mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-17 20:17:00 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,844 Branches 445 Tags 454 MiB
68b40b814c
Commit Graph

1087 Commits

Author SHA1 Message Date
vishalnayak
4748b97061 Vault SSH: make Zeroaddress entry Remove method private 2015-08-31 17:10:55 -04:00
vishalnayak
22ff8fc8ad Vault SSH: Store roles as slice of strings 2015-08-31 17:03:46 -04:00
vishalnayak
f67a12266e Vault SSH: refactoring 2015-08-31 16:03:28 -04:00
vishalnayak
0a4e27a1d5 Vault SSH: Refactoring backend_test 2015-08-30 14:30:59 -04:00
vishalnayak
f72befc9c6 Vault SSH: ZeroAddress CRUD test 2015-08-30 14:20:16 -04:00
vishalnayak
afdbc043e7 Vault SSH: Add read method for zeroaddress endpoint 2015-08-29 20:22:34 -04:00
vishalnayak
79be357030 Vault SSH: Zeroaddress roles and CIDR overlap check 2015-08-29 15:24:15 -04:00
Vishal Nayak
4d3f68a631 Merge pull request #578 from hashicorp/exclude-cidr-list 
Vault SSH: Added exclude_cidr_list option to role
 2015-08-28 07:59:46 -04:00
vishalnayak
1226251d14 Vault SSH: Added exclude_cidr_list option to role 2015-08-27 23:19:55 -04:00
Jeff Mitchell
f84c8b8681 Deprecate lease -> ttl in PKI backend, and default to system TTL values if not given. This prevents issuing certificates with a longer duration than the maximum lease TTL configured in Vault. Fixes #470. 2015-08-27 12:24:37 -07:00
vishalnayak
06ac073684 Vault SSH: Docs for default CIDR value 2015-08-27 13:10:15 -04:00
vishalnayak
140013aebd Vault SSH: Default CIDR for roles 2015-08-27 13:04:15 -04:00
vishalnayak
630f348dbf Vault SSH: Provide key option specifications for dynamic keys 2015-08-27 11:41:29 -04:00
vishalnayak
91ce8b31ab Vault SSH: Create .ssh directory if not present. Closes #573 2015-08-27 08:45:34 -04:00
Jeff Mitchell
0d885535e6 Merge pull request #567 from hobbeswalsh/master 
Spaces in displayName break AWS IAM
 2015-08-26 12:37:52 -04:00
Robin Walsh
52eeb8551e Adding one more test (for no-op case) 2015-08-26 09:26:20 -07:00
Robin Walsh
e67b8d42ca Adding unit test for normalizeDisplayName() 2015-08-26 09:23:33 -07:00
Jeff Mitchell
8a0915b8ef Explicitly check for blank leases in AWS, and give a better error message if lease_max cannot be parsed. Fixes #569. 2015-08-26 09:04:47 -07:00
Robin Walsh
2cf6af79d6 s/string replacement/regexp replacement 2015-08-24 17:00:54 -07:00
Robin Walsh
e0cfb891af spaces in displayName break AWS IAM 2015-08-24 16:12:45 -07:00
vishalnayak
0843c3400b Vault SSH: Documentation update 2015-08-24 14:18:37 -04:00
vishalnayak
2d5070ba50 Vault SSH: Replace args with named vars 2015-08-24 14:07:07 -04:00
vishalnayak
c33e4d24e1 Merging with master 2015-08-24 13:55:20 -04:00
vishalnayak
00c69bfacb Vault SSH: Cleanup of aux files in install script 2015-08-24 13:50:46 -04:00
Jeff Mitchell
3da9f81bdd Merge pull request #555 from hashicorp/toggleable-hostname-enforcement 
Allow enforcement of hostnames to be toggleable for certificates.
 2015-08-21 19:23:09 -07:00
Jeff Mitchell
99041b5b6d Merge pull request #561 from hashicorp/fix-wild-cards 
Allow hyphens in endpoint patterns of most backends
 2015-08-21 11:40:42 -07:00
vishalnayak
923fe4125c Vault SSH: Undo changes which does not belong to wild card changes 2015-08-21 09:58:15 -07:00
vishalnayak
41678f18ae Vault: Fix wild card paths for all backends 2015-08-21 00:56:13 -07:00
Jeff Mitchell
97112665e8 Internally refactor Lease/LeaseGracePeriod into TTL/GracePeriod 2015-08-20 18:00:51 -07:00
vishalnayak
acb883c4b8 Vault SSH: Make the script readable 2015-08-20 16:12:17 -07:00
Jeff Mitchell
b8a72cfd47 Allow enforcement of hostnames to be toggleable for certificates. Fixes #451. 2015-08-20 14:33:37 -07:00
Vishal Nayak
41db9d25c7 Merge pull request #385 from hashicorp/vishal/vault 
SSH Secret Backend for Vault
 2015-08-20 10:03:15 -07:00
Bernhard K. Weisshuhn
08aafee5b6 skip revoke permissions step on cassandra rollback (drop user is enough) 2015-08-20 11:15:43 +02:00
Bernhard K. Weisshuhn
e0e0c43202 avoid dashes in generated usernames for cassandra to avoid quoting issues 2015-08-20 11:15:28 +02:00
vishalnayak
de30c66fea Vault SSH: Removing script file 2015-08-19 12:59:52 -07:00
vishalnayak
36bf873a47 Vault SSH: 1024 is default key size and removed 4096 2015-08-19 12:51:33 -07:00
vishalnayak
215bce546e Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-08-18 19:00:38 -07:00
vishalnayak
d6c5031169 Vault SSH: TLS client creation test 2015-08-18 19:00:27 -07:00
Armon Dadgar
e4bb074fc2 Merge pull request #534 from ctennis/lease_reader 
Fix #533, add a reader for lease values (#529) and an acceptance test for mysql to prove it works
 2015-08-18 19:00:18 -07:00
Jeff Mitchell
5ffb403857 Fix AWS, again, and update Godeps. 2015-08-18 18:12:51 -07:00
vishalnayak
99736663e2 Vault SSH: verify echo test 2015-08-18 16:48:50 -07:00
vishalnayak
a4437a0371 Vault SSH: Fix backend test cases 2015-08-18 15:40:52 -07:00
vishalnayak
d63726b41b Vault SSH: Documentation update and minor refactoring changes. 2015-08-17 18:22:03 -07:00
vishalnayak
a98b3befd9 Vault SSH: Website page for SSH backend 2015-08-14 12:41:26 -07:00
vishalnayak
52d4c0be9c Vault SSH: Install script is optional now. Default script will be for Linux host. 2015-08-13 17:07:43 -07:00
vishalnayak
ffaf80167d Vault SSH: CLI embellishments 2015-08-13 16:55:47 -07:00
vishalnayak
3958136a78 Vault SSH: Introduced allowed_users option. Added helpers getKey and getOTP 2015-08-13 14:18:30 -07:00
Caleb Tennis
d009d79696 Fix #533, add a reader for lease values (#529) and an acceptance test for mysql to prove it works 2015-08-13 15:33:06 -04:00
vishalnayak
9b1ea2f20c Vault SSH: Helper for OTP creation and role read 2015-08-13 11:12:30 -07:00
vishalnayak
3d77058773 Vault SSH: Mandate default_user. Other refactoring 2015-08-13 10:36:31 -07:00
vishalnayak
2dd82aeb9a Vault SSH: cidr to cidr_list 2015-08-13 08:46:55 -07:00
vishalnayak
1a1ce742dd Vault SSH: Default lease duration, policy/ to role/ 2015-08-12 17:36:27 -07:00
vishalnayak
d1b75e9d28 Vault SSH: Default lease of 5 min for SSH secrets 2015-08-12 17:10:35 -07:00
vishalnayak
f74a0c9bfa Vault SSH: Exposed verify request/response messges to agent 2015-08-12 13:22:48 -07:00
vishalnayak
67b705565e Vault SSH: Added SSHAgent API 2015-08-12 10:48:58 -07:00
vishalnayak
2ac3cabf87 Merging changes from master 2015-08-12 09:28:16 -07:00
vishalnayak
18db544d26 Vault SSH: Website doc v1. Removed path_echo 2015-08-12 09:25:28 -07:00
Erik Kristensen
d6f8a699cb adding basic tests 2015-08-06 17:50:34 -06:00
Erik Kristensen
d877b713e9 initial pass at JWT secret backend 2015-08-06 17:49:44 -06:00
vishalnayak
b5c3624f2e Merging with master 2015-08-06 18:44:40 -04:00
vishalnayak
044a2257e7 Vault SSH: Automate OTP typing if sshpass is installed 2015-08-06 17:00:50 -04:00
vishalnayak
0542fd8389 Vault SSH: uninstall dynamic keys using script 2015-08-06 15:50:12 -04:00
vishalnayak
c26782acad Vault SSH: Script to install dynamic keys in target 2015-08-06 14:48:19 -04:00
Paul Hinze
0d4aa51855 Update vault code to match latest aws-sdk-go APIs 2015-08-06 11:37:08 -05:00
Seth Vargo
070d45456a Update to latest aws and move off of hashicorp/aws-sdk-go 2015-08-06 12:26:41 -04:00
vishalnayak
607732261b Vault SSH: Added 'echo' path to SSH 2015-08-04 15:30:24 -04:00
vishalnayak
f50193efe1 Vault SSH: Testing OTP creation 2015-08-03 19:04:07 -04:00
vishalnayak
552853d995 Vault SSH: CRUD tests for named keys 2015-08-03 16:18:14 -04:00
vishalnayak
2b76d37f14 Vault SSH: CRUD test for lookup API 2015-08-03 11:22:00 -04:00
vishalnayak
e9826c635c Vault SSH: CRUD test for dynamic role 2015-07-31 15:17:40 -04:00
vishalnayak
8dbbb8b8e6 Vault SSH: CRUD test case for OTP Role 2015-07-31 13:24:23 -04:00
vishalnayak
9aa02ad560 Vault SSH: Review Rework 2015-07-29 14:21:36 -04:00
Vishal Nayak
11a6c6de12 Vault SSH: Refactoring 2015-07-27 16:42:03 -04:00
Vishal Nayak
6a91529f4e Vault SSH: admin_user/default_user fix 2015-07-27 15:03:10 -04:00
Vishal Nayak
6c5548ca7b Vault SSH: Refactoring 2015-07-27 13:02:31 -04:00
Vishal Nayak
0a4854e542 Vault SSH: Dynamic Key test case fix 2015-07-24 12:13:26 -04:00
Vishal Nayak
9d4c5f718b Vault SSH: keys/ designated special path 2015-07-23 18:12:13 -04:00
Vishal Nayak
3a1eaf1869 Vault SSH: Support OTP key type from CLI 2015-07-23 17:20:28 -04:00
Vishal Nayak
795d1a8d40 Vault SSH: Added vault server otp verify API 2015-07-22 16:00:58 -04:00
Vishal Nayak
ef05fe4051 Vault SSH: Vault agent support 2015-07-22 14:15:19 -04:00
Vishal Nayak
47a9f548fe Vault SSH: Refactoring and fixes 2015-07-10 18:44:31 -06:00
Vishal Nayak
eb0f119491 Vault SSH: Backend and CLI testing 2015-07-10 16:18:02 -06:00
Vishal Nayak
c25525a22a Vault SSH: Test case skeleton 2015-07-10 09:56:14 -06:00
Vishal Nayak
6f86d32089 Vault SSH: Made port number configurable 2015-07-06 16:56:45 -04:00
Vishal Nayak
2bc139dfd1 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-06 11:05:08 -04:00
Armon Dadgar
c062345146 secret/transit: address PR feedback 2015-07-05 19:58:31 -06:00
Armon Dadgar
f2c7ba9357 secret/transit: use base64 for context to allow binary 2015-07-05 14:37:51 -07:00
Armon Dadgar
3af435d4b5 secret/transit: testing key derivation 2015-07-05 14:30:45 -07:00
Armon Dadgar
1ef4049f17 secret/transit: support key derivation in encrypt/decrypt 2015-07-05 14:19:24 -07:00
Armon Dadgar
d50eb96448 secret/transit: check for context for derived keys 2015-07-05 14:12:07 -07:00
Armon Dadgar
0a7fe56e0a secret/transit: support derived keys 2015-07-05 14:11:02 -07:00
Vishal Nayak
280efd28f6 Vault SSH: PR review rework: Formatting/Refactoring 2015-07-02 19:52:47 -04:00
Vishal Nayak
5868213267 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-02 17:23:13 -04:00
Vishal Nayak
fbaea45101 Vault SSH: PR review rework 2015-07-02 17:23:09 -04:00
Jeff Mitchell
db1b4aadf9 Fix regexes to allow hyphens in role names, as the documentation shows 2015-07-01 20:39:18 -05:00
Vishal Nayak
2ebd10cdf4 Vault SSH: review rework: formatted and moved code 2015-07-01 21:26:42 -04:00
Vishal Nayak
e6e243b4ca Vault SSH: Regex supports hypen in key name and role names 2015-07-01 21:05:52 -04:00
Vishal Nayak
57174693ce Vault SSH: replaced concatenated strings by fmt.Sprintf 2015-07-01 20:35:11 -04:00
Vishal Nayak
13ab7fc40b Vault SSH: PR review rework - 1 2015-07-01 11:58:49 -04:00
Vishal Nayak
af03222a3e For SSH backend, allow factory to be provided instead of Backend 2015-07-01 09:37:11 -04:00
Vishal Nayak
b6293662f2 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-07-01 09:31:25 -04:00
Armon Dadgar
6a9dc00e57 Remove SetLogger, and unify on framework.Setup 2015-06-30 17:45:20 -07:00
Armon Dadgar
22f543f837 Updating for backend API change 2015-06-30 17:36:12 -07:00
Vishal Nayak
d258b1819a lease handling fix 2015-06-30 20:21:41 -04:00
Vishal Nayak
b821a8e872 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-30 18:33:37 -04:00
Vishal Nayak
2163818bd6 Input validations, help strings, default_user support 2015-06-30 18:33:17 -04:00
Armon Dadgar
e9f05fbe4f helper/uuid: single generateUUID definition 2015-06-30 12:38:32 -07:00
Jeff Mitchell
5df856b519 Put timestamp back into the username. Since Cassandra doesn't support expiration, this can be used by scripts to manually clean up old users if revocation fails for some reason. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-30 11:15:46 -04:00
Jeff Mitchell
035c430eb2 Address some issues from code review. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-30 09:27:23 -04:00
Jeff Mitchell
1faaf20b92 A Cassandra secrets backend. 
Supports creation and deletion of users in Cassandra using flexible CQL queries.

TLS, including client authentication, is supported.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-30 09:04:01 -04:00
Vishal Nayak
756be6976d Refactoring changes 2015-06-29 22:00:08 -04:00
Vishal Nayak
208e068138 SCP in pure GO and CIDR parsing fix 2015-06-29 11:49:34 -04:00
Vishal Nayak
5da639feff Creating SSH keys and removal of files in pure 'go' 2015-06-26 15:43:27 -04:00
Vishal Nayak
7dbad8386c ssh/lookup implementation and refactoring 2015-06-25 21:47:32 -04:00
Vishal Nayak
e90fb0cc09 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-24 18:13:26 -04:00
Vishal Nayak
4b07eba487 POC: Rework. Doing away with policy file. 2015-06-24 18:13:12 -04:00
Jeff Mitchell
d8ed14a603 Merge remote-tracking branch 'upstream/master' into f-pki 2015-06-19 13:01:26 -04:00
Vishal Nayak
9d709bd5a9 SSHs to multiple users by registering the respective host keys 2015-06-19 12:59:36 -04:00
Jeff Mitchell
435aefc072 A few things: 
* Add comments to every non-obvious (e.g. not basic read/write handler type) function
* Remove revoked/ endpoint, at least for now
* Add configurable CRL lifetime
* Cleanup
* Address some comments from code review

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-19 12:48:18 -04:00
Vishal Nayak
5cd9b7a7d8 merging with master 2015-06-18 20:51:11 -04:00
Vishal Nayak
fe5bb20e92 Roles, key renewal handled. End-to-end basic flow working. 2015-06-18 20:48:41 -04:00
Jeff Mitchell
23ba605068 Refactor to allow only issuing CAs to be set and not have things blow up. This is useful/important for e.g. the Cassandra backend, where you may want to do TLS with a specific CA cert for server validation, but not actually do client authentication with a client cert. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-18 15:22:58 -04:00
Vishal Nayak
f2ace92e98 Implementation for storing and deleting the host information in Vault 2015-06-17 22:10:47 -04:00
Armon Dadgar
96119946f3 secret/transit: allow policies to be upserted 2015-06-17 18:51:05 -07:00
Armon Dadgar
9238c6def3 secret/transit: Use special endpoint to get underlying keys. Fixes #219 2015-06-17 18:42:23 -07:00
Vishal Nayak
c1880de3d1 Merge branch 'master' of https://github.com/hashicorp/vault into vishalvault 2015-06-17 20:34:56 -04:00
Vishal Nayak
fa83fe89f0 Received OTK in SSH client. Forked SSH process from CLI. Added utility file for SSH. 2015-06-17 20:33:03 -04:00
Armon Dadgar
28dd283c93 builtin: fixing API change in logical framework 2015-06-17 14:34:11 -07:00
Armon Dadgar
05fa4a4a48 secret/postgres: Ensure sane username length. Fixes #326 2015-06-17 13:31:56 -07:00
Jeff Mitchell
31e680048e A lot of refactoring: move PEM bundle parsing into helper/certutil, so that it is usable by other backends that want to use it to get the necessary data for TLS auth. 
Also, enhance the raw cert bundle => parsed cert bundle to make it more useful and perform more validation checks.

More refactoring could be done within the PKI backend itself, but that can wait.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-17 16:07:20 -04:00
Vishal Nayak
fb866f9059 Added: Ssh CLI command and API, config lease impl, sshConnect path to backend, http handler for Ssh connect 2015-06-17 12:39:49 -04:00
Vishal Nayak
647f3a59d9 Vault SSH: POC Stage 1. Skeleton implementation. 2015-06-16 16:58:54 -04:00
Jeff Mitchell
a2b3e1302a A bunch of cleanup and moving around. logical/certutil is a package that now has helper functions 
useful for other parts of Vault (including the API) to take advantage of.

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-16 13:43:12 -04:00
Jeff Mitchell
8b55d33722 Erp, forgot this feedback... 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 23:16:13 -04:00
Jeff Mitchell
64c8a437e9 Add locking for revocation/CRL generation. I originally was going to use an RWMutex but punted, because it's not worth trying to save some milliseconds with the possibility of getting something wrong. So the entire operations are now wrapped, which is minimally slower but very safe. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 22:28:13 -04:00
Jeff Mitchell
722eca1367 Address most of Armon's initial feedback. 
Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-11 21:57:05 -04:00
Jeff Mitchell
20ac7a46f7 Add acceptance tests 
* CA bundle uploading
* Basic role creation
* Common Name restrictions
* IP SAN restrictions
* EC + RSA keys
* Various key usages
* Lease times
* CA fetching in various formats
* DNS SAN handling

Also, fix a bug when trying to get code signing certificates.

Not tested:
* Revocation (I believe this is impossible with the current testing framework)

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Jeff Mitchell
530b67bbb9 Initial PKI backend implementation. 
Complete:
* Up-to-date API documents
* Backend configuration (root certificate and private key)
* Highly granular role configuration
* Certificate generation
* CN checking against role
* IP and DNS subject alternative names
* Server, client, and code signing usage types
* Later certificate (but not private key) retrieval
* CRL creation and update
* CRL/CA bare endpoints (for cert extensions)
* Revocation (both Vault-native and by serial number)
* CRL force-rotation endpoint

Missing:
* OCSP support (can't implement without changes in Vault)
* Unit tests

Commit contents (C)2015 Akamai Technologies, Inc. <opensource@akamai.com>
 2015-06-08 00:06:09 -04:00
Jonathan Sokolowski
dd7d64dd80 logical/consul: Combine policy and lease into single storage struct 2015-05-28 09:36:23 +10:00
Jonathan Sokolowski
6814b0d63e logical/consul: custom lease time for roles 2015-05-27 09:53:46 +10:00
Armon Dadgar
478a5965ee secret/aws: Using roles instead of policy 2015-04-27 14:20:28 -07:00
Armon Dadgar
aaf10cd624 Do not root protect role configurations 2015-04-27 14:07:20 -07:00
Armon Dadgar
3330d43d44 secret/postgres: secret/mysql: roles endpoints root protected 2015-04-27 14:04:10 -07:00
Armon Dadgar
f159750509 secret/consul: replace policy with roles, and prefix the token path 2015-04-27 13:59:56 -07:00
Armon Dadgar
d425ca22df secret/transit: rename policy to keys 2015-04-27 13:52:47 -07:00
Armon Dadgar
39f014e0b6 secret/transit: Adding more help. Fixes #41 2015-04-27 12:47:09 -07:00
Armon Dadgar
212aa9fb5b secret/postgresql: testing support for multiple statements 2015-04-27 12:00:07 -07:00
Armon Dadgar
db5f74f6b4 secret/postgresql: support multiple sql statements 2015-04-27 11:31:27 -07:00
Armon Dadgar
9a156ac246 mysql: cleanup 2015-04-27 11:31:11 -07:00
Armon Dadgar
d69a7ba697 logical/consul: Added missing policy endpoints 2015-04-27 11:08:37 -07:00
Armon Dadgar
56adae843b secret/mysql: improve the example statement 2015-04-25 12:58:50 -07:00
Armon Dadgar
b1e3ec15a5 secret/mysql: adding acceptance test 2015-04-25 12:56:23 -07:00
Armon Dadgar
c237c8c258 secret/mysql: fixing mysql oddities 2015-04-25 12:56:11 -07:00
Armon Dadgar
d9e313c120 secret/mysql: initial pass at mysql secret backend 2015-04-25 12:05:26 -07:00
Mitchell Hashimoto
8bc94fffd0 logical/postgresql: when renewing, alter the valid until 2015-04-18 22:55:33 -07:00
Mitchell Hashimoto
3bec79d857 logical/consul: leasing 2015-04-18 22:29:46 -07:00
Mitchell Hashimoto
b37f8332ed logical/consul: config/access is the new path for config 2015-04-18 22:28:53 -07:00
Mitchell Hashimoto
ec452d8b9a logical/aws: leasing/renewal support 2015-04-18 22:25:37 -07:00
Mitchell Hashimoto
a9ef546459 logical/aws: fix build 2015-04-18 22:22:35 -07:00
Mitchell Hashimoto
06c4e52377 logical/aws: move root creds config to config/root 2015-04-18 22:21:31 -07:00
Mitchell Hashimoto
710a5b1464 logical/aws: support read/delete policies 2015-04-18 22:13:12 -07:00
Mitchell Hashimoto
65de2d6375 logical/postgresql: support deleting roles and reading them 2015-04-18 21:59:59 -07:00
Mitchell Hashimoto
9798b5106a logical/postgresql: renew for secret 2015-04-18 21:47:19 -07:00
Mitchell Hashimoto
22d959e313 logical/postgresql: leasing 2015-04-18 21:45:05 -07:00
Mitchell Hashimoto
0e5a5880e5 logical/postgres: no session limit 2015-04-18 18:42:57 -07:00
Mitchell Hashimoto
90936ff77c logical/postgers: update docs properly 2015-04-18 18:42:26 -07:00
Mitchell Hashimoto
2312cef959 logical/postgresql: leases 2015-04-18 18:40:03 -07:00
Mitchell Hashimoto
f640048fad logical/postgresql: create DB credentials 2015-04-18 18:37:27 -07:00
Mitchell Hashimoto
979e42be35 logical/postgresql: creating roles 2015-04-18 18:09:33 -07:00
Mitchell Hashimoto
adbc734791 logical/postgresql: connection 2015-04-18 17:34:36 -07:00
Armon Dadgar
d02028a0e4 Adding transit logical backend 2015-04-15 17:08:12 -07:00
Armon Dadgar
59073cf775 logical/aws: Use display name for IAM username 2015-04-15 15:05:00 -07:00
Armon Dadgar
006cb08853 logical/consul: Use the DisplayName for the ACL token name 2015-04-15 15:03:05 -07:00
Mitchell Hashimoto
c30d877fa4 rename vault id to lease id all over 2015-04-10 20:35:14 -07:00
Mitchell Hashimoto
d9e38470a8 logical/framework: better string values for types 2015-04-03 21:15:59 -07:00
Mitchell Hashimoto
105e68387a logical/aws: help 2015-04-03 21:10:54 -07:00
Mitchell Hashimoto
e56b16b6d7 logical/framework: support root help 2015-04-03 20:36:47 -07:00
Mitchell Hashimoto
630da54522 logical/aws: policy doesn't need to be base64 2015-03-31 17:26:41 -07:00
Mitchell Hashimoto
7fa65ef5b0 logical/*: fix compilation errors 2015-03-30 20:30:07 -07:00
Mitchell Hashimoto
39f2da0fbe command: unit tests pass 2015-03-29 16:20:34 -07:00
Mitchell Hashimoto
3b702cc14d logical/consul: actual test that the token works 2015-03-21 17:23:44 +01:00
Mitchell Hashimoto
07f8e262fe logical/consul 2015-03-21 17:19:37 +01:00
Mitchell Hashimoto
c3342cd344 logical/aws: refactor access key create to the secret file 2015-03-21 11:49:56 +01:00
Mitchell Hashimoto
f08879971e logical/aws: remove debug I was using to test rollback :) 2015-03-21 11:20:22 +01:00
Mitchell Hashimoto
f99f6c910e logical/aws: WAL entry for users, rollback 2015-03-21 11:18:46 +01:00
Mitchell Hashimoto
ac8570c809 main: enable AWS backend 2015-03-20 19:32:18 +01:00
Mitchell Hashimoto
3456d9276c logical/aws 2015-03-20 19:03:20 +01:00