mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-17 12:07:02 +02:00
Code Issues Projects Releases Wiki Activity
7,384 Commits 2,844 Branches 445 Tags 454 MiB
1deaed2ffe
Commit Graph

204 Commits

Author SHA1 Message Date
Vishal Nayak
1deaed2ffe
Verify DNS SANs if PermittedDNSDomains is set (#3982) 
* Verify DNS SANs if PermittedDNSDomains is set

* Use DNSNames check and not PermittedDNSDomains on leaf certificate

* Document the check

* Add RFC link

* Test for success case

* fix the parameter name

* rename the test

* remove unneeded commented code
 2018-02-16 17:42:29 -05:00
Jeff Mitchell
a43a854740
Support other names in SANs (#3889) 2018-02-16 17:19:34 -05:00
Jeff Mitchell
d325b32a9d Update website for AWS client max_retries 2018-02-16 11:13:55 -05:00
Jeff Mitchell
ef00a69f11
Add ChaCha20-Poly1305 support to transit (#3975) 2018-02-14 11:59:46 -05:00
Joel Thompson
d4465fdfcd auth/aws: Improve role tag docs as suggested on mailing list (#3915) 
Fixes the ambiguity called out in
https://groups.google.com/forum/#!msg/vault-tool/X3s7YY0An_w/yH0KFQxlBgAJ
 2018-02-12 17:39:17 -05:00
Jeff Mitchell
a9a322aa39
Adds the ability to bypass Okta MFA checks. (#3944) 
* Adds the ability to bypass Okta MFA checks.

Unlike before, the administrator opts-in to this behavior, and is
suitably warned.

Fixes #3872
 2018-02-09 17:03:49 -05:00
Vishal Nayak
58cab5f59f added a flag to make common name optional if desired (#3940) 
* added a flag to make common name optional if desired

* Cover one more case where cn can be empty

* remove skipping when empty; instead check for emptiness before calling validateNames

* Add verification before adding to DNS names to also fix #3918
 2018-02-09 13:42:19 -05:00
Jeff Mitchell
ec27e83b6e
Update relatedtools.html.md 2018-02-08 11:15:47 -05:00
Robert Kreuzer
8f475dd93f Add vaultenv to the list of related tools (#3945) 2018-02-08 10:30:45 -05:00
Vishal Nayak
4551b9250f docs: Fix the expected type of metadata (#3835) 2018-01-23 16:30:15 -05:00
Jeff Mitchell
a109e2a11e Sync some bits over 2018-01-22 21:44:49 -05:00
Brian Shumate
28d6b91fe2 Update API endpoint references for revoke-prefix (#3828) 2018-01-22 18:04:43 -05:00
Josh Giles
2b719ae6cd Support JSON lists for Okta user groups+policies. (#3801) 
* Support JSON lists for Okta user groups+policies.

Migrate the manually-parsed comma-separated string field types for user
groups and user policies to TypeCommaStringSlice. This means user
endpoints now accept proper lists as input for these fields in addition
to comma-separated string values. The value for reads remains a list.

Update the Okta API documentation for users and groups to reflect that
both user group and user/group policy fields are list-valued.

Update the Okta acceptance tests to cover passing a list value for the
user policy field, and require the OKTA_API_TOKEN env var to be set
(required for the "everyone" policy tests to pass).

* Fix typo, add comma-separated docs.
 2018-01-16 18:20:19 -05:00
Jake Scaltreto
2e51b1562b Fix minor typo in word "certificate" (#3783) 2018-01-15 15:52:41 -05:00
Jeff Mitchell
0a2c911c03 Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-10 11:15:49 -05:00
Laura Uva
9abac4fd93 Fixed the link to the section on generating DR operation token for promoting secondary. (#3766) 2018-01-09 10:02:09 -06:00
Brian Shumate
9cac2a0ac1 Docs: add DR secondary/active HTTP 472 code (#3748) 2018-01-03 15:07:36 -05:00
Jeff Mitchell
d6552a11cc Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Brian Nuszkowski
326e1ab24c Update '/auth/token/revoke-self' endpoint documentation to reflect the proper response code (#3735) 2018-01-03 12:09:43 -05:00
dmwilcox
ad0a39dfe1 Update docs to reflect ability to load cold CA certs to output full chains. (#3740) 2018-01-03 10:59:18 -05:00
markpaine
68f87ba6f6 Spelling correction. "specifig" -> "specific" (#3739) 2018-01-03 10:38:55 -05:00
markpaine
6201056f11 Spelling correction "datatabse" -> "database" (#3738) 2018-01-03 10:38:16 -05:00
Jeff Mitchell
f9f64572f5 Clarify control group APIs are enterprise only. 
Fixes #3702
 2017-12-19 11:00:02 -05:00
Calvin Leung Huang
40b8314c4d Add period and max_ttl to cert role creation (#3642) 2017-12-18 15:29:45 -05:00
Travis Cosgrave
95328e2fb4 Use Custom Cert Extensions as Cert Auth Constraint (#3634) 2017-12-18 12:53:44 -05:00
Jeff Mitchell
4f31ee7cc8
Merge branch 'master' into f-nomad 2017-12-18 12:23:39 -05:00
Ernest W. Durbin III
a6c0194b68 Correct documentation for Kubernetes Auth Plugin (#3708) 2017-12-18 12:12:08 -05:00
Raja Nadar
bb667bf109 added the missing nonce and type fields (#3694) 2017-12-17 16:26:07 -05:00
Chris Hoffman
737dbca37a fixing up config to allow environment vars supported by api client 2017-12-17 09:10:56 -05:00
Chris Hoffman
152b6e4305 address some feedback 2017-12-15 17:06:56 -05:00
Jeff Mitchell
96b0c31de5
Merge branch 'master' into f-nomad 2017-12-14 16:44:28 -05:00
Vishal Nayak
c38f9884ce Transit: backup/restore (#3637) 2017-12-14 12:51:50 -05:00
Chris Hoffman
628153979a
Converting key_usage and allowed_domains in PKI to CommaStringSlice (#3621) 2017-12-11 13:13:35 -05:00
Paulo Ribeiro
a179a1804d Remove duplicate link in ToC (#3671) 2017-12-11 12:52:58 -05:00
Jeff Mitchell
32a7503b89
Cross reference pki/cert in a few places. 2017-12-11 11:10:28 -05:00
Mohsen
77fc89088d Small typo relating to no_store in pki secret backend (#3662) 
* Removed typo :)

* Corrected typo in the website related to no_store
 2017-12-07 10:40:21 -05:00
Calvin Leung Huang
a9e7dbb7b4
Support MongoDB session-wide write concern (#3646) 
* Initial work on write concern support, set for the lifetime of the session

* Add base64 encoded value support, include docs and tests

* Handle error from json.Unmarshal, fix test and docs

* Remove writeConcern struct, move JSON unmarshal to Initialize

* Return error on empty mapping of write_concern into mgo.Safe struct
 2017-12-05 15:31:01 -05:00
Laura Uva
291edb9746 Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key (#3632) 2017-12-04 12:12:58 -05:00
Brian Shumate
61eac778cc Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629) 2017-12-04 12:10:26 -05:00
Jeff Mitchell
a898bd272d
Remove beta notice 2017-12-04 08:25:16 -08:00
crdotson
9692cde57f Fix spelling (#3609) 
changed "aomma" to "comma"
 2017-12-04 10:53:58 -05:00
csawyerYumaed
e2cdbf4913 update relatedtools, add Goldfish UI. (#3597) 
Add link to Goldfish a  web UI for Vault.
 2017-12-04 10:51:16 -05:00
Paul Pieralde
3b56130f10 Fix docs for Transit API (#3588) 2017-12-04 10:34:05 -05:00
Jeff Mitchell
14b43deb05 Update cassandra docs with consistency value. 
Fixes #3361
 2017-12-02 14:18:23 -05:00
Nicolas Corrarello
ea66973fcb
Fix docs up to current standards 
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
 2017-11-29 16:53:42 +00:00
Nicolas Corrarello
12e77fac51
Rename policy into policies 2017-11-29 16:31:17 +00:00
Nicolas Corrarello
a3df394134
Pull master into f-nomad 
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
 2017-11-29 15:56:37 +00:00
Vishal Nayak
0f8e4c826c
docs: encryption/decryption now supports asymmetric keys (#3599) 2017-11-21 12:25:28 -05:00
Vishal Nayak
0fccc908d0
Docs: Remove 'none' as algorithm options (#3587) 2017-11-15 09:09:45 -05:00
Brian Kassouf
f67feaea20
Add token_reviewer_jwt to the kubernetes docs (#3586) 2017-11-14 13:27:09 -08:00