a49f1b9e6b
Update AWS auth method certificates Add tests that the `rsa2048` document can also be verified using the `pkcs7` field for AWS auth. Due to the use of SHA-1-based signatures for the `identity` and `pkcs7` methods, we want to encourage moving toward using the RSA 2048 workflow, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/verify-rsa2048.html This doesn't require code changes for Vault necessarily, but adding in the (many) certificates will help end users. Also adds `rsa2048` option to API to fetch the RSA 2048 signature. I will make a PR to update to the AWS auth docs to document the RSA 2048 flow soon after this.
3 lines
75 B
Plaintext
3 lines
75 B
Plaintext
```release-note:improvement
|
|
auth/aws: Add rsa2048 signature type to API
|
|
``` |