435 Commits

Author SHA1 Message Date
gerardma77
17664bcfbe
Adding AD lifetime period of an old password note to Vault LDAP secrets Engine API Documentation (#28429)
* adding_OldPasswordAllowedPeriod_waring

* Updated note for AD password

* Update website/content/api-docs/secret/ldap.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Equus quagga <jan.prinsloo@hashicorp.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-09-19 12:08:32 -07:00
Rachel Culpepper
978b3aee52
add ce changes and documentation for tidying cmpv2 nonce store (#28362)
* add ce changes and documentation for tidying cmpv2 nonce store

* add build tag

* fix test failures

* fix backend test
2024-09-12 11:32:51 -05:00
Steven Clark
10df48b3e1
Remove beta tags from CMPv2 docs (#28339) 2024-09-10 16:18:38 -04:00
John-Michael Faircloth
f7701e1d8c
docs: add postgres TLS docs (#28302)
* docs: add postgres TLS docs

* fix link formatting
2024-09-09 12:34:16 -05:00
Scott Miller
047ec756c0
Document CMPv2 (#27915)
* CMPv2 Documentation, and restructuring of Issuance Protocols into its own section for PKI.

* title

* CMPv2 API

* Add default path policy

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* respond to some PR feedback

* pr feedback

* Fix nav and add key_usage

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/docs/secrets/pki/cmpv2.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Update website/content/api-docs/secret/pki/issuance.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

* Docs fixes

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2024-09-04 17:24:50 -05:00
Kit Haines
edf6851eb4
Key Usage Enablement for Ent-Feature CMPv2 (#28237)
* Key Usage Enablement for Ent-Feature CMPv2
2024-08-30 17:05:20 +00:00
kevin-loehfelm
e4309e2a1a
correct typo (#28077) 2024-08-15 09:26:51 -07:00
kevin-loehfelm
7c13168d7d
added delete role to website documentation (#27883)
* added delete role to website documentation

* added changlog
2024-07-26 15:18:45 -07:00
John-Michael Faircloth
3f90e9ac38
docs: add missing rotation_statements to oracle docs (#27802) 2024-07-17 18:14:49 -04:00
John-Michael Faircloth
d444a32f8c
docs: add missing rotation_statements to mssql api docs (#27800) 2024-07-17 10:30:00 -05:00
Milena Zlaticanin
f7ccefa4a4
Update azure docs to include new param (#27680)
* Update azure docs to include new param

* update
2024-07-03 12:53:56 -07:00
Ben Ash
a05deb5f37
AWS secrets: add support for STS session tags (#27620)
Adds support for configuring session tags for assume role operations.
2024-07-02 10:48:52 -04:00
Robert
f8631d1faa
Update docs wording with example for static role rotation of access keys for AWS IAM Users (#27572)
* Give an example for maximum number of keys with IAM Users

* Update aws.mdx
2024-06-26 12:38:30 -05:00
AvivGuiser
3372a9b4db
secrets/database: Add usePrivateIP field for cloudsql postgresql instances (#26828)
* add usePrivateIP params to determine if to use private ip dial option

Signed-off-by: aviv guiser <avivguiser@gmail.com>

* fix the connection_producer.go in mysql plugin

Signed-off-by: aviv guiser <avivguiser@gmail.com>

* Update sdk/database/helper/connutil/sql.go

Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>

---------

Signed-off-by: aviv guiser <avivguiser@gmail.com>
Signed-off-by: AvivGuiser <aviv.guiser@placer.ai>
Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com>
2024-06-25 14:17:13 -05:00
Kit Haines
74f1c4a618
Vault 27884 api doc updates for cert metadata (#27374)
* OSS changes to rename metadata cert_metadata

* OSS changes to functions.

* cert_metadata rename; add list endpoint.
2024-06-05 15:11:12 -04:00
vinay-gopalan
5acc4331ea
Add WIF documentation for Azure Auth and Secrets engines (#27185) 2024-06-03 13:17:13 -07:00
vinay-gopalan
01ccf580d8
Add WIF documentation for GCP Auth and Secrets engines (#27170)
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-06-03 13:16:56 -07:00
Steven Clark
b0d5e1b9af
Add missing cmac argument to Transit verify API docs (#27307) 2024-05-31 13:33:30 -04:00
Steven Clark
e6c9bbbd47
Add missing audit_fields EST configuration parameter to docs (#27232)
- The API docs for the PKI EST configuration was missing the audit_fields
   parameter.
 - Also fix up the example EST responses
2024-05-24 15:28:39 -04:00
John-Michael Faircloth
f528036e45
docs: ldap secrets hierarchical paths (#27203)
* docs: ldap secrets hierarchical paths

* changelog

* Apply suggestions from code review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* role_name => set_name

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-05-24 09:10:59 -05:00
Steven Clark
0bb3ddf7a7
Update cert metadata docs (#27025)
* Update cert metadata docs

 - Add missing enterprise notices on parameters and titles
 - Mention that the metadata parameter is a base64 encoded string
 - Tweak the no_store_metadata description
 - Update some entries within the PKI considerations page

* Add serial_number to read certificate metadata sample response

* Update fields sign-verbatim is affected by the specified role
2024-05-16 11:08:31 -04:00
Rowan Smith
7b51f6c866
[docs] add note around CRL rotation not occuring on revoke if auto_rebuild is enabled (#26893)
* add note around CRL rotation not occuring on revoke if auto_rebuild is enabled

A note to clarify that revocation will not trigger a rotation of the CRL if auto_rebuild of the CRL is set to true/enabled.

* fix links

fix links

* Update pki.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update pki.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-05-13 16:20:10 -04:00
Rachel Culpepper
70907cd971
Add docs for cert metadata (#26918)
* add new fields

* add new endpoint

* fix example

* fix description

* add header to sample request
2024-05-10 14:05:27 -05:00
Steven Clark
0637f5e316
PKI: Change sign-intermediate to truncate notAfter by default (behavior change) (#26796)
* PKI: Change sign-intermediate to truncate notAfter by default

 - The PKI sign-intermediate API allowed an end-user to request a TTL
   value that would extend beyond the signing issuer's notAfter. This would
   generate an invalid CA chain when properly validated.
 - We are now changing the default behavior to truncate the returned certificate
   to the signing issuer's notAfter.
 - End-users can get the old behavior by configuring the signing issuer's
   leaf_not_after_behavior field to permit, and call sign-intermediary
   with the new argument enforce_leaf_not_after_behavior to true. The
   new argument could also be used to enforce an error instead of truncating
   behavior if the signing issuer's leaf_not_after_behavior is set to err.

* Add cl

* Add cl and upgrade note

* Apply suggestions from code review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-05-09 11:22:04 -04:00
Steven Clark
fe2b4c6f7a
PKI: Allow operators to increase the maximum TTL for ACME issued certificates (#26797)
* PKI: Allow operators to increase the maximum TTL for ACME issued certificates

* Add cl
2024-05-09 10:41:28 -04:00
Scott Miller
c4839ad05c
Document tokenization DELETE (#26622)
* Document tokenization DELETE

* typo

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>

---------

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
2024-05-01 15:18:44 +00:00
Marc Boudreau
cd64c6e441
Fix heading level for Parameters in Identity/Group API doc page (#26621)
* change heading level for parameters to 3 from 2

* fixup! change heading level for parameters to 3 from 2
2024-04-30 14:59:26 -04:00
Rachel Culpepper
b49622076f
Add docs for cmac (#26654)
* add docs for cmac

* move cmac
2024-04-25 17:05:11 -05:00
Socheat Sok
f1922d2113
Minor tweak on "Set Certificate Chain" docs for Transit secret engine (#26250)
The `certificate_chain` parameter is incorrect from the description in the PR #21081.
2024-04-04 09:37:45 -04:00
radek-sprta
ab59f8fa56
Docs: Mention default_extensions_template in API docs (#26028)
Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
2024-03-19 11:06:51 -04:00
Hector Manuel
8ef273832e
Docs: New parameter for the Kubernetes Secrets roles (#25581)
* Docs: New parameter for the K8s Secrets roles

* Fix: Apply text correction from review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
2024-03-13 18:27:30 +00:00
Austin Gebauer
57f7fa9c60
docs: adds enterprise documentation for plugin wif (#25706)
* docs: adds enterprise documentation for plugin wif

* attempt fix anchor link

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* remove API section for plugin WIF

* commas

* move wif out of subsection

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-03-07 19:14:30 -08:00
Steven Clark
43f8c7a6f0
PKI EST docs (#25521)
* PKI EST docs

 Initial draft of the PKI EST setup and API docs for feedback

* Add missing enable_sentinel_parsing param to API docs

* Update grammar

* Some API doc feedback

* Note about dedicated auth mounts

* Additional PR feedback

---------

Co-authored-by: Scott G. Miller <smiller@hashicorp.com>
2024-03-07 14:27:59 -05:00
Steven Clark
09294e891a
Add notes around OCSP GET request issue (#25745)
* Add note around OCSP GET request issue

 - Fix some broken TOC links
 - Add a note in the api-docs and in the considerations page
   around Vault having issues with OCSP GET requests and that
   POST requests should be preferred.
 - Add existing known issue to all branches that are affected.

* Fix links to partial file for 1.12 and 1.13 upgrade docs
2024-03-01 15:25:07 -05:00
Milena Zlaticanin
3a844a2e45
Update Azure secrets docs + deprecation (#25637)
* Update Azure secrets docs + deprecation

* add changelog

* update

* update docs

* update deprec doc
2024-02-28 11:59:00 -07:00
vinay-gopalan
60fb3c14d5
Add documentation for new Identity Token .well-known endpoint used for Plugin WIF (#25469) 2024-02-22 09:08:59 -08:00
vinay-gopalan
2dc73f0636
Add documentation for AWS Plugin WIF (#25398) 2024-02-21 09:19:43 -08:00
aphorise
6d59868fb8
Docs: Tranform secrets encode parameter: expiration added. (#25168)
* Docs: Tranform secrets encode parameter:  added.

* Docs: Tranform secrets encode parameter `expiration` text corrected & formating on `ttl` too.

* Docs: Tranform secrets encode parameter `expiration` formating & correction.

* Update website/content/api-docs/secret/transform.mdx
2024-02-02 10:20:10 -05:00
Austin Gebauer
677d98a821
oidc/provider: adds code_challenge_methods_supported to metadata (#24979)
* oidc/provider: adds code_challenge_methods_supported to metadata

* adds changelog

* adds docs
2024-01-22 13:40:13 -08:00
Nestor Reyes
4811fd1962
Update oracle.mdx missing feature flags (#23517)
* Update oracle.mdx missing feature flags

Adding missing feature flags to API doc. 
split_statements and disconnect_sessions.

Related PR
https://github.com/hashicorp/vault-plugin-database-oracle/pull/62

* Update website/content/api-docs/secret/databases/oracle.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
2024-01-22 13:59:04 -06:00
Andy Assareh
ab2e0e5a28
typo corrections - spelling and grammar (#24625)
* typo corrections - spelling

* spelling and grammar
2024-01-04 12:50:42 -05:00
Tom Proctor
dc5c3e8d97
New database plugin API to reload by plugin name (#24472) 2023-12-13 10:23:34 +00:00
Steven Clark
a41852379b
Document and augment tests that PKI accepts 8192 bit RSA keys (#24364)
- Noticed that our documentation was out of date, we allow 8192
   bit RSA keys to be used as an argument to the various PKI
   issuer/key creation APIs.
 - Augument some unit tests to verify this continues to work
2023-12-05 15:26:03 -05:00
Milena Zlaticanin
aa9b02307d
Update Azure Secrets docs (#24279) 2023-12-04 15:41:25 -07:00
Steven Clark
53040690a2
PKI: Do not set NextUpdate OCSP field when ocsp_expiry is 0 (#24192)
* Do not set NextUpdate OCSP field when ocsp_expiry is 0

* Add cl
2023-11-20 10:32:05 -05:00
Robert
54bf0807c1
secrets/aws: add support for STS Session Tokens with TOTP (#23690)
* Add test coverage

* Add session_token field, deprecate security_token

* Undo auth docs

* Update api docs

* Add MFA code support

---------

Co-authored-by: Graham Christensen <graham@grahamc.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Austin Gebauer <34121980+austingebauer@users.noreply.github.com>
2023-11-08 17:06:28 -06:00
kpcraig
dd15e5296f
Add documentation for new ldap param (#23817) 2023-11-01 11:33:53 -04:00
Steven Clark
8c9929bed2
Update specifics around managed keys support in Transit (#23795) 2023-10-26 13:45:15 -04:00
Andreas Gruhler
548b7a094b
Fix backticks for cluster_aia_path (#23845) 2023-10-26 08:28:16 -04:00
kpcraig
30f19b383f
VAULT-18307: update rotation period for aws static roles on update (#23528) 2023-10-11 17:06:58 +00:00