* VAULT-24469 use sys/seal-status instead of internal version endpoint
* Update tests and mirage handlers
* Revert "VAULT-20669: Add New Authenticated Endpoint for Version (#23740)"
This reverts commit 550c99ae3b.
* Readded version_test.go
* Reverted any old changes on versionlgo
---------
Co-authored-by: divyaac <divyaac@berkeley.edu>
* PKI EST docs
Initial draft of the PKI EST setup and API docs for feedback
* Add missing enable_sentinel_parsing param to API docs
* Update grammar
* Some API doc feedback
* Note about dedicated auth mounts
* Additional PR feedback
---------
Co-authored-by: Scott G. Miller <smiller@hashicorp.com>
* Add new /sys/well-known interface to get information about registered labels
- Add two new interfaces LIST/GET /sys/well-known which will provide
a list of keys which are registered labels within the /.well-known space on
the local server, along with a detailed info map for each
- Add GET /sys/well-known/<label> to get details on a specific registered label
- Add docs and tests for the new api endpoints
* Add test doc and remove copied comment
* Rename returned fields to use snake case
* Remove extra newline added when resolving the merge conflict
* Apply suggestions from code review
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* remove uiCustomMessagePaths from System backend paths
* adjust documentation
* grammar improvements in docs
* add ENT badge to custom-message api docs page in ToC
This removes the WebSockets endpoint for events
(which will be moved to the Enterprise repo) and
disables tests that rely on it unless they are
running in Enterprise.
It also updates documentation to document that
events are only available in Vault Enterprise.
* document known issue to release notes and upgrade guide for 1.16.0
* add link to new pages in docs-nav-data.json
* Update website/content/docs/release-notes/1.16.0.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/partials/known-issues/1_16-default-policy-needs-to-be-updated.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/partials/known-issues/1_16-default-policy-needs-to-be-updated.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/partials/known-issues/1_16-default-policy-needs-to-be-updated.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/partials/known-issues/1_16-default-policy-needs-to-be-updated.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/partials/known-issues/1_16-default-policy-needs-to-be-updated.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* use active voice
* changing the affected version
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Seal HA documentation updates
* anchor
* rel link
* remove beta
* try again on internal link
* still trying to get this internal redirect to work
* try without path
* api documentation changes
* document management endpoints
* add new website page to the navigation
* include explanation message retrieval from namespaces up to root namespace
* added clarification statement to the create and update operations documentation
* fixed inconsistency in sample request
* Apply suggestions from code review
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
---------
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
* add adfs link
* add adfs and update index
add the adfs link in the index.mdx
add the file adfs.mdx
* Update docs-nav-data.json
Add the link to ADFS documentation
* add adfs-oidc-ldapgroupoption.png
image for the documentation adfs.mdx
* Update docs-nav-data.json
Updated from the last version of the file and adding adfs link
* suggested edits
* Update the file adfs.mdx
* Update adfs.mdx
Change auth/adfs/config to auth/<YOUR_OIDC_MOUNT_PATH>/config
* Update website/content/docs/auth/jwt/oidc-providers/adfs.mdx
* Corrected typo adfs.mdx
We had 2x step3 so I changed to have step 3 and step 4
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* docs(web repl): add initial docs about the UI REPL
* feature(repl): add link to the new docs in the REPL
* chore(repl): Web CLI or Broweser CLI -> Web REPL
* Use Hds::Link::Inline instead of DocLink
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update ui/app/templates/components/console/ui-panel.hbs
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update website/content/docs/commands/web.mdx
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Update website/content/docs/commands/web.mdx
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* Fix typos and update phrasing.
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
* docs(web repl): add a refrence to the repl docs on the ui config page
* Update KV version 2 reference
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* fix linting
---------
Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com>
Co-authored-by: Chelsea Shaw <82459713+hashishaw@users.noreply.github.com>
* VAULT-21427 change ui references from K/V to KV
* references in docs/
* website json data
* go command errors
* replace Key/Value with Key Value
* add changelog
* update test
* update secret list header badge
* two more test updates
Adding an overview doc for using AWS auth with Vault Secrets Operator
under Secret Sources/Vault/Auth Methods/.
Had to move the AWS and GCP auth pages down one directory to get
around a "mismatched parent directories" error.
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Adding overview docs for using GKE workload identity with Vault
Secrets Operator under Secret Sources/Vault/Auth Methods/. Updates the
Vault Auth method section in the Vault/Auth Methods overview page with
links to the VSO API sections for the other supported auth methods
(until they have their own pages).
---------
Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
* VAULT-19278 First draft of static secret caching docs
* VAULT-19278 Add warning to Agent docs, fix capitalization
* VAULT-19278 typos/formatting
* VAULT-19278 changelog
* VAULT-19278 update based on PR feedback
* VAULT-19278 review feedback
* VAULT-19278 Update based on review
* VAULT-19278 update based on PR feedback
* VAULT-19278 incorporate a lot of PR feedback
* VAULT-19278 Rest of the suggestions
* VAULT-19278 I missed a suggestion
* VAULT-19278 More updates
* VAULT-19278 add docs for disable dynamic secret caching
* VAULT-19278 update changelog
* VAULT-19278 update based on comments
* add sys/internal/ui/version path
* add read capability for sys/internal/ui/version in default policy
* add changelog file
* doc: add api-docs page for sys/internal/ui/version
* add godoc for pathInternalUIVersion function
* add tests for functions in version package
* remove unreachable code
* use closure to restore version at end of test function
* use an example version in sample response
* Update website/content/api-docs/system/internal-ui-version.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Update website/content/api-docs/system/internal-ui-version.mdx
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* add copyright header to version_test.go
---------
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Fix formatting issue within pki health-check cli
- Missing a ``` within the CRL validity period which caused a bunch of sections to be collected within the box
- One shell session was shifted over too much in the Too many certificates section
* Add missing '$' in front of the command
* Reorder pki entry in nav bar and add more missing $ in vault commands
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* wip
* Initial draft of Seal HA docs
* nav data
* Fix env var name
* title
* Note partially wrapped values and disabled seal participation
* Update website/data/docs-nav-data.json
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* correct initial upgrade limitation
* Add note about shamir seals and migration
* fix nav json
* snapshot note
* availability note
* seal-backend-status
* Add a couple more clarifying statements
* header typo
* correct initial upgrade wording
* Update website/content/docs/configuration/seal/seal-ha.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Update website/content/docs/concepts/seal.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Add documentation on troubleshooting ACME
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
* Add documentation on CIEPS protocol
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update website/content/docs/secrets/pki/cieps.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Update website/content/docs/secrets/pki/cieps.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Fix indentation, link to Vault SDK
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* When support for service tags was added, the only way we had to parse
and dedup a list of strings also forced them to be lowercase. Now there's
another helper func that doesn't smash the case so use that instead.
* update Consul 'service_tag' documentation to include case sensitivity
* added upgrade guide for 1.15
* test for service tags
Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
* first pass at docs
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* try to add anchors
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* links didn't work correctly, just remove
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add partial
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* use new style
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add to index
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* edit index
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add config
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* update file name
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* more changes from PR review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* updated name
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* convert to old paragraph markers
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* add link
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* exec -> process supervisor
* "full stop"
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* little blurb about exit behavior
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* grammar
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
* add link
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* expand the config section
* add env_template example
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* expand config description
* fix links
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* config example
* doesn't support anchors?
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* update functionality
* Update website/content/docs/agent-and-proxy/agent/process-supervisor.mdx
Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Update website/content/docs/agent-and-proxy/agent/process-supervisor.mdx
* fix link
* move process supervisor mode in alphabetical order
* reference templating language
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>
* VAULT-15546 First pass at Vault Proxy docs
* VAULT-15546 correct errors
* VAULT-15546 fully qualify paths
* VAULT-15546 remove index
* VAULT-15546 Some typos and clean up
* VAULT-15546 fix link
* VAULT-15546 Add redirects so old links stay working
* VAULT-15546 more explicit redirects
* VAULT-15546 typo fixes
* Suggestions for Vault Agent & Vault Proxy docs (#20612)
* Rename 'agentandproxy' to 'agent-and-proxy' for better URL
* Update the index pages for each section
* VAULT-15546 fix link typo
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Update index.mdx
Updated instructions for Vault Upgrade HA
* Create vault-ha-upgrade.mdx
Moved HA Vault upgrade instruction to a new page and added a Note for disabling automated upgrade procedure
* Add the new vault-ha-upgrade page to the side menu
* Format and wording edits
* Remove extra paracentesis
* Fix a typo
* Change the title appears on the navigation
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Fix Vault Transit BYOK helper argument parsing
This commit fixes the following issues with the importer:
- More than two arguments were not supported, causing the CLI to error
out and resulting in a failure to import RSA keys.
- The @file notation support was not accepted for KEY, meaning
unencrypted keys had to be manually specified on the CLI.
- Parsing of additional argument data was done in a non-standard way.
- Fix parsing of command line options and ensure only relevant
options are included.
Additionally, some error messages and help text was clarified.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add missing documentation on Transit CLI to website
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add tests for Transit BYOK vault subcommand
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Appease CI
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dynamic keys from SSH Secrets Engine
This removes the functionality of Vault creating keys and adding them to
the authorized keys file on hosts.
This functionality has been deprecated since Vault version 0.7.2.
The preferred alternative is to use the SSH CA method, which also allows
key generation but places limits on TTL and doesn't require Vault reach
out to provision each key on the specified host, making it much more
secure.
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dynamic ssh references from documentation
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add changelog entry
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Remove dynamic key secret type entirely
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Clarify changelog language
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add removal notice to the website
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add Redirect for Plugin Portal -> Integration Library
* Remove Plugin Portal page & update sidebar
* Replace the Plugin Portal link to point Vault Integrations (#18897)
* Replace the Plugin Portal link to point Vault Integrations
* Update website/content/docs/partnerships.mdx
Co-authored-by: Brandon Romano <brandon@hashicorp.com>
---------
Co-authored-by: Brandon Romano <brandon@hashicorp.com>
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* Add documentation on vault pki health-check
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Refer users to online docs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* VAULT-12491 Add docs for group policy config
* VAULT-12491 typo
* VAULT-12491 typo
* VAULT-12491 Update language a bit
* VAULT-12491 Update language a bit
* VAULT-12491 Update language a bit
* VAULT-11510 Vault Agent can start listeners without caching
* VAULT-11510 fix order of imports
* VAULT-11510 changelog
* VAULT-11510 typo and better switch
* VAULT-11510 update name
* VAULT-11510 New api_proxy stanza to configure API proxy
* VAULT-11510 First pass at API Proxy docs
* VAULT-11510 nav data
* VAULT-11510 typo
* VAULT-11510 docs update
* Added documentation for Introspection API
* Edit hyperlink in index doc
* Added the path to the nav file
* Edited some mispelled words
* Fix deployment issue. Change link in nav file
* Edit the router mdx and add response values
* Edit nav doc
* Changed hyperlink, changed response to json, changed some wording
* Remove requirement that the endpoint is off by default
* Update website/content/api-docs/system/inspect/router.mdx
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
* Update website/content/api-docs/system/inspect/router.mdx
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
* Update website/content/api-docs/system/inspect/index.mdx
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
Co-authored-by: Josh Black <raskchanky@users.noreply.github.com>
docs: Add docs for PKCS#11 provider
The PKCS#11 provider is being released shortly.
This moves over the preliminary docs and cleans them up.
I added them as a new section under "Vault Enterprise" ->
"PKCS#11 Provider", but I am open to suggestion on if there is a
better place for them, e.g., "Platforms", or somehow merging
with "Vault Enterprise" -> "HSM"?
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
