mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-23 23:51:08 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,840 Branches 445 Tags
Commit Graph

1798 Commits

Author SHA1 Message Date
vishalnayak
28e6f885ca Perform CRL checking for non-CA registered certs 2016-05-12 14:37:07 -04:00
vishalnayak
33b7c1a641 Name the files based on changed path patterns 2016-05-12 11:52:07 -04:00
vishalnayak
4aa01d390a Update docs and path names to the new patterns 2016-05-12 11:45:10 -04:00
vishalnayak
7a10134f87 Merge branch 'master-oss' into aws-auth-backend 2016-05-10 14:50:00 -04:00
vishalnayak
c1dd991ccf Fix the acceptance tests 2016-05-09 22:07:51 -04:00
vishalnayak
ebaff78305 Call client config internal from the locking method 2016-05-09 21:01:57 -04:00
Jeff Mitchell
9de0ea081a Don't revoke CA certificates with leases. 2016-05-09 19:53:28 -04:00
Jeff Mitchell
0c6f45d94c Update client code to use internal entry fetching 2016-05-09 23:26:00 +00:00
Jeff Mitchell
3ca09fdf30 Merge pull request #1346 from hashicorp/disable-all-caches 
Disable all caches
 2016-05-07 16:33:45 -04:00
Steve Jansen
69740e57e0 Adds sts:AssumeRole support to the AWS secret backend 
Support use cases where you want to provision STS tokens
using Vault, but, you need to call AWS APIs that are blocked
for federated tokens.  For example, STS federated tokens cannot
invoke IAM APIs, such as  Terraform scripts containing
`aws_iam_*` resources.
 2016-05-05 23:32:41 -04:00
Jeff Mitchell
dd5321a86a Switch whitelist to use longest max TTL 2016-05-05 20:44:48 -04:00
Jeff Mitchell
a5cae16b5f Role tag updates 2016-05-05 15:32:14 -04:00
Jeff Mitchell
e83dbbe532 Fix HMAC being overwritten. Also some documentation, and add a lock to role operations 2016-05-05 14:51:09 -04:00
Jeff Mitchell
e7c5966da8 Guard tidy functions 2016-05-05 14:28:46 -04:00
Jeff Mitchell
c41b024f36 More updates to mutexes and adjust blacklisted roletag default safety buffer 2016-05-05 14:12:22 -04:00
Jeff Mitchell
68b76b99c8 Rename identity whitelist and roletag blacklist api endpoints 2016-05-05 13:34:50 -04:00
Jeff Mitchell
3d20107e54 Move some mutexes around 2016-05-05 12:53:27 -04:00
Jeff Mitchell
c4f26c9011 Update some mutexes in client config 2016-05-05 12:44:40 -04:00
Jeff Mitchell
1c60388900 Fall back to non-base64 cert if it can't be decoded (it's checked later anyways) 2016-05-05 11:36:28 -04:00
Jeff Mitchell
96cebf9cd1 Update commenting 2016-05-05 11:22:36 -04:00
Jeff Mitchell
3390dca953 Make the roletag blacklist the longest duration, not least 2016-05-05 11:00:41 -04:00
Jeff Mitchell
9a662ff493 Switch client code to shared awsutil code 2016-05-05 10:40:49 -04:00
Jeff Mitchell
42d9df95c1 Merge branch 'master-oss' into aws-auth-backend 2016-05-05 10:36:06 -04:00
Jeff Mitchell
98d7f52ef2 Merge remote-tracking branch 'origin/master' into aws-cred-chain 2016-05-05 10:31:12 -04:00
Jeff Mitchell
50e3f7d40e Merge remote-tracking branch 'origin/master' into aws-auth-backend 2016-05-05 10:04:52 -04:00
vishalnayak
0481976696 Split SanitizeTTL method to support time.Duration parameters as well 2016-05-05 09:45:48 -04:00
vishalnayak
a74332bb7e Add the steps to generate the CRL test's test-fixture files 2016-05-04 05:48:34 -04:00
vishalnayak
ef83605f58 Change image/ to a more flexible /role endpoint 2016-05-03 23:36:59 -04:00
Jeff Mitchell
88811a4776 Cleanups, add shared provider, ability to specify http client, and port S3 physical backend over 2016-05-03 17:01:02 -04:00
Jeff Mitchell
56cc74887f Region is required so error in awsutil if not set and set if empty in client code in logical/aws 2016-05-03 15:25:11 -04:00
Jeff Mitchell
56011c9443 Refactor AWS credential code into a function that returns a static->env->instance chain 2016-05-03 15:10:35 -04:00
Jeff Mitchell
d3f1176e03 Switch our tri-copy ca loading code to go-rootcerts 2016-05-03 12:23:25 -04:00
Jeff Mitchell
e48cb2e840 Add some more tests around deletion and fix upsert status returning 2016-05-03 00:19:18 -04:00
Jeff Mitchell
027d570f7f Massively simplify lock handling based on feedback 2016-05-02 23:47:18 -04:00
Jeff Mitchell
bf7ad912e1 Remove some deferring 2016-05-02 22:36:44 -04:00
Jeff Mitchell
16267d5115 Change use-hint of lockAll and lockPolicy 2016-05-02 22:36:44 -04:00
Jeff Mitchell
5ec40a14f4 Address review feedback 2016-05-02 22:36:44 -04:00
Jeff Mitchell
c598a12ab9 Switch to lockManager 2016-05-02 22:36:44 -04:00
Jeff Mitchell
3ab71ca239 Address feedback 2016-05-02 22:36:44 -04:00
Jeff Mitchell
634cea72d7 Fix up commenting and some minor tidbits 2016-05-02 22:36:44 -04:00
Jeff Mitchell
32601f4424 Make a non-caching but still locking variant of transit for when caches are disabled 2016-05-02 22:36:44 -04:00
vishalnayak
7945e4668a Allow custom endpoint URLs to be supplied to make EC2 API calls 2016-05-02 17:21:52 -04:00
vishalnayak
e032f9144c Extend the expiry of test-fixture certs of Cert backend 2016-05-02 12:34:46 -04:00
Jeff Mitchell
e198037788 Make GitHub org comparison case insensitive. 
Fixes #1359
 2016-05-02 00:18:31 -04:00
vishalnayak
57e6361b24 Remove unnecessary append call 2016-04-30 03:20:21 -04:00
vishalnayak
bbb3efdc67 Cert backend, CRL tests 2016-04-29 02:32:48 -04:00
vishalnayak
fed55cff94 Ensure that the instance is running during renewal 2016-04-28 16:34:35 -04:00
vishalnayak
0b44a62e8f Added allow_instance_migration to the role tag 2016-04-28 11:43:48 -04:00
vishalnayak
1a3c0a1f3e Change all time references to UTC 2016-04-28 10:19:29 -04:00
vishalnayak
ba88b210e6 Fix the deadlock issue 2016-04-28 01:01:33 -04:00