From edf4e75f0dcb3c357c93a62a8744b3d05fd79802 Mon Sep 17 00:00:00 2001 From: Michel Vocks Date: Tue, 12 Nov 2019 00:25:48 +0100 Subject: [PATCH] Docs: Add filtered paths api docs (#7786) --- .../replication-performance.html.md | 165 +++++++++++++++++- 1 file changed, 162 insertions(+), 3 deletions(-) diff --git a/website/source/api/system/replication/replication-performance.html.md b/website/source/api/system/replication/replication-performance.html.md index ef8304b953..f95d5c6fbe 100644 --- a/website/source/api/system/replication/replication-performance.html.md +++ b/website/source/api/system/replication/replication-performance.html.md @@ -242,7 +242,160 @@ $ curl \ http://127.0.0.1:8200/v1/sys/replication/performance/primary/revoke-secondary ``` -## Create Mounts Filter +## Create Paths Filter + +This endpoint is used to modify the mounts and namespaces that are filtered to a secondary. +Filtering can be specified in allow mode or deny mode. In allow +mode the secret and auth mounts that are specified are included to the +selected secondary. In deny mode, the mount and namespace paths are excluded. + +| Method | Path | +| :------------------------------------------------------- | :--------------------- | +| `POST` | `/sys/replication/performance/primary/paths-filter/:id` | + +### Parameters + +- `id` `(string: )` – Specifies the unique performance secondary identifier. + +- `mode` `(string: "allow")` – Specifies the filtering mode. Available values + are "allow" and "deny". + +- `paths` `(array: [])` – The list of mount and namespace paths that are filtered. + +### Sample Payload + +```json +{ + "mode": "allow", + "paths": ["secret/", "ns1/"] +} +``` + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + --request POST \ + --data @payload.json \ + http://127.0.0.1:8200/v1/sys/replication/performance/primary/paths-filter/mySecondaryID +``` + +## Read Paths Filter + +This endpoint is used to read the mode and the mount/namespace paths that are filtered +for a secondary. + +| Method | Path | +| :------------------------------------------------------- | :--------------------- | +| `GET` | `/sys/replication/performance/primary/paths-filter/:id` | `200 (empty body)` | + +### Parameters + +- `id` `(string: )` – Specifies the unique performance secondary identifier. + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + http://127.0.0.1:8200/v1/sys/replication/performance/primary/paths-filter/mySecondaryID +``` + +### Sample Response + +```json +{ + "mode": "allow", + "paths": ["secret/", "ns1/"] +} +``` + +## Delete Paths Filter + +This endpoint is used to delete the mount and namespace filters for a secondary. + +| Method | Path | +| :------------------------------------------------------- | :--------------------- | +| `DELETE` | `/sys/replication/performance/primary/paths-filter/:id` | + +### Parameters + +- `id` `(string: )` – Specifies the unique performance secondary identifier. + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + --request DELETE \ + http://127.0.0.1:8200/v1/sys/replication/performance/primary/paths-filter/mySecondaryID +``` + +## Read Dynamically Generated Filter (PRIMARY) + +This endpoint is used to read the namespace and the mount paths that are dynamically +filtered for a secondary on the primary. + +| Method | Path | +| :------------------------------------------------------- | :--------------------- | +| `GET` | `/sys/replication/performance/primary/dynamic-filter/:id` | `200 (empty body)` | + +### Parameters + +- `id` `(string: )` – Specifies the unique performance secondary identifier. + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + http://127.0.0.1:8200/v1/sys/replication/performance/primary/dynamic-filter/mySecondaryID +``` + +### Sample Response + +```json +{ + "dynamic_filtered_mounts": ["ns1/ns2/secret/", "ns1/kv/"], + "dynamic_filtered_namespaces": ["ns1/", "ns1/ns2/"] +} +``` + +## Read Dynamically Generated Filter (SECONDARY) + +This endpoint is used to read the namespace and the mount paths that are dynamically +filtered for a secondary on the secondary. + +| Method | Path | +| :------------------------------------------------------- | :--------------------- | +| `GET` | `/sys/replication/performance/secondary/dynamic-filter/:id` | `200 (empty body)` | + +### Parameters + +- `id` `(string: )` – Specifies the unique performance secondary identifier. + +### Sample Request + +``` +$ curl \ + --header "X-Vault-Token: ..." \ + http://127.0.0.1:8200/v1/sys/replication/performance/secondary/dynamic-filter/mySecondaryID +``` + +### Sample Response + +```json +{ + "dynamic_filtered_mounts": ["ns1/ns2/secret/", "ns1/kv/"], + "dynamic_filtered_namespaces": ["ns1/", "ns1/ns2/"] +} +``` + +## Create Mounts Filter (DEPRECATED) + +~> This API is deprecated and will be removed in a future version of Vault. +Please use Paths Filter instead. This endpoint is used to modify the mounts that are filtered to a secondary. Filtering can be specified in whitelist mode or blacklist mode. In whitelist @@ -281,7 +434,10 @@ $ curl \ http://127.0.0.1:8200/v1/sys/replication/performance/primary/mount-filter/us-east-1 ``` -## Read Mounts Filter +## Read Mounts Filter (DEPRECATED) + +~> This API is deprecated and will be removed in a future version of Vault. +Please use Paths Filter instead. This endpoint is used to read the mode and the mount paths that are filtered for a secondary. @@ -311,7 +467,10 @@ $ curl \ } ``` -## Delete Mounts Filter +## Delete Mounts Filter (DEPRECATED) + +~> This API is deprecated and will be removed in a future version of Vault. +Please use Paths Filter instead. This endpoint is used to delete the mount filters for a secondary.