mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-16 11:37:04 +02:00
Code Issues Projects Releases Wiki Activity
10,543 Commits 2,843 Branches 445 Tags 454 MiB
68b40b814c
Commit Graph

1675 Commits

Author SHA1 Message Date
David Jiang
c06b46164f Update base64 decrypt command documentation (#6614) 
* Update base64 decrypt command

* update to use --decode

* Apply suggestions from code review

Co-Authored-By: djiang <djiang09@gmail.com>
 2019-04-18 22:40:13 -07:00
Chris Hoffman
58578106dc
Adding common prefix known issue to upgrade guide (#6575) 
* Adding common prefix known issue to upgrade guide

* addressing feedback
 2019-04-16 21:15:39 -04:00
Brian Kassouf
538c3f50d8
Add known issue section to the upgrade guide (#6593) 2019-04-16 10:53:06 -07:00
Jeff Mitchell
8054cc660f Update to api 1.0.1 and sdk 0.1.8 2019-04-15 14:10:07 -04:00
Becca Petrin
936192c392
Merge pull request #6268 from hashicorp/6234-aws-region 
Add region to CLI for generating AWS login data
 2019-04-12 16:15:38 -07:00
Jeff Mitchell
170521481d
Create sdk/ and api/ submodules (#6583) 2019-04-12 17:54:35 -04:00
Jim Kalafut
451f2a6f36
Update JWT docs for bound_claims improvements (#6559) 2019-04-12 14:08:02 -07:00
Becca Petrin
cd37917df5 Merge branch 'opensource-master' into 6234-aws-region 2019-04-12 11:13:17 -07:00
Brian Kassouf
8bb77ab973
Add upgrade guide for 1.1.1 (#6573) 2019-04-11 17:34:40 -07:00
Jeff Mitchell
729910a068 Update audit hmac'ing information on website docs 2019-04-11 16:38:43 -04:00
Jim Kalafut
b10dc70dce
Minor updates to OIDC docs (#6551) 2019-04-08 15:08:55 -07:00
Calvin Leung Huang
0405186d0d docs: add Usage section in Namespaces docs (#6542) 2019-04-06 12:22:48 -04:00
Becca Petrin
8d7d80bb28 Merge branch 'opensource-master' into 6234-aws-region 2019-04-03 11:37:33 -07:00
Jan Brun Rasmussen
678bf7d0cf Update OIDC docs for Azure (#6524) 
Add section for configuration of external groups for Azure AD
 2019-04-03 08:27:55 -07:00
Naoki Ainoya
f3edfcfef9 fix typo in gcpckms.html.md, cloudkms.cryptoKeys.get (#6515) 
ref: https://github.com/hashicorp/vault/pull/6327/files#r270674452
 2019-04-02 10:45:23 -07:00
Gavin Williams
f24b46b111 [docs] Fix a minor issue with Azure secrets docs (#6517) 
This will ensure that the docs render correctly.
 2019-04-02 10:09:07 -05:00
Jim Kalafut
dd12ffd15c
Clarify config option wording (#6503) 
Fixes #6123
 2019-04-01 16:14:12 -07:00
ncabatoff
c1f687c5e2 Highlight a sometimes surprising Vault behaviour: token revocation leads (#6489) 
to lease revocation.
 2019-04-01 15:34:30 -07:00
Becca Petrin
043ca6263e merge master 2019-04-01 13:52:44 -07:00
Alessandro De Blasis
14138f66c9 agent: allow AppRole Auto-Auth when bind_secret_id = false (#6324) 
* agent: allow AppRole Auto-Auth when bind_secret_id = false
 2019-04-01 16:27:54 -04:00
Daniel Andrei Mincă
2afc84765e grammar fix and space stripping (#6507) 
- remove the 'a' and comma from 'When using a Auto Unseal, there are...'
  because everything needs to be in a single sentence
- strip extra spaces after end of propositions (there were 2 spaces
  instead of normally 1)

Resolves:
Related:
Signed-off-by: Daniel Andrei Minca <mandrei17@gmail.com>
 2019-04-01 08:23:46 -04:00
Matias Ozdy
3b0bb64c2a Add missing = in dynamodb_table tf (#6493) 2019-03-28 08:24:56 -07:00
Jim Kalafut
225676ae98
Update OIDC docs (#6485) 2019-03-27 11:47:05 -07:00
Thomas Kula
061c390009 Small typo fix to transit.html.md (#6482) 2019-03-26 17:32:26 -05:00
ncabatoff
c4f1f157f2 Document sentinel namespace "token.namespace". (#6429) 2019-03-26 12:22:49 -07:00
Ryan Canty
92047cf149 Fixed typo in GCP auth docs (#6461) 
* Fixed typo in GCP auth docs
 2019-03-25 14:12:09 -04:00
Jeff Mitchell
6da6250754 Update text around seal migration in 1.1 2019-03-25 12:44:22 -04:00
Sean Malloy
ffd437aa60 Add Docs For Prometheus Metrics (#6434) 
Prometheus metrics were added as part of the Vault v1.1.0 release in PR #5308.
But no documentation was created. Adds the telemetry configuration docs and
the API docs.
 2019-03-23 16:53:43 -05:00
Alex Sherwin
fb17862936 Fixed grammatical issue in Auth Methods overview (#6456) 2019-03-22 10:36:14 -05:00
Jeff Mitchell
7542d1fbe9 Minor updates to JWT docs 2019-03-22 01:15:59 -04:00
Alex Sherwin
9e7574d898 Fixing grammar in behavioral overview (#6451) 2019-03-21 20:49:52 -07:00
Daniel Santos
703ac08a88 Fix misleading Agent Auth Overview doc page (#6443) 
* Fix misleading Agent Auth Overview doc page

The example configuration in the Vault Agent Overview page is using wrong syntax
The configuration block is `cache` but doc is referencing it as `caching`

* Update website/source/docs/agent/index.html.md

Co-Authored-By: danlsgiga <danlsgiga@gmail.com>
 2019-03-20 12:42:31 -04:00
Jim Kalafut
b69038248f
Remove beta docs (#6431) 2019-03-18 16:38:54 -07:00
Brian Shumate
e3b68c9a3a Minor grammar edits 2019-03-18 16:07:10 -04:00
Jeff Mitchell
74ba4f72aa Prep for release 2019-03-18 15:16:30 -04:00
ncabatoff
351327867f
Move listener config from 'cache' block to top-level 'listener' blocks. Allow cache without auto-auth. (#6421) 
* Since we want to use the Agent listener for #6384, move listener config
from top-level 'cache' block to new top-level 'listeners' block.

* Make agent config allow cache and listener blocks without auto-auth
configured.
 2019-03-15 14:58:53 -04:00
Michel Vocks
9fb7285030 Docs: Update Agent overview page (#6420) 
* Updated agent docs

* Updated overview agent page

* Updated complete links to short links
 2019-03-15 12:33:31 -04:00
Vishal Nayak
3c7c593bca Agent: Listener refactoring and socket file system permissions (#6397) 
* Listener refactoring and file system permissions

* added listenerutil and move some common code there

* Added test for verifying socket file permissions

* Change default port of agent to 8200

* address review feedback

* Address review feedback

* Read socket options from listener config
 2019-03-14 11:53:14 -07:00
Jeff Mitchell
d946ceb4fb Fix table 2019-03-14 12:24:11 -04:00
Jeff Mitchell
daa1905662 Add namespace properties to Sentinel docs 2019-03-14 12:22:02 -04:00
Juan Fontes
4c243a5987 Update aws docs (#6408) 2019-03-13 17:31:22 -07:00
Jeff Mitchell
a94a4b8140 Add a bit on testing upgrades in advance 2019-03-09 11:57:51 -05:00
Jeff Mitchell
57aab50175 Update login command docs 2019-03-08 15:37:38 -05:00
Yoko
3e12bc1dec policy capabilities: write --> update (#6373) 2019-03-07 16:34:47 -05:00
Eero Niemi
0fffc097b9 Fixed typo (#6363) 
Fixed typo, rolset -> roleset
 2019-03-07 09:50:13 -05:00
Becca Petrin
07b18eef6b
update path for mounting plugin (#6351) 2019-03-06 15:57:03 -08:00
Calvin Leung Huang
0af9f6ec26
docs/agent-caching: update cache-clear endpoint (#6354) 2019-03-06 11:13:43 -08:00
Becca Petrin
1503c69fd9
update partnership doc (#6352) 2019-03-06 10:27:12 -08:00
Calvin Leung Huang
5d375a8edd docs/agent-caching: add note about compatibility with older server versions 2019-03-05 14:12:04 -08:00
Vishal Nayak
c00c00ba94
Agent Cache doc updates (#6331) 
* Agent Cache doc updates

* doc update

* Add renewal management section

* doc updates

* paraphrase the orphan token case
 2019-03-05 15:19:52 -05:00
Vishal Nayak
c14e61c16e
Change agent's port to 8007 (#6348) 2019-03-05 12:57:17 -05:00
Jim Kalafut
b125e73ed4
Update JWT plugin dependency and docs (#6345) 2019-03-05 09:46:04 -08:00
Becca Petrin
74037a92d0 merge master 2019-03-05 09:39:53 -08:00
Chris Hoffman
8b4e30c1a1
Transit Auto Seal Docs (#6332) 
* adding transit seal docs

* add missing backtick
 2019-03-05 08:45:44 -05:00
Naoki Ainoya
bead976466 fix doc to add missing permission to use gcpkms seal (#6327) 2019-03-04 11:46:06 -05:00
Becca Petrin
b7eb95e52d
Merge pull request #6224 from hashicorp/dp.fix-consul-storage-doc-6171 
Fix example in documentation. Resolves [issue 6171]
 2019-02-28 09:55:55 -08:00
Becca Petrin
73a2280626
Support env vars for STS region (#6284) 2019-02-28 09:31:06 -08:00
Andrey Kuzmin
4bd2a6a305 Etcd timeouts (#6285) 
* Configurable lock and request etcd timeouts.

If etcd cluster placed on slow servers - request timeouts may be much greater, then hardcoded default values.
Also, in etcd setup, like above - may be need to greater lock timeout.

* Configurable lock and request etcd timeouts.

Docs.

* Use user friendly timeout syntax.

To allow specify more readable time values.
 2019-02-27 18:34:29 -08:00
Jon Currey
30d0235360 Fix typo on Seal page of concepts docs (#6290) 2019-02-27 18:27:36 -08:00
John O'Sullivan
f3eaa90c46 Documenting -dev-plugin-dir vault server option (#6307) 
Based on an answer from Brian Kassouf on the Google Group: https://groups.google.com/d/msg/vault-tool/7Qf9Hn1w3jA/yGUIKZxHGAAJ
 2019-02-27 18:24:49 -08:00
vishalnayak
04d118ecf1 Agent caching docs superscript beta 2019-02-26 10:36:24 -05:00
vishalnayak
d551ebd31b Add Beta superscript to caching docs 2019-02-26 10:28:55 -05:00
vishalnayak
f021fffabe Agent doc update for beta testers 2019-02-26 10:20:55 -05:00
vishalnayak
603199c2cc Change agent's default port number to 8100 2019-02-26 10:02:12 -05:00
Calvin Leung Huang
d4e305f53e Agent caching docs (#6272) 
* WIP agent caching docs

* More docs updates

* Add caching/index.html to docs_detailed_categories.yml

* Some more docs updates

* Some more docs updates

* updates

* address review feedback

* fix sample config

* Update website/source/docs/agent/caching/index.html.md

Co-Authored-By: calvn <cleung2010@gmail.com>

* fix config for sidebar display

* Add environment variable to the docs
 2019-02-26 09:57:17 -05:00
Jim Kalafut
90898851f5
Update JWT docs for OIDC feature (#6270) 2019-02-21 17:06:23 -08:00
Becca Petrin
10551cb1d2 add note about sts region to doc 2019-02-21 16:57:52 -08:00
Chris Hoffman
362c56657c
adding 1.1 upgrade docs (#6279) 2019-02-21 17:41:06 -05:00
Becca Petrin
99bd2afbb3 allow aws region in cli login 2019-02-20 16:43:21 -08:00
dp-h
9900b6709b Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]" 
This reverts commit 7726fdd1aa.

Revert to go through proper PR. Apologies.
 2019-02-14 13:40:17 -07:00
Brian Shumate
a4b63b5187 Update configuration/listener documentation (#6228) 
- Clarify that PROXY protocol version 1 is currently supported
- Add missing backtick to fix formatting issue
 2019-02-13 09:27:05 -05:00
dp-h
7726fdd1aa Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 17:05:31 -07:00
dominic
7a380c71e3 Revert "Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171]" 
This reverts commit b275f2a1e6.

Pushed to master, my apologies. Will do proper PR for this.
 2019-02-12 16:49:34 -07:00
dominic
b275f2a1e6 Add trailing slash for example in Vault Consul Storage Backend documentation. Fixes [issue 6171] 2019-02-12 16:47:17 -07:00
vishalnayak
2cc38dd25e Update transit docs 2019-02-12 14:27:17 -05:00
Graham Land
1c2c8fad34 Add Vault supported log levels (#6185) 
Documentation : Add the supported log level configurations

`Supported log levels: Trace, Debug, Error, Warn, Info.`
 2019-02-07 11:27:08 -08:00
Eero Niemi
8f1f0d7aab Fixed typo (newtwork -> network) (#6177) 2019-02-07 13:06:38 -05:00
Jeff Mitchell
f472965f24 Remove refresh_interval from kvv1 API docs and CLI docs since kv get doesn't use it 2019-02-06 21:51:08 -05:00
d
33b18b24b0 Revert "fixed trailing slash in consul.html.md example" 
This reverts commit 4310bb58c8.

Accidental push to master, my apologies. See PR https://github.com/hashicorp/vault/pull/6175
 2019-02-05 17:42:15 -07:00
Dominic Porreco
4310bb58c8 fixed trailing slash in consul.html.md example 2019-02-05 17:01:39 -07:00
Yoko
0da50446f5
Adding a mention for 'kv-v2' as type (#6151) 2019-02-01 11:26:08 -08:00
Jeff Mitchell
0569b7fe5b Remove regenerate-key docs as it no longer exists 2019-02-01 09:29:40 -05:00
Donald Guy
977ce260ad Docs: Azure auth example using metadata service (#6124) 
There are probably better ways to massage this but I think it would be helpful to have something like this included
 2019-01-30 12:13:39 -08:00
Brian Shumate
8a1ef9051b Update documentation for command operator unseal (#6117) 
- Add migrate command option
 2019-01-28 10:27:51 -05:00
Gordon Shankman
91a37b23cc Adding support for SSE in the S3 storage backend. (#5996) 2019-01-26 16:48:08 -05:00
Calvin Leung Huang
a15ed85273 docs: update agent sample config (#6096) 2019-01-24 07:25:03 -05:00
Jeff Mitchell
a8b3bc9301
Update to latest etcd and use the new repository packages (#6087) 
This will be necessary for go mod work

Additionally, the srv api has changed. This adapts to it.
 2019-01-23 14:35:03 -05:00
gitirabassi
3af9be4691 small fixes to docs and indexes 2019-01-18 02:14:57 +01:00
Yoko
d5668f47ca
Adding the CLI flag placement info (#6027) 
* Adding the CLI flag placement info

* Adding the definition of 'options' and 'args'

* tweaked the wording a little bit

* Added more description in the example

* Added a link to 'Flags' in the doc for options def
 2019-01-15 11:24:50 -08:00
Jim Kalafut
e0269c9e2e
Remove unnecessary permission 2019-01-10 16:18:10 -08:00
Seth Vargo
41d2e31266 Simplify permission requirements for GCP things (#6012) 2019-01-10 10:05:21 -08:00
Yoko
0374114d94
Document upper limit on Transit encryption size (#6014) 2019-01-08 17:57:43 -08:00
Giacomo Tirabassi
726aa02038 Influxdb secret engine built-in plugin (#5924) 
* intial work for influxdb secret plugin

* fixed typo

* added comment

* added documentation

* added tests

* fixed tests

* added vendoring

* minor testing issue with hardcoded values

* minor fixes
 2019-01-08 17:26:16 -08:00
Julien Blache
29471c88e9 FoundationDB backend TLS support and housekeeping (#5800) 
* Fix typo in documentation

* Update fdb-go-install.sh for new release tags

* Exclude FoundationDB bindings from vendoring, delete vendored copy

FoundationDB bindings are tightly coupled to the server version and
client library version used in a specific deployment. Bindings need
to be installed using the fdb-go-install.sh script, as documented in
the foundationdb backend documentation.

* Add TLS support to FoundationDB backend

TLS support appeared in FoundationDB 5.2.4, raising the minimum API version
for TLS-aware FoundationDB code to 520.

* Update documentation for FoundationDB TLS support
 2019-01-08 09:01:44 -08:00
Seth Vargo
0e0f356a47 Fix formatting (#6009) 
The new markdown parser is less forgiving
 2019-01-08 08:51:37 -08:00
Thomas Kula
4fa24dd0d4 Fix small typo in azure.html.md (#6004) 2019-01-07 10:03:22 -05:00
Aric Walker
e65100c315 Remove duplicate "Users can" from policy md (#6002) 2019-01-07 07:02:28 -08:00
Seth Vargo
9293594176 Reduce required permissions for the GCPCKMS auto-unsealer (#5999) 
This changes the behavior of the GCPCKMS auto-unsealer setup to attempt
encryption instead of a key lookup. Key lookups are a different API
method not covered by roles/cloudkms.cryptoKeyEncrypterDecrypter. This
means users must grant an extended scope to their service account
(granting the ability to read key data) which only seems to be used to
validate the existence of the key.

Worse, the only roles that include this permission are overly verbose
(e.g. roles/viewer which gives readonly access to everything in the
project and roles/cloudkms.admin which gives full control over all key
operations). This leaves the user stuck between choosing to create a
custom IAM role (which isn't fun) or grant overly broad permissions.

By changing to an encrypt call, we get better verification of the unseal
permissions and users can reduce scope to a single role.
 2019-01-04 16:29:31 -05:00
Seth Vargo
02f1739155 Fix audit docs (#6000) 
These appear to have been converted to (bad) HTML. This returns them to
their original markdown format.
 2019-01-04 13:45:50 -06:00
Graham Land
431cc5f9a6 Docs: Add Auto Unseal Rekey example (#5952) 
* Add KMS Rekey example

I've had customers looking for AWS KMS rekeying examples today - when using pgp keys.
This example would have clarified what they needed to do.

* Replaced KMS reference with Auto Unseal

``` bash
Rekey an Auto Unseal vault and encrypt the resulting recovery keys with PGP:
```
 2019-01-03 09:23:43 -05:00