWS by calling out what DisplayName and PolicyName actually are placeholders for
2023-03-23 19:56:55 -07:00
Yoko Hyakuna
11a748de4a
Add OpenAPI Go and C# ( #18896 )
...
* Add OpenAPI Go and C#
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Add code sample links for OpenAPI-based Go and .NET
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Remove command flags that are no longer needed
* Fix 'OpenAPI C#' > 'OpenAPI .NET'
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
* Update website/content/docs/get-started/developer-qs.mdx
Co-authored-by: AnPucel <adiroff@hashicorp.com>
---------
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: AnPucel <adiroff@hashicorp.com>
2023-03-23 16:04:50 -07:00
Rowan Smith
8627b8aca5
Update tcp.mdx ( #19546 )
...
expand the info for using x-forwarded-for option
2023-03-23 15:59:42 -07:00
Yoko Hyakuna
af842e2cee
Fix the title parsing error ( #19685 )
2023-03-22 20:35:35 -07:00
Luis (LT) Carbonell
91e04109be
add clarifying statement for pkcs11 support ( #19673 )
2023-03-22 12:40:23 -04:00
ram-parameswaran
b24115cf1e
Updated connection_url to be pgx library relevant ( #19667 )
...
Updated connection_url to be according to the options available in the pgx library instead of the now deprecated use of the lib/pq which was done as part of Vault 1.11 as documented here - https://github.com/hashicorp/vault/blob/main/CHANGELOG.md#june-20-2022
2023-03-22 09:02:47 -07:00
Karel
7469b0828a
Fix: Optionally reload x509 key-pair from disk on agent auto-auth ( #19002 )
...
* Optionally reload x509 key-pair from disk
* Document 'reload' config value
* Added changelog release note
2023-03-22 11:01:58 -04:00
Raymond Ho
96e966e9ef
VAULT-13614 Support SCRAM-SHA-256 encrypted passwords for PostgreSQL ( #19616 )
2023-03-21 12:12:53 -07:00
mickael-hc
427b4dbd49
security model updates ( #19656 )
2023-03-21 11:14:00 -07:00
Rowan Smith
c29f5e718a
docs / Update 1.13.0 Known Issues ( #19601 )
...
* Update 1.13.0.mdx
add a note to known issues
* Update website/content/docs/release-notes/1.13.0.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-03-20 18:14:41 -07:00
Daniel Huckins
058710d33d
Add -mount
flag to kv list command ( #19378 )
...
* add flag
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* handle kv paths
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* scaffold test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* need metadata for list paths
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add (broken) test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* fix test
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* update docs
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add changelog
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* format
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add godoc
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add test case for mount only
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* handle case of no unnamed arg
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add non-mount behavior
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add more detail to comment
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add v1 tests
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
2023-03-20 16:26:21 -04:00
Rowan Smith
c581f90c05
Update deregister.mdx ( #19573 )
...
adding `-version=` parameter to docs
2023-03-20 12:08:20 -07:00
Tom Proctor
7fd394fc76
Docs: Implementing the plugin version interface ( #19606 )
2023-03-20 17:43:31 +00:00
Alexander Scheel
1fe1c756ab
Add known issue text for PKI revocation ( #19632 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-20 12:24:05 -04:00
Steven Clark
6fbf3da148
Add known issue about OCSP GET redirection responses ( #19523 )
2023-03-17 18:07:04 +00:00
Violet Hynes
31f764b82b
Update KV-V2 docs to explicitly call out the secret mount path as a parameter ( #19607 )
...
* Update KV-V2 docs to explicitly call out the secret mount path as a parameter
* Missed some angular brackets
* remove wishy language
2023-03-17 12:21:55 -04:00
miagilepner
ec4bd1fb25
VAULT-14204 Update parameter policy documentation ( #19586 )
2023-03-17 11:14:54 +01:00
Mike Palmiotto
89d7b874ba
Add upgrade note for Removed builtins in 1.13 ( #19531 )
2023-03-15 22:18:44 +00:00
Hamid Ghaf
27bb03bbc0
adding copyright header ( #19555 )
...
* adding copyright header
* fix fmt and a test
2023-03-15 09:00:52 -07:00
Scott Miller
de31641aea
Add the Tokenization/Rotation persistence issue as a Known Issue ( #19542 )
...
* Note the known issue with rotation interaction with tokenization key policy persistence
* typo
2023-03-15 09:42:02 -05:00
Violet Hynes
fdd38deb49
Update auto-auth docs to remove tilde for home ( #19548 )
...
* Update auto-auth docs to remove tilde for home
* Extra clean-up
2023-03-15 09:35:43 -04:00
Francis Chuang
74c3697144
Add Oracle Cloud auth to the Vault Agent ( #19260 )
...
* Add Oracle Cloud auth to the Vault Agent
* Use ParseDurationSecond to parse credential_poll_interval
* Use os.UserHomeDir()
2023-03-15 09:08:52 -04:00
Violet Hynes
85f845c3e0
VAULT-12798 Correct removal behaviour when JWT is symlink ( #18863 )
...
* VAULT-12798 testing for jwt symlinks
* VAULT-12798 Add testing of jwt removal
* VAULT-12798 Update docs for clarity
* VAULT-12798 Small change, and changelog
* VAULT-12798 Lstat -> Stat
* VAULT-12798 remove forgotten comment
* VAULT-12798 small refactor, add new config item
* VAULT-12798 Require opt-in config for following symlinks for JWT deletion
* VAULT-12798 change changelog
2023-03-14 15:44:19 -04:00
Ashlee M Boyer
788af4a90e
Remove .mdx extension from link ( #19514 )
2023-03-13 15:03:06 -04:00
Meggie
be18d6cac3
Un-hiding link to 1.13 upgrade guide ( #19505 )
...
* Un-hiding link to 1.13 upgrade guide
* Removing draft notice
2023-03-10 11:30:19 -05:00
Robert
0315efba0c
Add info about gcp service account key encoding ( #19496 )
2023-03-10 09:13:37 -06:00
Yoko Hyakuna
e392b6650f
Remove the note about Vault not supporting number Okta verify push number challenge ( #19497 )
2023-03-09 16:30:49 -08:00
Max Winslow
dbbdd33c63
Change headings to h2 ( #19402 )
2023-03-07 15:48:51 -08:00
Phil Renaud
d09c716e4b
Link to the Nomad tutorial for Vault as OIDC provider ( #19461 )
2023-03-06 10:30:14 -08:00
Yoko Hyakuna
40dc1d39d9
Add more context on the Release Notes landing page ( #19456 )
...
* Add little more verbiage on the Release Notes landing page
* Add missing comma
2023-03-03 14:39:39 -08:00
prabhat-hashi
e5b982199f
Docs - update ldap page to add clarity around sAMAccountName ( #19450 )
...
* Docs - update ldap page to add clarity around sAMAccountName
Updated https://developer.hashicorp.com/vault/docs/secrets/ldap#active-directory-ad-1 to clarify customers configure username properly using username_template when sAMAccountName is involved.
* Docs - edit on last update for ldap page
Fixed the link /vault/docs/concepts/username-templating
2023-03-03 10:09:13 -08:00
Max Winslow
c44f94d7ff
update entity-alias doc fix ( #19435 )
2023-03-03 08:16:26 -08:00
Tony Wittinger
64b4ee234d
docs: updated key size in transit documentation ( #19346 )
2023-03-02 16:07:40 -08:00
akshya96
09057073ae
Vault Status Command Differs Depending on Format ( #19361 )
...
* vault-issue-9185
* removing new lines:
* removing new space
* fix grammar
* change field name
2023-03-01 12:57:53 -08:00
Alexander Scheel
dabe38dcc1
Document RSA operations ( #19377 )
...
Also clarify hash function choices.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-03-01 13:35:35 -05:00
Mark Sailes
4c3c56dee4
Remove the Lambda SnapStart incompatibility notice. ( #19394 )
2023-03-01 18:13:18 +00:00
Malte S. Stretz
320f46ba8a
Add documentation for tls_max_version ( #19398 )
2023-03-01 14:45:04 +00:00
Max Winslow
109fbe06bb
change verbiage for lookup group and entity ( #19406 )
2023-02-28 12:40:38 -08:00
Austin Gebauer
10fe43701f
docs/ad: adds deprecation announcements and migration guide ( #19388 )
...
* docs/ad: adds deprecation announcements and migration guide
* fix table ending
* remove fully-qualified links
* Minor format fixes - migrationguide
* Update website/content/docs/secrets/ad/migration-guide.mdx
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
* Update website/content/docs/secrets/ad/migration-guide.mdx
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com>
2023-02-28 10:41:59 -08:00
Alexander Scheel
2970b15a63
Add docs on FIPS Inside vs Seal Wrap ( #19310 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-28 10:22:17 -05:00
Yoko Hyakuna
cd7f7cc131
Vault 1.13.0 Release Notes ( #19360 )
...
* Adding Vault 1.13.0 Release Notes
* Add OpenAPI Go and .NET client libraries to the list
* Add the 'UI wizard removal' to the release note
2023-02-27 12:44:13 -08:00
Rowan Smith
4fd467a53b
approle naming syntax documentation ( #19369 )
...
Documentation does not currently detail the accepted naming scheme for approle roles, this aims to provide clarity based on customer feedback. https://github.com/hashicorp/vault/blob/main/sdk/framework/path.go#L16-L18 details the regex used.
2023-02-27 12:08:15 -08:00
Alexander Scheel
7182949029
Fix transit byok tool, add docs, tests ( #19373 )
...
* Fix Vault Transit BYOK helper argument parsing
This commit fixes the following issues with the importer:
- More than two arguments were not supported, causing the CLI to error
out and resulting in a failure to import RSA keys.
- The @file notation support was not accepted for KEY, meaning
unencrypted keys had to be manually specified on the CLI.
- Parsing of additional argument data was done in a non-standard way.
- Fix parsing of command line options and ensure only relevant
options are included.
Additionally, some error messages and help text was clarified.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing documentation on Transit CLI to website
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add tests for Transit BYOK vault subcommand
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Appease CI
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-27 18:25:38 +00:00
Jakob Beckmann
078a245939
Allow alias dereferencing in LDAP searches ( #18230 )
...
* impr(auth/ldap): allow to dereference aliases in searches
* docs: add documentation for LDAP alias dereferencing
* chore(auth/ldap): add changelog entry for PR 18230
* chore: run formatter
* fix: update default LDAP configuration with new default
* Update website/content/docs/auth/ldap.mdx
Co-authored-by: tjperry07 <tjperry07@users.noreply.github.com>
* docs(ldap): add alias dereferencing to API docs for LDAP
---------
Co-authored-by: tjperry07 <tjperry07@users.noreply.github.com>
2023-02-24 13:49:17 -05:00
David Yu
9753379fe8
Update consul.mdx ( #19300 )
2023-02-22 17:45:26 -05:00
Austin Gebauer
a8d382d52a
docs/oidc: make it clear that contents of CA certificate are expected ( #19297 )
2023-02-22 11:33:53 -08:00
Bryce Kalow
2fa1153e95
adds content-check command and README update ( #19271 )
2023-02-22 12:04:00 -05:00
Max Coulombe
b9bcd135e5
Added disambiguation that creation request can also update roles ( #17371 )
...
+ added disambiguation that creation request can also update roles
2023-02-22 12:02:31 -05:00
Alexander Scheel
fbebf2508b
Add note clarifying revoked issuer associations ( #19289 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-22 15:48:20 +00:00
Raymond Ho
57ff9835f7
use github token env var if present when fetching org id ( #19244 )
2023-02-21 12:17:35 -08:00
Christopher Swenson
724ccd5bc4
docs: Add page about events ( #19243 )
...
This page details the new events experiment that will be
released in Vault 1.13.
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2023-02-21 16:43:34 +00:00
Tero Saarni
b634bb897b
docs/k8s: updated helm doc for short-lived SA tokens ( #15675 )
...
Signed-off-by: Tero Saarni <tero.saarni@est.tech>
2023-02-21 12:09:27 +00:00
Max Winslow
3a132c2428
Add vault print token to commands in Vault docs ( #19183 )
...
* doc-update
* Update website/content/docs/commands/print.mdx
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-02-17 20:51:48 -08:00
Scott Miller
0a5f3208fd
Document the 'convergent' tokenization transform option ( #19249 )
2023-02-17 13:15:40 -06:00
Alexander Scheel
dd3356752a
Add note on client cert definition ( #19248 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-17 11:36:41 -05:00
John-Michael Faircloth
9c837ef4b5
docs/upgrade guide: add changes to plugin loading ( #19231 )
...
* docs/upgrade guide: add changes to plugin loading
* clarify this is for external plugins
2023-02-16 22:47:29 +00:00
claire bontempo
a5a80b895d
replace whitelist with allow ( #19217 )
2023-02-16 14:35:30 -08:00
Peter Wilson
70f1d3c217
Remove incorrect information about being able to set environment variables for certain log config ( #19208 )
2023-02-16 13:37:59 +00:00
Raymond Ho
91446e129e
Add rotate root docs for azure secrets ( #19187 )
2023-02-15 13:07:42 -08:00
Steven Zamborsky
7534689818
Update raftautosnapshots.mdx ( #18996 )
...
Clarify that the `local_max_space` value for local automated snapshots is cumulative for all snapshots in the `file_prefix` path.
2023-02-14 22:46:41 -08:00
John-Michael Faircloth
fc13efc80e
docs/plugins: update upgrading plugins ( #19109 )
...
* docs/plugins: update upgrading plugins
* Update website/content/docs/upgrading/plugins.mdx
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
---------
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
2023-02-14 17:40:06 +00:00
Max Coulombe
2c32190eed
Fix database sample payload doc ( #19170 )
...
* * fix database static-user rotation statement in sample payload
* + added changelog
2023-02-14 08:29:27 -05:00
Theron Voran
dda2df25db
docs/vault-helm: fix multi-line block copy ( #19119 )
...
Add a `$` before the command in shell blocks that include command
output, so that the "Copy" button on the website only copies the
command and not the output.
2023-02-13 22:21:11 -08:00
ram-parameswaran
7dff0e6ae4
Update PKI Secret Engine doc for auto-tidy ( #19122 )
...
PKI Secret Engine documentation for auto-tidy(https://developer.hashicorp.com/vault/api-docs/secret/pki#configure-automatic-tidy ) has a parameter interval_duration(https://developer.hashicorp.com/vault/api-docs/secret/pki#interval_duration ). This needs to explicitly call out the default value to be 12 hours.
2023-02-10 15:57:58 -05:00
Milena Zlaticanin
b6c5d07c5e
Azure Auth - rotate-root documentation ( #18780 )
...
* add documentation for rotate root
* commit suggestions
* move api permissions section
2023-02-08 18:14:28 -07:00
Steven Clark
e599068323
Add OCSP GET known issue ( #19066 )
2023-02-08 15:06:44 +00:00
Tom Crayford
532f4ab60a
Docs: Remove duplicated, outdated raft information ( #11620 )
...
Co-authored-by: Mehdi Ahmadi <aphorise@gmail.com>
2023-02-08 13:37:54 +00:00
Alexander Scheel
06e950b40e
Fix documentation on CRL fixed version ( #19046 )
...
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-07 20:51:03 +00:00
akshya96
6b96bd639c
adding emit duration for telemetry ( #19027 )
2023-02-07 11:26:38 -08:00
Alexander Scheel
3f8aaedc2a
Add suggested root rotation procedure ( #19033 )
...
* Add suggested root rotation procedure
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clarify docs heading
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-07 13:51:33 -05:00
Alexander Scheel
9130a786bb
Document pki cross cluster behavior ( #19031 )
...
* Add documentation on cross-cluster CRLs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing revocation queue safety buffer
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-07 11:11:33 -05:00
Max Winslow
54a4b9c4d3
docs: Typo ( #18541 )
2023-02-07 11:35:41 +00:00
Bryce Kalow
f33e779d5d
update learn links to point to developer locations ( #19026 )
2023-02-06 20:34:51 -08:00
Scott Miller
78aaa3ca92
Add a note that multi-cluster ENT setups can avoid this risk ( #19024 )
...
* wip
* all-seals
* typo
* add note about unreplicated items
* italics
* word-smithing
2023-02-06 19:25:14 -06:00
Theron Voran
4278ed606c
docs/vault-k8s: 1.2.0 release updates ( #19010 )
2023-02-06 22:35:12 +00:00
Scott Miller
b43e4fbd9c
Add a stronger warning about the usage of recovery keys ( #19011 )
...
* Add a stronger warning about the usage of recovery keys
* Update website/content/docs/concepts/seal.mdx
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
* Keep the mitigation text in the warning box
---------
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2023-02-06 16:23:05 -06:00
Kyle Schochenmaier
e5af4d34c1
update annotation docs for agent telemetry stanza ( #18681 )
...
* update annotation docs for telemetry stanza
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
2023-02-06 13:47:50 -06:00
Matt Schultz
6bfebc3ce3
Transit Managed Keys Documentation ( #18994 )
...
* Document 'managed_key' key type for transit. Document new 'usages' parameter when creating a managed key in the system backend.
* Document new managed key parameters for transit managed key rotation.
2023-02-03 18:49:02 -06:00
Alexander Scheel
660979d58b
Document Cross-Cluster CRLs/OCSP for Vault Enterprise ( #18970 )
...
* Add documentation on fetching unified CRLs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add documentation on unified OCSP
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clarify that OCSP requests need to be URL encoded
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Document new CRL config parameters
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clarify notes about cross-cluster options
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-02-03 16:30:23 -05:00
Christopher Swenson
dfdeca7b5d
docs: Remove XKS proxy TLS setup note ( #18988 )
...
The TLS settings should not need to be modified as xks-proxy should
generate the certificate and key itself for listening.
2023-02-03 13:22:04 -08:00
Alexander Scheel
cb2f6ff7fe
Add docs on cross-cluster listing endpoints ( #18987 )
...
* Add docs on cross-cluster listing endpoints
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/api-docs/secret/pki.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2023-02-03 20:01:10 +00:00
Alexander Scheel
8b331fa769
Add notes on cross cluster CRLs ( #18986 )
...
* Group CRL related sections
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix casing
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add notes about cluster size and revocation
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Apply suggestions from code review
Thanks Yoko!
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
2023-02-03 19:51:30 +00:00
Alexander Scheel
1a2eef482d
Add docs on cross cluster tidy operations ( #18979 )
...
* List tidy parameters in one place
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add new tidy status outputs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add docs on new tidy parameters
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-03 14:27:18 -05:00
Rowan Smith
6c53845db9
docs allow_forwarding_via_token syntax update ( #18956 )
...
* allow_forwarding_via_token syntax update
the example syntax used for `allow_forwarding_via_token` marks the option as an array when it does not need to be, this updates the format on the page to be a code block and removes the square braces
* another update to `allow_forwarding_via_token` syntax
2023-02-03 10:58:19 -08:00
Sascha Marcel Schmidt
544f07de66
docs: Change default value for ha_enabled to false ( #18983 )
...
see: https://github.com/hashicorp/vault/blob/main/physical/mysql/mysql.go#L132
2023-02-03 18:20:14 +00:00
Austin Gebauer
e165697ce7
secrets/azure: changes permission recommendation to be minimally permissive ( #18937 )
2023-02-01 11:07:57 -08:00
Hamid Ghaf
6a8716ac18
docs for named login MFA ( #18833 )
...
* docs for named login MFA
* feedback
2023-02-01 10:30:14 -05:00
Alexander Scheel
5d17f9b142
Allow cleanup ssh dynamic keys host keys ( #18939 )
...
* Add ability to clean up host keys for dynamic keys
This adds a new endpoint, tidy/dynamic-keys that removes any stale host
keys still present on the mount. This does not clean up any pending
dynamic key leases and will not remove these keys from systems with
authorized hosts entries created by Vault.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add documentation
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-02-01 15:09:16 +00:00
Alexander Scheel
881ae5a303
Remove dynamic keys from SSH Secrets Engine ( #18874 )
...
* Remove dynamic keys from SSH Secrets Engine
This removes the functionality of Vault creating keys and adding them to
the authorized keys file on hosts.
This functionality has been deprecated since Vault version 0.7.2.
The preferred alternative is to use the SSH CA method, which also allows
key generation but places limits on TTL and doesn't require Vault reach
out to provision each key on the specified host, making it much more
secure.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dynamic ssh references from documentation
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dynamic key secret type entirely
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clarify changelog language
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add removal notice to the website
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
2023-01-31 16:02:22 -05:00