Jeff Mitchell
5de633fd27
Make userpass help text mention radius too
2017-02-04 07:48:30 -05:00
Jeff Mitchell
a8ea05f365
Add default mount param to userpass cli handler
2017-02-04 07:47:09 -05:00
Vishal Nayak
3457a11afd
awsec2: support periodic tokens ( #2324 )
...
* awsec2: support periodic tokens
* awsec2: add api docs for 'period'
2017-02-02 13:28:01 -05:00
Vishal Nayak
14fcc4b6eb
approle: secret-id listing lock sanity check ( #2315 )
...
* approle: secret-id listing lock sanity
* Skip processing an empty secretIDHMAC item during the iteration
* approle: use dedicated lock for listing of secret-id-accessors
2017-02-01 18:13:49 -05:00
louism517
0548555219
Support for Cross-Account AWS Auth ( #2148 )
2017-02-01 14:16:03 -05:00
Shane Starcher
6033ea884c
Okta implementation ( #1966 )
2017-01-26 19:08:52 -05:00
Vishal Nayak
5aba2d47b6
ldap: Minor enhancements, tests and doc update ( #2272 )
2017-01-23 10:56:43 -05:00
Vishal Nayak
fa7d61baa3
Merge pull request #2202 from fcantournet/fix_govet_fatalf
...
all: test: Fix govet warnings
2017-01-17 16:45:35 -05:00
Vishal Nayak
1d7ded02b4
Merge pull request #2152 from mr-tron/master
...
Thanks for submitting this. I am going to merge this in and write tests.
2017-01-13 14:29:46 -05:00
Brian Rodgers
f33d35f3de
Added a nil check for config and renamed org field internally.
2017-01-11 11:04:15 -06:00
Brian Rodgers
a8f12dff01
Added a 'read' for github config
2017-01-10 18:21:31 -06:00
Félix Cantournet
103b7ceab2
all: test: Fix govet warnings
...
Fix calls to t.Fatal() with formatting.
Fixed some calls to Fatalf() with wrong formatting
2016-12-21 19:44:07 +01:00
Jeff Mitchell
8fff7daf51
Don't panic when TLS is enabled but the initial dial doesn't return a connection ( #2188 )
...
Related to #2186
2016-12-15 15:49:30 -05:00
Brian Nuszkowski
3d66907966
Disallow passwords LDAP binds by default ( #2103 )
2016-12-01 10:11:40 -08:00
Denis Subbotin
2797c609b0
fix checking that users policies is not nil
2016-11-29 16:35:49 +03:00
Denis Subbotin
cc374b3e2c
add support per user acl for ldap users
2016-11-29 13:32:59 +03:00
Thomas Soëte
5eaef287a8
Close ldap connection to avoid leak ( #2130 )
2016-11-28 09:31:36 -08:00
Jeff Mitchell
890c19312f
Update path help for approle secret id TTL
2016-11-15 11:50:51 -05:00
Daniel Somerfield
637414a623
Added support for individual user policy mapping in github auth backend. ( #2079 )
2016-11-10 16:21:14 -05:00
Jeff Mitchell
aa68041231
Fix GitHub tests
2016-11-08 07:13:42 -05:00
Glenn McAllister
50c8af0515
Add ldap tls_max_version config ( #2060 )
2016-11-07 13:43:39 -05:00
vishalnayak
65f0ce8ca3
Remove the sanity check which is not proving to be useful
2016-10-27 19:11:26 -04:00
Vishal Nayak
79d45355c8
Merge pull request #2004 from hashicorp/role-id-update
...
Fix regression caused by not creating a role_id secondary index
2016-10-26 16:29:46 -04:00
vishalnayak
2ce8bc95eb
Deduplicate the policies in ldap backend
2016-10-14 17:20:50 -04:00
vishalnayak
1487dce475
Fix regression caused by not creating a role_id secondary index
2016-10-14 12:56:29 -04:00
Michael S. Fischer
c45ab41b39
Update aws-ec2 configuration help
...
Updated to reflect enhanced functionality and clarify necessary
permissions.
2016-10-05 12:40:58 -07:00
vishalnayak
0f8c132ede
Minor doc updates
2016-10-04 15:46:09 -04:00
vishalnayak
2e1aa80f31
Address review feedback 2
2016-10-04 15:30:42 -04:00
vishalnayak
59475d7f14
Address review feedback
2016-10-04 15:05:44 -04:00
vishalnayak
348a09e05f
Add only relevant certificates
2016-10-03 20:34:28 -04:00
vishalnayak
dbd364453e
aws-ec2 config endpoints support type option to distinguish certs
2016-10-03 20:25:07 -04:00
vishalnayak
b105f8ccf3
Authenticate aws-ec2 instances using identity document and its RSA signature
2016-10-03 18:57:41 -04:00
Vishal Nayak
4c74b646fe
Merge pull request #1947 from hashicorp/secret-id-lookup-delete
...
Introduce lookup and destroy endpoints for secret IDs and its accessors
2016-09-29 10:19:54 -04:00
vishalnayak
34e76f8b41
Added website docs for lookup and destroy APIs
2016-09-28 22:11:48 -04:00
vishalnayak
d20819949c
Make secret-id reading and deleting, a POST op instead of GET
2016-09-28 20:22:37 -04:00
Michael S. Fischer
2dd1f584e6
Update documentation for required AWS API permissions
...
In order for Vault to map IAM instance profiles to roles, Vault
must query the 'iam:GetInstanceProfile' API, so update the documentation
and help to include the additional permissions needed.
2016-09-28 16:50:20 -07:00
Jeff Mitchell
f0203741ff
Change default TTL from 30 to 32 to accommodate monthly operations ( #1942 )
2016-09-28 18:32:49 -04:00
Vishal Nayak
5adfaa0d7d
Merge pull request #1939 from hashicorp/secret-id-upgrade
...
Respond secret_id_num_uses and deprecate SecretIDNumUses
2016-09-28 18:16:07 -04:00
vishalnayak
e9142f418a
Added todo to remind removal of upgrade code
2016-09-28 18:17:13 -04:00
vishalnayak
e01f99f042
Check for prefix match instead of exact match for IAM bound parameters
2016-09-28 18:08:28 -04:00
vishalnayak
21d9731286
Don't reset the deprecated value yet
2016-09-28 15:48:50 -04:00
Vishal Nayak
4a30a6b4f8
Merge pull request #1913 from hashicorp/bound-iam-instance-profile-arn
...
Proper naming for bound_iam_instance_profile_arn
2016-09-28 15:34:56 -04:00
vishalnayak
31e450a175
Add some validation checks
2016-09-28 15:36:02 -04:00
vishalnayak
9eabf75f5f
Fix the misplaced response warning
2016-09-28 14:20:03 -04:00
vishalnayak
a2338f5970
Added testcase to check secret_id_num_uses
2016-09-28 13:58:53 -04:00
vishalnayak
ba1d238f9b
Pull out reading and storing of secret ID into separate functions and handle upgrade properly
2016-09-28 12:42:26 -04:00
Mikhail Zholobov
5eff59c410
Fix "SecretIDNumUses" in AppRole auth backend
...
There was a typo.
2016-09-27 17:26:52 +03:00
Vishal Nayak
b1ee56a15b
Merge pull request #1910 from hashicorp/secret-id-cidr-list
...
CIDR restrictions on Secret ID
2016-09-26 10:22:48 -04:00
Vishal Nayak
a4b119dc25
Merge pull request #1920 from legal90/fix-approle-delete
...
Fix panic on deleting the AppRole which doesn't exist
2016-09-26 10:05:33 -04:00
Mikhail Zholobov
3f77013004
Fix panic on deleting the AppRole which doesn't exist
...
#pathRoleDelete should return silently if the specified AppRole doesn't exist
Fixes GH-1919
2016-09-26 16:55:08 +03:00