upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-06-28 02:20:30 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
9440 commits 2882 branches 482 tags 656 MiB
Commit graph

390 commits

Author SHA1 Message Date
Vishal Nayak
4e0adb5708
Support operating on entities and groups by their names (#5355) 
* Support operating on entities and groups by their names

* address review feedback
 2018-09-25 12:28:28 -07:00
emily
076c1819c5 Docs PR for GCP secrets backend access token changes (#5366) 
* initial docs pass

* fix docs
 2018-09-21 10:31:49 -07:00
Brian Shumate
45526da0e7 Docs: update policy read API output to address #5298 (#5299) 2018-09-21 10:52:46 -04:00
Roman Iuvshyn
717165babd fixes file path option in samples (#5377) 
fixes file path option in samples
 2018-09-20 15:55:20 -07:00
Calvin Leung Huang
494b9a039c
Add ability to provide env vars to plugins (#5359) 
* Add ability to provide env vars to plugins

* Update docs

* Update docs with examples

* Refactor TestAddTestPlugin, remove TestAddTestPluginTempDir
 2018-09-20 10:50:29 -07:00
Brian Shumate
abdf729924 Docs: update Tidy API (#5374) 
- Add a sample response to /auth/token/tidy API docs
- Document /auth/approle/tidy/secret-id API docs
 2018-09-20 13:25:33 -04:00
Richard Lane
6179375100 Documentation correction - update list identity whitelist sample request (#5369) 
Path was incorrectly referencing the roletag-blacklist

Updated the sample to match the correct path
 2018-09-19 21:21:57 -07:00
Becca Petrin
8367eb6619
AliCloud Secrets Docs (#5351) 2018-09-19 08:42:59 -07:00
Clint
d070b36874
Update AWS auth backend iam_request_headers to be TypeHeader (#5320) 
Update AWS Auth backend to use TypeHeader for iam request headers

- Remove parseIamRequestHeaders function and test, no longer needed with new TypeHeader
- Update AWS auth login docs
 2018-09-12 16:16:16 -05:00
Brian Shumate
23ec4b86b1 Docs: clarify max_ttl in Database Secrets Create (#5311) 
- Clarify max_ttl on Database Secrets Create API
- Crosslink to TTL general case docs
 2018-09-11 19:55:15 -04:00
Jeff Mitchell
6acf58d77d Finish updating jwt auth docs 2018-09-10 11:46:50 -04:00
Geoff Meakin
ee8b5b2019 Update relatedtools.html.md (#5287) 
Add ansible-modules-hashivault to the list of third-party tools
 2018-09-06 08:37:03 -07:00
Jeff Mitchell
b4ab18bbc1
Remove certificates from store if tidying revoked certificates (#5231) 
This will cause them to be removed even if they have not expired yet,
whereas before it would simply leave them in the store until they were
expired, but remove from revocation info.
 2018-09-05 11:47:27 -04:00
Jeff Mitchell
535dd9df1f
Update index.html.md 2018-09-04 12:15:05 -04:00
Chris Hoffman
c1a3fd61fc
adding namespaces example 2018-08-29 11:26:23 -04:00
Brian Kassouf
db178f6b25
Add Performance Standby Docs (#5214) 
* Add Performance Standby Docs

* Review updates
 2018-08-28 12:48:02 -07:00
Jeff Mitchell
219c4d613e
Update API section index file with fixes, updates, and namespace info. (#5213) 2018-08-28 12:33:19 -07:00
Jim Kalafut
c9a4fdf143 Fix Azure Secrets API example 2018-08-27 20:44:00 -06:00
Becca Petrin
7df67566ba
use ldaps in docs (#5180) 2018-08-24 10:36:20 -07:00
Laura Gjerman-Uva
12d1f1ef7e Update ad/creds/:rolename endpoint to include the table with method/path for consistency/clarity. Also, remove payload.json from example, since this endpoint doesn't take a payload. (#5172) 2018-08-24 09:19:51 -07:00
Jim Kalafut
b39627ca8e
Fix Azure Secrets docs error 2018-08-23 14:27:47 -07:00
Becca Petrin
c5f9575c62
Alibaba auth docs (#5132) 2018-08-22 10:23:33 -07:00
Hugo Wood
08782dc7a1 JWT/OIDC documentation fixes (#5157) 
* Fix argument name in JWT/OIDC login CLI example

* Fix groups_claim documented as required when creating roles for JWT/OIDC
 2018-08-22 10:44:08 -04:00
Jeff Mitchell
fe309723c9
Add the ability to specify token CIDR restrictions on secret IDs. (#5136) 
Fixes #5034
 2018-08-21 11:54:04 -04:00
Jeff Mitchell
b54b2648f1
Two PKI improvements: (#5134) 
* Disallow adding CA's serial to revocation list
* Allow disabling revocation list generation. This returns an empty (but
signed) list, but does not affect tracking of revocations so turning it
back on will populate the list properly.
 2018-08-21 11:20:57 -04:00
Chris Hoffman
9369c8e1c4
adding namespace docs (#5133) 2018-08-17 12:17:11 -04:00
Chris Hoffman
d12b17cbf1
Add additional clarification 2018-08-17 08:55:49 -04:00
Raja Nadar
c7adfdedd0 vaultsharp - multi platform capabilities (#5127) 2018-08-17 08:47:16 -04:00
Clint
ca1e2a766e [WIP] Support custom max Nomad token name length [supersedes https://github.com/hashicorp/vault/pull/4361] (#5117) 
* Nomad: updating max token length to 256

* Initial support for supporting custom max token name length for Nomad

* simplify/correct tests

* document nomad max_token_name_length

* removed support for max token length env var. Rename field for clarity

* cleanups after removing env var support

* move RandomWithPrefix to testhelpers

* fix spelling

* Remove default 256 value. Use zero as a sentinel value and ignore it

* update docs
 2018-08-16 15:48:23 -04:00
Jim Kalafut
bc2f70e19b
Initial Azure Secrets docs (#5121) 2018-08-16 12:10:56 -07:00
Joel Thompson
8275802ac9 Make AWS credential types more explicit (#4360) 
* Make AWS credential types more explicit

The AWS secret engine had a lot of confusing overloading with role
paramemters and how they mapped to each of the three credential types
supported. This now adds parameters to remove the overloading while
maintaining backwards compatibility.

With the change, it also becomes easier to add other feature requests.
Attaching multiple managed policies to IAM users and adding a policy
document to STS AssumedRole credentials is now also supported.

Fixes #4229
Fixes #3751
Fixes #2817

* Add missing write action to STS endpoint

* Allow unsetting policy_document with empty string

This allows unsetting the policy_document by passing in an empty string.
Previously, it would fail because the empty string isn't a valid JSON
document.

* Respond to some PR feedback

* Refactor and simplify role reading/upgrading

This gets rid of the duplicated role upgrade code between both role
reading and role writing by handling the upgrade all in the role
reading.

* Eliminate duplicated AWS secret test code

The testAccStepReadUser and testAccStepReadSTS were virtually identical,
so they are consolidated into a single method with the path passed in.

* Switch to use AWS ARN parser
 2018-08-16 06:38:13 -04:00
Jim Kalafut
f4882fee74 Revert "Add ttl parameter to pki api docs (#5063)" 
This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.
 2018-08-13 09:34:05 -07:00
Jim Kalafut
179b8c2c1b
Add ttl parameter to pki api docs (#5063) 2018-08-08 09:12:14 -07:00
Jeff Escalante
b84ef1a814 html syntax corrections (#5009) 2018-08-07 10:34:35 -07:00
Olivier Lemasle
31978a402d Fix two errors in docs (#5042) 
Two small errors in documentation
 2018-08-03 14:26:46 -07:00
Raja Nadar
f58b26777f .net 2.0 standard leap (#5019) 
2.0 is more conducive for consumers
 2018-08-01 08:57:49 -04:00
Sean Malloy
2794e68049 Fix GCP auth docs typo (#5017) 
The bound_bound_service_accounts parameter does not exist. The correct
spelling is bound_service_accounts.
 2018-07-31 10:57:34 -04:00
Chris Hoffman
f348177b5d
adding environment to azure auth docs (#5004) 2018-07-27 08:33:20 -04:00
Chris Hoffman
ec3e571404
adding missing properties (#5003) 2018-07-27 08:19:12 -04:00
Chris Hoffman
3ba265cf6a
updating azure auth plugin and docs (#4975) 2018-07-23 10:00:44 -04:00
Tomohisa Oda
c6fd9f5c90 add sequelize-vault to third-party tools (#4945) 2018-07-17 21:45:37 -07:00
dmicanzerofox
6559f5fe76 PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired (#4916) 2018-07-13 09:32:32 -04:00
Seth Vargo
c4d57245f2 Update GCP docs (#4898) 
* Consistently use "Google Cloud" where appropriate

* Update GCP docs

This updates the GCP docs to use the new updated fields that will be
present in the next release of the plugin as well as fixes up some
inconsistencies between the GCP docs and other auth method
documentation.
 2018-07-11 15:52:22 -04:00
Jeff Mitchell
6b4f6b9361
Add jwt auth docs (#4891) 2018-07-11 15:08:49 -04:00
Jeff Mitchell
0883dc3e0b
Fix permitted dns domain handling (#4905) 
It should not require a period to indicate subdomains being allowed

Fixes #4863
 2018-07-11 12:44:49 -04:00
Seth Vargo
1268342acc Properly capitalize H in GitHub (#4889) 
It's really bothering me, sorry.
 2018-07-10 08:11:03 -07:00
Jeff Mitchell
ce81df0ba2 Remove vault.rocks from some that were missed 2018-07-10 10:47:30 -04:00
Jeff Mitchell
24c776180b Fix tuning visibility in CLI (#4827) 
The API elides the value if it's empty, but empty has meaning. This adds
"hidden" as an option which is fundamentally identical to the default.
 2018-07-02 12:13:25 -04:00
Chris Hoffman
b9cd68a952
adding sample request to key status api docs (#4853) 2018-06-29 09:17:51 -04:00
Becca Petrin
b3a711d717 Add bound cidrs to tokens in AppRole (#4680) 2018-06-19 22:57:11 -04:00
Becca Petrin
fe3404ad46
clarify aws role tag doc (#4797) 2018-06-19 15:59:57 -07:00
Becca Petrin
dc88c64c36
Update Active Directory secret engine docs (#4788) 
* active directory rotate root docs

* update doc
 2018-06-19 09:11:46 -07:00
Jeff Mitchell
df00e62d92
Database updates (#4787) 
* Database updates

* Add create/update distinction for connection config
* Add create/update distinction for role config
* Add db name and revocation statements to leases to give revocation a
shot at working if the role has been deleted

Fixes #3544
Fixes #4782

* Add create/update info to docs
 2018-06-19 11:24:28 -04:00
Mr Talbot
042b9d4715 pki: add ext_key_usage to mirror key_usage and add to sign-verbatim (#4777) 
* pki: add ext_key_usage parameter to role

* pki: add key_usage and ext_key_usage parameter to sign-verbatim

* pki: cleanup code as per comments
 2018-06-15 18:20:43 -04:00
Jeff Mitchell
6951b70dd9
Add URI SANs (#4767) 2018-06-15 15:32:25 -04:00
Jeff Mitchell
56cb1e05a9
Update index.html.md 
Fixes #4763
 2018-06-14 10:19:38 -04:00
Brian Kassouf
2fbe04132c
Update replication status (#4761) 
* Update replication-performance.html.md

* Update replication-dr.html.md

* Update replication.html.md

* Update replication-dr.html.md

* Update replication-dr.html.md

* Update replication-performance.html.md

* Update replication.html.md
 2018-06-13 16:43:39 -07:00
Eli Oxman
d6efc1cff6 Add async python client to docs (#4698) 2018-06-05 10:23:56 -04:00
Becca Petrin
648ea3345f
add formatter to ad docs (#4653) 2018-05-29 16:47:46 -07:00
Jeff Mitchell
373a7472e9
Merge pull request #4600 from hashicorp/rekey-verification 
Rekey verification, allowing new key shares to be confirmed before committing the new key.
 2018-05-29 15:00:07 -04:00
Becca Petrin
f6b5cab7ba
Docs for the upcoming Active Directory secrets engine (#4612) 2018-05-29 08:49:09 -07:00
Jeff Mitchell
6fa29dda67
Merge branch 'master' into rekey-verification 2018-05-29 10:19:57 -04:00
Becca Petrin
71fb24e5ac add userpass note on bound cidrs (#4610) 2018-05-25 14:35:09 -04:00
Jeff Mitchell
c4f8a3a5c3 Changelogify and fix some minor website bits 2018-05-25 10:39:23 -04:00
Nicholas Jackson
61e0eda70c Breakout parameters for x.509 certificate login (#4463) 2018-05-25 10:34:46 -04:00
nelson
f87d452d40 Update kv-v2.html.md (#4614) 
correct the payload format for "Configure the KV Engine" and "Update Metadata"
 2018-05-24 12:44:44 -04:00
Chris Hoffman
c42adad873
remove incorrect parameter 2018-05-23 08:58:27 -04:00
Jeff Mitchell
804b5e9bd2 Minor website doc updates 2018-05-22 15:12:12 -04:00
Chris Hoffman
e614cadbe5
adding options information to mount endpoint (#4606) 2018-05-21 16:39:43 -04:00
Jeff Mitchell
3e95a48e7b Remove dupe website text 2018-05-21 16:30:45 -04:00
Jeff Mitchell
153d5360f7 Address feedback 2018-05-21 16:13:38 -04:00
Jeff Mitchell
98f0485d84 Add verification documentation 2018-05-21 12:00:36 -04:00
Jeff Mitchell
1fa5e18d44 Make description of prehashed a bit more friendly 2018-05-21 09:08:22 -04:00
Jeff Mitchell
ec24d3d2f7 Update key_type parameter description 2018-05-19 12:20:37 -04:00
Kevin Paulisse
7a6777b41a Docs: Clarify that revoking token revokes dynamic secrets (#4592) 2018-05-18 23:27:53 -07:00
Jeff Mitchell
f6b6ce1837 Add missing drsecondarycode to health API docs 2018-05-18 12:39:13 -04:00
Jeff Mitchell
2f97c3017f Flip documented resolve_aws_unique_id value 
Fixes #4583
 2018-05-18 12:05:52 -04:00
Jim Kalafut
e47c602654
Fix GCP API parameter docs 2018-05-17 08:54:25 -07:00
Andrew Slattery
e1eafc78b5 Update KV response code (#4568) 
Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.
 2018-05-17 08:46:19 -07:00
Jeff Mitchell
9a9638c93d Update website ldap url text 2018-05-16 11:58:10 -04:00
Seth Vargo
5769fb4416 Update GCP secrets to be example-driven (#4539) 
👍
 2018-05-10 16:58:22 -04:00
Becca Petrin
df4b650e61
Restrict cert auth by CIDR (#4478) 2018-05-09 15:39:55 -07:00
Jeff Mitchell
9fb688f789 Clarify that rotate requires sudo 2018-05-09 10:19:35 -04:00
Jacob Friedman
38192cf97c Changed DR docs page to fix generating secondary DR token (#4521) 
The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?
 2018-05-08 13:35:48 -07:00
vishalnayak
c61fd9bba6 docs: s/entity/group-alias 2018-05-08 16:32:35 -04:00
Jeff
3bfa45e306 Typo (#4505) 2018-05-03 13:37:44 -07:00
Laura Uva
765b1a0cb0 Payload key should be dr_operation_token (#4498) 2018-05-02 18:35:51 -07:00
Nándor István Krácser
420a9b9321 Fix mapping read paths (#4448) 2018-04-25 09:22:30 -04:00
vishalnayak
4222df38c6 Merge branch 'master-oss' into approle-local-secretid 2018-04-24 16:17:56 -04:00
Brian Shumate
7a5d7713fd Update curl commands / replace invalid '--payload' flag (#4440) 2018-04-24 11:20:29 -04:00
vishalnayak
20c7f20265 error on enable_local_secret_ids update after role creation 2018-04-23 17:05:53 -04:00
vishalnayak
b4f6b6fd31 update docs 2018-04-23 16:54:23 -04:00
Jeff Mitchell
bc0918a350
Add the ability to restrict token usage by IP. Add to token roles. (#4412) 
Fixes #815
 2018-04-21 10:49:16 -04:00
vishalnayak
46d4ded928 docs: update accessor lookup response 2018-04-17 11:52:58 -04:00
vishalnayak
73df4a6f8b docs: update token lookup response 2018-04-17 11:40:00 -04:00
Sohex
f676ca9db7 Update index.html.md (#4372) 
Remove duplicate of max_ttl description from end of period description under create role parameters.
 2018-04-17 11:05:50 -04:00
Calvin Leung Huang
36d46452d0
Add docs for internal UI mounts endpoint (#4369) 
* Add docs for internal UI mounts endpoint

* Update description section
 2018-04-16 12:13:58 -04:00
Jeff Mitchell
b65832d08a
Add ability to disable an entity (#4353) 2018-04-13 21:49:40 -04:00
Jeff Mitchell
a7f604ff91 Fix token store role documentation around explicit max ttl 2018-04-13 09:59:12 -04:00
Brian Kassouf
915e452c0d
KV: Update 'versioned' naming to 'v2' (#4293) 
* Update 'versioned' naming to 'v2'

* Make sure options are set

* Fix description of auth flag

* Review feedback
 2018-04-09 09:39:32 -07:00