mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-22 23:21:08 +02:00
Code Issues Projects Releases Wiki Activity
21,651 Commits 2,843 Branches 445 Tags
Commit Graph

838 Commits

Author SHA1 Message Date
Rachel Culpepper
b49622076f
Add docs for cmac (#26654) 
* add docs for cmac

* move cmac
 2024-04-25 17:05:11 -05:00
Sarah Chavis
643028f931
[DOCS] Update deprecation pages (#26597) 
Co-authored-by: Meggie <meggie@hashicorp.com>
 2024-04-24 09:28:49 -07:00
Jason Peng
5f4e53e5a2
Update health.mdx (#26264) 
To address the confusion on 472 status code, in addition to explain in rare occasions when a 429 could be returned.
 2024-04-22 15:45:20 -07:00
akshya96
d44ec076b8
retention months docs changes (#26563) 2024-04-19 14:57:10 -07:00
JMGoldsmith
7b4f6409c6
[DOCS] Updating approle docs and token partial to include batch token prefer… (#26490) 
* updating approle docs and token partial to include batch token preference

* Update website/content/docs/auth/approle.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/partials/tokenstorefields.mdx

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>

* Update website/content/docs/auth/approle.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-04-19 12:32:12 -04:00
Adrian Todorov
76be7fb832
Clarify the wordinf AWS auth docs around alias source (#26441) 2024-04-16 17:41:40 +01:00
Nick Cabatoff
d1e1d47b05
Update api docs to reflect changes brought in by replication canary and clock skew (#25762) 2024-04-16 09:12:31 -04:00
Meggie
d52db741f5
Add to admin namespace (#26293) 
* Add to admin namespace

Add sys/config/group-policy-application to admin namespace endpoints.

* Endpoint can now be accessed from admin ns
 2024-04-15 16:49:47 -04:00
Chris Capurso
5870b423a3
remove extraneous max_leases and role fields (#26376) 2024-04-11 13:18:22 -04:00
Socheat Sok
f1922d2113
Minor tweak on "Set Certificate Chain" docs for Transit secret engine (#26250) 
The `certificate_chain` parameter is incorrect from the description in the PR #21081.
 2024-04-04 09:37:45 -04:00
Shahrad Elahi
a942597971
docs: Add Node.JS library reference (#26209) 
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-04-02 12:54:28 -07:00
Thy Ton
df477f6404
docs make kubernetes_ca_cert optional on kubernetes auth (#25963) 
---------

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-03-27 15:45:43 -07:00
Hansanto
49014b29e0
doc: Add kault library reference (#26111) 
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-03-22 15:26:17 -07:00
Chelsea Shaw
6091ad4f71
Remove internal version endpoint (#25998) 
* VAULT-24469 use sys/seal-status instead of internal version endpoint

* Update tests and mirage handlers

* Revert "VAULT-20669: Add New Authenticated Endpoint for Version  (#23740)"

This reverts commit 550c99ae3b6553f12e4a862c915155b8d0a53516.

* Readded version_test.go

* Reverted any old changes on versionlgo

---------

Co-authored-by: divyaac <divyaac@berkeley.edu>
 2024-03-21 09:14:22 -07:00
radek-sprta
ab59f8fa56
Docs: Mention default_extensions_template in API docs (#26028) 
Co-authored-by: Chris Capurso <1036769+ccapurso@users.noreply.github.com>
 2024-03-19 11:06:51 -04:00
Steven Clark
6fca34eace
Proceed with cert auth login attempts if ocsp_fail_open is true and servers are unreachable (#25982) 2024-03-19 10:39:37 -04:00
Steven Clark
5785191067
Support OCSP responses without NextUpdate field set (#25912) 
* Support OCSP responses without a NextUpdate value set

 - Validate that the ThisUpdate value is
   properly prior to our current time and
   if NextUpdate is set that, ThisUpdate is
   before NextUpdate.
 - If we don't have a value for NextUpdate just compare against ThisUpdate.

* Add ocsp_this_update_max_ttl support to cert auth

 - Allow configuring a maximum TTL of the OCSP response based on the
   ThisUpdate time like OpenSSL does
 - Add test to validate that we don't cache OCSP responses with no NextUpdate

* Add cl

* Add missing ` in docs

* Rename ocsp_this_update_max_ttl to ocsp_this_update_max_age

* Missed a few TTL references

* Fix error message
 2024-03-18 18:12:37 -04:00
Chris Capurso
1274f2d79a
document that LISTs with no results return 404 (#25989) 2024-03-18 13:11:42 -04:00
John-Michael Faircloth
594d304f25
api: do not require sudo for GetAuth wrapper (#25968) 
* api: do not require sudo for GetAuth wrapper

* changelog
 2024-03-15 14:40:22 -07:00
Sean Ellefson
b44d9fc19f
Correcting Sample Request to use token and POST (#23910) 2024-03-13 18:30:40 +00:00
Hector Manuel
8ef273832e
Docs: New parameter for the Kubernetes Secrets roles (#25581) 
* Docs: New parameter for the K8s Secrets roles

* Fix: Apply text correction from review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Peter Wilson <peter.wilson@hashicorp.com>
 2024-03-13 18:27:30 +00:00
Chris Capurso
8db1aa1d41
change "lease count" to "rate limit" (#25899) 2024-03-12 16:21:29 -04:00
Chris Capurso
db55fa42d4
Add clarification to quota docs regarding parent ns access (#25894) 
* clarify quota operation restrictions against parent/sibling ns

* update lease count quota docs

* Reword LIST endpoint description
 2024-03-12 16:04:07 -04:00
Peter Wilson
a311735761
Support pre-hashed passwords with userpass backend (#25862) 
* allows use of pre-hashed passwords with userpass backend

* Remove unneeded error

* Single error check after switch

* use param name quoted in error message

* updated test for quoted param in error

* white space fixes for markdown doc

* More whitespace fixes

* added changelog

* Password/pre-hashed password are only required on 'create' operation

* docs indentation

* Update website/content/docs/auth/userpass.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Updated docs

* Check length of hash too

* Update builtin/credential/userpass/path_user_password_test.go

:)

Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Kuba Wieczorek <kuba.wieczorek@hashicorp.com>
 2024-03-12 18:16:11 +00:00
miagilepner
e31413d6cf
VAULT-23089: Doc updates for secret sync billing (#24955) 
* add secret sync clients

* update docs and add metrics

* add to operator usage

* entities -> secrets
 2024-03-12 10:06:51 +00:00
Tom Proctor
86be20e5d9
Docs: New plugins pinned versions APIs (#25604) 2024-03-08 12:48:16 +00:00
Austin Gebauer
57f7fa9c60
docs: adds enterprise documentation for plugin wif (#25706) 
* docs: adds enterprise documentation for plugin wif

* attempt fix anchor link

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/api-docs/secret/identity/tokens.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/secrets/aws.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* remove API section for plugin WIF

* commas

* move wif out of subsection

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-03-07 19:14:30 -08:00
Steven Clark
43f8c7a6f0
PKI EST docs (#25521) 
* PKI EST docs

 Initial draft of the PKI EST setup and API docs for feedback

* Add missing enable_sentinel_parsing param to API docs

* Update grammar

* Some API doc feedback

* Note about dedicated auth mounts

* Additional PR feedback

---------

Co-authored-by: Scott G. Miller <smiller@hashicorp.com>
 2024-03-07 14:27:59 -05:00
Scott Miller
ba193334ce
Remove the available in language, since our docs are versioned now (#25747) 2024-03-04 13:03:45 -06:00
Thy Ton
50aa6eea70
docs: add templated policies workflow example to kubernetes auth (#25694) 
---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2024-03-01 15:11:14 -08:00
Steven Clark
09294e891a
Add notes around OCSP GET request issue (#25745) 
* Add note around OCSP GET request issue

 - Fix some broken TOC links
 - Add a note in the api-docs and in the considerations page
   around Vault having issues with OCSP GET requests and that
   POST requests should be preferred.
 - Add existing known issue to all branches that are affected.

* Fix links to partial file for 1.12 and 1.13 upgrade docs
 2024-03-01 15:25:07 -05:00
Steven Clark
ab75d03a6c
Add new /sys/well-known interface to get information about registered labels (#25695) 
* Add new /sys/well-known interface to get information about registered labels

 - Add two new interfaces LIST/GET /sys/well-known which will provide
   a list of keys which are registered labels within the /.well-known space on
   the local server, along with a detailed info map for each
 - Add GET /sys/well-known/<label> to get details on a specific registered label
 - Add docs and tests for the new api endpoints

* Add test doc and remove copied comment

* Rename returned fields to use snake case

* Remove extra newline added when resolving the merge conflict

* Apply suggestions from code review

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-02-29 17:07:49 -05:00
Marc Boudreau
9ec4d839f3
VAULT-24439: Make sys/config/ui/custom-messages enterprise paths (#25696) 
* remove uiCustomMessagePaths from System backend paths

* adjust documentation

* grammar improvements in docs

* add ENT badge to custom-message api docs page in ToC
 2024-02-29 11:45:22 -05:00
Milena Zlaticanin
3a844a2e45
Update Azure secrets docs + deprecation (#25637) 
* Update Azure secrets docs + deprecation

* add changelog

* update

* update docs

* update deprec doc
 2024-02-28 11:59:00 -07:00
Max Coulombe
f94e2156ce
* adjust sync config disclaimer (#25630) 2024-02-27 09:57:46 -05:00
Raymond Ho
2b46f5e523
docs: sync/github-apps (#25569) 2024-02-22 22:53:15 +00:00
vinay-gopalan
60fb3c14d5
Add documentation for new Identity Token .well-known endpoint used for Plugin WIF (#25469) 2024-02-22 09:08:59 -08:00
vinay-gopalan
2dc73f0636
Add documentation for AWS Plugin WIF (#25398) 2024-02-21 09:19:43 -08:00
Austin Gebauer
66cdf14fe5
sync/gcp: documents project_id parameter for syncing with target projects (#25504) 2024-02-20 15:27:31 -08:00
Austin Gebauer
6d4f5df69c
auth/jwt: adds documentation for multi-jwks config parameter (#25503) 
* auth/jwt: adds documentation for multi-jwks config parameter

* updates bound_issuer parameter

* fix link
 2024-02-20 08:49:53 -08:00
Max Coulombe
b33e37df84
Docs/vault 23837/sync doc update (#25433) 
* + documented the new sync API options
 2024-02-17 14:58:50 -05:00
Peter Wilson
94fb339b31
VAULT-22483: Audit filter docs (#24903) 
* Tidy up of files

* Add concepts page for filtering

* Update 'Common configuration options'

* Update table format (metrics)

* Filtering metrics

* audit specific filtering

* Fix nav and naming of files

* updates to audit filtering concept page

* Tweaks

* audit updates and glossary page addition for 'request'

* update CLI docs (audit enable)

* added metrics to 'all metrics' page

* fallback example and link fix

* improve links

* updated based on feedback

* some extra details on a request for glossary

* format fix

* use description on fallback device

* test message properties

* Sort out weird merge for events.mdx

* Update website/content/docs/concepts/filtering/audit.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Update website/content/docs/concepts/filtering/audit.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Update website/content/docs/concepts/filtering/audit.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Update website/content/docs/concepts/filtering/audit.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Update website/content/docs/concepts/filtering/audit.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Intro paragraph about filtering/normal devices, and uppercase bullets

* Fix casing on bullets and table layour

* Uppercase bullets

* Update website/content/docs/glossary.mdx

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>

* Improvement?

* PR feedback

* Updated based on PR feedback

* Include common options

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Remove extra space

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Split out metrics

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Remove extra word

* Updated table formatting, remove close code block etc.

* Update website/content/docs/concepts/filtering/index.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-02-16 18:34:25 +00:00
Scott Miller
734afbe09e
Cache trusted cert values, invalidating when anything changes (#25421) 
* Cache trusted cert values, invalidating when anything changes

* rename to something more indicative

* defer

* changelog

* Use an LRU cache rather than a static map so we can't use too much memory.  Add docs, unit tests

* Don't add to cache if disabled.  But this races if just a bool, so make the disabled an atomic
 2024-02-15 21:48:30 +00:00
aphorise
6d59868fb8
Docs: Tranform secrets encode parameter: expiration added. (#25168) 
* Docs: Tranform secrets encode parameter:  added.

* Docs: Tranform secrets encode parameter `expiration` text corrected & formating on `ttl` too.

* Docs: Tranform secrets encode parameter `expiration` formating & correction.

* Update website/content/api-docs/secret/transform.mdx
 2024-02-02 10:20:10 -05:00
Thy Ton
aab72100fb
add new config option use_annotations_as_alias_metadata for k8s auth on api docs (#24941) 2024-02-01 11:45:53 -08:00
Jakob Beckmann
2a566f40fc
docs(kubernetes-auth): add API documentation for kubernetes auth namespace selectors (#19318) 
Co-authored-by: Thy Ton <maithytonn@gmail.com>
 2024-02-01 11:41:07 -08:00
Austin Gebauer
677d98a821
oidc/provider: adds code_challenge_methods_supported to metadata (#24979) 
* oidc/provider: adds code_challenge_methods_supported to metadata

* adds changelog

* adds docs
 2024-01-22 13:40:13 -08:00
Nestor Reyes
4811fd1962
Update oracle.mdx missing feature flags (#23517) 
* Update oracle.mdx missing feature flags

Adding missing feature flags to API doc. 
split_statements and disconnect_sessions.

Related PR
https://github.com/hashicorp/vault-plugin-database-oracle/pull/62

* Update website/content/api-docs/secret/databases/oracle.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
 2024-01-22 13:59:04 -06:00
Marc Boudreau
dcde458e33
VAULT-23051: Documenting API Endpoints (#24845) 
* api documentation changes

* document management endpoints

* add new website page to the navigation

* include explanation message retrieval from namespaces up to root namespace

* added clarification statement to the create and update operations documentation

* fixed inconsistency in sample request

* Apply suggestions from code review

Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>

---------

Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
 2024-01-19 16:13:03 -05:00
Stefan Zhelyazkov
f4978b3efd
Updating Vault docs for JWT support of numeric bound_claims (#24921) 
* Add a note that the role name is available as role in entity alias metadata

* Update JWT docs for numeric bound_claims
 2024-01-18 13:57:30 +00:00