diff --git a/command/server/config.go b/command/server/config.go index 715120a98c..7c93d74d26 100644 --- a/command/server/config.go +++ b/command/server/config.go @@ -46,7 +46,7 @@ type Config struct { DefaultLeaseTTLRaw interface{} `hcl:"default_lease_ttl"` DefaultMaxRequestDuration time.Duration `hcl:"-"` - DefaultMaxRequestDurationRaw interface{} `hcl:"default_max_request_time"` + DefaultMaxRequestDurationRaw interface{} `hcl:"default_max_request_duration"` ClusterName string `hcl:"cluster_name"` ClusterCipherSuites string `hcl:"cluster_cipher_suites"` diff --git a/website/source/docs/configuration/index.html.md b/website/source/docs/configuration/index.html.md index 5ad1bce9c9..e0084f9e55 100644 --- a/website/source/docs/configuration/index.html.md +++ b/website/source/docs/configuration/index.html.md @@ -120,6 +120,10 @@ to specify where the configuration is. duration for tokens and secrets. This is specified using a label suffix like `"30s"` or `"1h"`. +- `default_max_request_duration` `(string: "90s")` – Specifies the default + maximum request duration allowed before Vault cancels the request. This can + be overridden per listener via the `max_request_duration` value. + - `raw_storage_endpoint` `(bool: false)` – Enables the `sys/raw` endpoint which allows the decryption/encryption of raw data into and out of the security barrier. This is a highly privileged endpoint. diff --git a/website/source/docs/configuration/listener/tcp.html.md b/website/source/docs/configuration/listener/tcp.html.md index 28eefbbe08..2688b30e8f 100644 --- a/website/source/docs/configuration/listener/tcp.html.md +++ b/website/source/docs/configuration/listener/tcp.html.md @@ -38,6 +38,10 @@ advertise the correct address to other nodes. request size, in bytes. Defaults to 32 MB. Specifying a number less than or equal to `0` turns off limiting altogether. +- `max_request_duration` `(string: "90s")` – Specifies the maximum + request duration allowed before Vault cancels the request. This overrides + `default_max_request_duration` for this listener. + - `proxy_protocol_behavior` `(string: "") – When specified, turns on the PROXY protocol for the listener. Accepted Values: