mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-09-01 12:01:10 +02:00
Code Issues Projects Releases Wiki Activity
4,184 Commits 2,840 Branches 446 Tags
Commit Graph

855 Commits

Author SHA1 Message Date
Jeff Mitchell
67c501309e Add deprecation notices for App ID 2016-07-26 10:08:46 -04:00
Jeff Mitchell
586fb4ac03 Add app-id deprecation to upgrade notes 2016-07-26 10:04:08 -04:00
vishalnayak
59930fda8f AppRole authentication backend 2016-07-26 09:32:41 -04:00
Jeff Mitchell
ecfaba1ac6 Add upgrade notes for LDAP 2016-07-25 09:07:52 -04:00
Oren Shomron
005cb3e042 LDAP Auth Backend Overhaul 
--------------------------

Added new configuration option to ldap auth backend - groupfilter.
GroupFilter accepts a Go template which will be used in conjunction with
GroupDN for finding the groups a user is a member of. The template will
be provided with context consisting of UserDN and Username.

Simplified group membership lookup significantly to support multiple use-cases:
  * Enumerating groups via memberOf attribute on user object
  * Previous default behavior of querying groups based on member/memberUid/uniqueMember attributes
  * Custom queries to support nested groups in AD via LDAP_MATCHING_RULE_IN_CHAIN matchind rule

There is now a new configuration option - groupattr - which specifies
how to resolve group membership from the objects returned by the primary groupfilter query.

Additional changes:
  * Clarify documentation for LDAP auth backend.
  * Reworked how default values are set, added tests
  * Removed Dial from LDAP config read. Network should not affect configuration.
 2016-07-22 21:20:05 -04:00
Vishal Nayak
484dc253c1 Merge pull request #1647 from hashicorp/version-in-api 
Add version information to health status
 2016-07-22 18:34:33 -04:00
vishalnayak
5b9b07e073 Updated sys/health docs 2016-07-22 18:33:29 -04:00
matt maier
a1b50427f2 Circonus integration for telemetry metrics 2016-07-22 15:49:23 -04:00
vishalnayak
d5c669038a Added service-tags config option to provide additional tags to registered service 2016-07-22 04:41:48 -04:00
Jeff Mitchell
68464028db Update website text 2016-07-21 14:54:24 -04:00
Jeff Mitchell
e5fcad9578 Update website description 2016-07-21 14:32:23 -04:00
Laura Bennett
c6cc73b3bd Merge pull request #1635 from hashicorp/mysql-idle-conns 
Added maximum idle connections to mysql to close hashicorp/vault#1616
 2016-07-20 15:31:37 -04:00
Laura Bennett
33ed1ffd58 minor formatting edits 2016-07-20 14:42:52 -04:00
Jeff Mitchell
a8a2886538 Merge pull request #1604 from memory/mysql-displayname-2 
concat role name and token displayname to form mysql username
 2016-07-20 14:02:17 -04:00
Nathan J. Mehl
e824f6040b use both role name and token display name to form mysql username 2016-07-20 10:17:00 -07:00
Laura Bennett
7c2c30e5ae update documentation for idle connections 2016-07-20 12:50:07 -04:00
Nathan J. Mehl
83635c16b6 respond to feedback from @vishalnayak 
- split out usernameLength and displaynameLength truncation values,
  as they are different things

- fetch username and displayname lengths from the role, not from
  the request parameters

- add appropriate defaults for username and displayname lengths
 2016-07-20 06:36:51 -07:00
Jeff Mitchell
45523174dc Add mongodb to sidebar 2016-07-19 14:00:47 -04:00
Matt Hurne
0a55ca674b mongodb secret backend documentation: Remove verify_connection from example response to GET /mongodb/config/connection; add documentation for GET /mongodb/config/lease 2016-07-19 12:46:54 -04:00
Matt Hurne
d23ba11a0c Merge branch 'master' into mongodb-secret-backend 2016-07-19 10:38:45 -04:00
Jeff Mitchell
1923ed3085 Update documentation around dynamodb changes 2016-07-18 14:10:55 -04:00
Jeff Mitchell
dbffe5785c Use parsebool 2016-07-18 13:49:05 -04:00
Jeff Mitchell
a347917044 Turn off DynamoDB HA by default. 
The semantics are wonky and have caused issues from people not reading
docs. It can be enabled but by default is off.
 2016-07-18 13:19:58 -04:00
Jeff Mitchell
f16992d6fa Merge pull request #1613 from skippy/update-aws-ec2-docs 
[Docs] aws-ec2 -- note IAM action requirement
 2016-07-18 10:40:38 -04:00
Jeff Mitchell
2dc001b388 Merge pull request #1589 from skippy/patch-2 
[Docs] aws-ec2 -- clarify aws public cert is already preloaded
 2016-07-18 10:02:35 -04:00
Adam Greene
72bd7db1e7 [Docs] aws-ec2 -- note IAM action requirement 2016-07-13 15:52:47 -07:00
Adam Greene
71ad0989ac english tweaks 2016-07-13 15:11:01 -07:00
vishalnayak
150cba24a7 Added tls_min_version to consul storage backend 2016-07-12 20:10:54 -04:00
Nathan J. Mehl
417cf49bb7 allow overriding the default truncation length for mysql usernames 
see https://github.com/hashicorp/vault/issues/1605
 2016-07-12 17:05:43 -07:00
Jeff Mitchell
478f420912 Migrate number of retries down by one to have it be max retries, not tries 2016-07-11 21:57:14 +00:00
Jeff Mitchell
7129fd5785 Switch to pester from go-retryablehttp to avoid swallowing 500 error messages 2016-07-11 21:37:46 +00:00
Matt Hurne
57d3af8a4e Merge branch 'master' into mongodb-secret-backend 2016-07-09 21:14:21 -04:00
Jeff Mitchell
a1bbd24031 Add documentation of retry env vars 2016-07-08 10:41:11 -04:00
Matt Hurne
5a6547fdaa Merge branch 'master' into mongodb-secret-backend 2016-07-08 08:32:03 -04:00
Jeff Mitchell
9cfce6c3f3 Some policy concept page clarifications 2016-07-08 05:05:46 +00:00
Matt Hurne
2c3b5513df mongodb secret backend: Improve and correct errors in documentation; improve "parameter is required" error response messages 2016-07-07 23:09:45 -04:00
Matt Hurne
f2a3471f37 Update mongodb secret backend documentation to indicate that ttl and max_ttl lease config parameters are optional rather than required 2016-07-07 22:34:00 -04:00
Matt Hurne
a130c7462a mongodb secret backend documentation: Use single quotes around roles JSON to avoid needing to escape double quotes within the JSON 2016-07-07 22:31:35 -04:00
Matt Hurne
1751d4da68 Merge branch 'master' into mongodb-secret-backend 2016-07-07 21:24:40 -04:00
Eric Herot
1a2b13c204 Pretty sure the method to delete a token role is not GET 2016-07-07 13:54:20 -04:00
Jeff Mitchell
c7e59ffe28 Fix upgrade to 0.6 docs 2016-07-06 19:00:23 -04:00
Jeff Mitchell
82f79dd55f Merge pull request #1590 from skippy/patch-3 
Update aws-ec2.html.md -- clarify pkcs7 cert cleanup before use
 2016-07-06 21:31:12 +02:00
Brian Shumate
877a7dc378 Minor grammar edit 2016-07-06 10:02:52 -04:00
Jeff Mitchell
86659de8f2 Fix website upgrade menu for 0.6.0 2016-07-06 09:28:21 -04:00
Stig Lindqvist
1400ef0c44 Correcting grammar 2016-07-06 17:57:22 +12:00
Adam Greene
7d5209c251 Update aws-ec2.html.md 
per #1582, updating the docs to include notes about pkcs#7 handling, specifically that aws returns the pkcs#7 cert with newlines and that they need to be stripped before sending them to the login endpoint
 2016-07-05 13:21:56 -07:00
Adam Greene
4ce975bb36 Update aws-ec2.html.md 
clarify, and make more explicit, the language around the default AWS public certificate
 2016-07-05 13:14:29 -07:00
Matt Hurne
2b5b56febd mongodb secret backend: Update documentation 2016-07-05 09:50:23 -04:00
Matt Hurne
7571487c7f Merge branch 'master' into mongodb-secret-backend 2016-07-01 20:39:13 -04:00
Mark Paluch
895eac0405 Address review feedback. 
Switch ConnectTimeout to framework.TypeDurationSecond  with a default of 5. Remove own parsing code.
 2016-07-01 22:26:08 +02:00