vault

mirror of https://github.com/hashicorp/vault.git synced 2025-08-18 04:27:02 +02:00

Author	SHA1	Message	Date
Jim Kalafut	f4882fee74	Revert "Add ttl parameter to pki api docs (#5063 )" This reverts commit 7824826ca72c503677559cf9e5c1a7193433b34a.	2018-08-13 09:34:05 -07:00
Yoko	58967f725f	[Guide] Vault Cluster Monitoring Guide (#5084 ) * Vault cluster monitoring guide * Updated the download link * Fixed broken link	2018-08-10 13:52:02 -07:00
Jim Kalafut	7b9fee7b2d	Add RDS notes to MSSQL docs (#5062 )	2018-08-10 08:52:21 -07:00
Jeff Mitchell	dd68f25a67	Website typo fix	2018-08-08 15:53:40 -04:00
Jim Kalafut	179b8c2c1b	Add ttl parameter to pki api docs (#5063 )	2018-08-08 09:12:14 -07:00
Conor Mongey	6ba9aaaa0d	Fix typo: Consult Template -> Consul Template (#5066 )	2018-08-08 09:01:45 -07:00
Ian Grayson	0d5dd986ba	Update policies.html.md (#5007 ) Allow admins to run CLI: `vault secrets list`	2018-08-07 10:35:23 -07:00
Jeff Escalante	b84ef1a814	html syntax corrections (#5009 )	2018-08-07 10:34:35 -07:00
Rob	624636b76f	Update dev-server.html.md (#5035 ) The instructions were in backwards order. #3591	2018-08-07 10:33:30 -07:00
Yoko	6977aa70f1	Typo fix (#5052 )	2018-08-06 15:50:39 -07:00
Yoko	c840cead27	[Guide] Sentinel Policies (#5049 ) * Sentinel policies guide * Typo fix	2018-08-06 15:39:32 -07:00
Yoko	0df3d03797	[Guide] SSH Secrets Engine (#5022 ) * OTP SSH guide * Fixed the required policy * Added the step to restart the SSH server * Update ssh-otp.html.md Just a few edits to highlight its cloud context. Looks great otherwise!	2018-08-06 15:04:24 -07:00
Yoko	a14e5c7ef1	[Guide] Build Your Own CA Guide (#4995 ) * WIP * WIP * WIP - Jake's PKI demo * WIP * PKI secret engine guide * Added little more description about role * Added tidy step * Fixed a broken link	2018-08-06 14:42:46 -07:00
Joshua Ogle	6c00717b01	Better OS highlighting	2018-08-06 12:30:31 -06:00
Joshua Ogle	eea840086c	Javascript refactor for configuration builder	2018-08-06 11:55:36 -06:00
Joshua Ogle	2de4b52860	Better JavaScript line wrapping in configuration	2018-08-03 23:37:58 -06:00
Joshua Ogle	9d3e5db2e5	JS Feedback fixes, make UI default on click	2018-08-03 22:57:17 -06:00
Joshua Ogle	86f70e294a	Merge branch 'master' into oss-download-config-path	2018-08-03 16:53:45 -06:00
Chris Hoffman	7be900fffd	Add Configuration Builder and Better Download page - Make Download Link more prominent on home page - Add UI Demo link to home page - Download page now suggests download based on your current system - Added links for next steps - Added configuration builder form, including downloading your custom config	2018-08-03 16:31:22 -06:00
Olivier Lemasle	31978a402d	Fix two errors in docs (#5042 ) Two small errors in documentation	2018-08-03 14:26:46 -07:00
Jim Kalafut	dbd669103e	Fix docs sidebar layout	2018-08-03 09:15:45 -07:00
Jason Martin	148e212b48	Fix typo in the AWS STS AssumeRole docs. (#5032 )	2018-08-02 22:57:24 -07:00
Gerald	a070299171	Fix gcp auth method link (#5030 )	2018-08-02 22:55:59 -07:00
Jiang Yong	bb196e0576	correct Jenkins policy and mysql secret path when kv put in authentication guide (#5023 ) * correct Jenkins policy and mysql secret path when kv put * add a note for kv-v2 secret	2018-08-02 08:38:51 -07:00
Jeff Mitchell	09f41deedf	Fix website typo	2018-08-01 16:52:11 -04:00
Yoko	5ff52b8b49	[Guide] Identity: Entities & Groups (#4968 ) * Entities & Groups tutorial * Re-wordig the persona section * Incorporated the feedback * Updated the policy requirements * Incorporate the feedback * Fixed grammar * Made the final small adjustments	2018-08-01 11:07:09 -07:00
Raja Nadar	f58b26777f	.net 2.0 standard leap (#5019 ) 2.0 is more conducive for consumers	2018-08-01 08:57:49 -04:00
Yoko	3143a0bcc9	[Guide] Direct App Integration guide (#4948 ) * Direct App Integration guide * Added a tag for step3	2018-07-31 09:19:23 -07:00
Sean Malloy	2794e68049	Fix GCP auth docs typo (#5017 ) The bound_bound_service_accounts parameter does not exist. The correct spelling is bound_service_accounts.	2018-07-31 10:57:34 -04:00
Jeff Mitchell	c1a3e599ca	Add exit-after-auth functionality to agent (#5013 ) This allows it to authenticate once, then exit once all sinks have reported success. Useful for things like an init container vs. a sidecard container. Also adds command-level testing of it.	2018-07-30 10:37:04 -04:00
Pat Downey	cd63f3e6ef	Expand TOFU acronym in AWS auto-auth docs (#5011 )	2018-07-29 18:05:49 -07:00
Yoko	ee8ea88fa6	[Guide] Transit Secrets Engine beginner guide (#4943 ) * Intro to Transit Secrets Engine guide * Added the Katacoda scenario link in the Reference Materials section * Referencig this guide in the existing encryption guides	2018-07-27 16:08:52 -07:00
Michael Herman	1382fa72ed	Update index.html.md (#5005 )	2018-07-27 15:30:59 -04:00
Chris Hoffman	f348177b5d	adding environment to azure auth docs (#5004 )	2018-07-27 08:33:20 -04:00
Chris Hoffman	ec3e571404	adding missing properties (#5003 )	2018-07-27 08:19:12 -04:00
Chris Hoffman	86a0b466f3	adding upgrade guide for 0.10.4 (#4992 )	2018-07-25 12:54:48 -04:00
Jeff Mitchell	903ab7c485	VSI (#4985 )	2018-07-24 22:02:27 -04:00
Chris Hoffman	3ba265cf6a	updating azure auth plugin and docs (#4975 )	2018-07-23 10:00:44 -04:00
Jim Kalafut	ecc622ac43	Add FoundationDB link to sidebar	2018-07-20 20:10:52 -07:00
Yoko	4f9757e53e	Git repo folder name changed (#4969 )	2018-07-20 11:46:12 -07:00
Olivier Lemasle	f09c365ef1	State in docs that FoundationDB backend is community supported (#4964 )	2018-07-20 09:59:13 -04:00
Peter Vandenabeele	9627d55134	Fix small typo in Vault website documentation (#4962 )	2018-07-20 09:57:16 -04:00
Brian Shumate	4bd42b4e3a	Add missing telemetry metrics (#4785 ) * Add missing telemetry metrics - Add merkle related telemetry - Add WAL related telemetry * additional wal metrics * Use correct metrics naming	2018-07-19 18:36:55 -04:00
Chris Hoffman	472c0c83fa	Fixing formatting	2018-07-19 10:36:09 -04:00
Chris Hoffman	140776734b	Adding information on required azure permissions (#4956 )	2018-07-19 10:24:55 -04:00
John Naulty Jr	1caa13c335	fix Issue #4952 static-secrets small typo (#4953 )	2018-07-18 22:36:47 -07:00
Tomohisa Oda	c6fd9f5c90	add sequelize-vault to third-party tools (#4945 )	2018-07-17 21:45:37 -07:00
Yoko	c86840163a	Updated - Secure Introduction to Vault Clients guide (#4944 ) * Incorporated Armon's feedback * Added a diagram	2018-07-17 15:54:48 -07:00
Yoko	838a449c9b	Secure Introduction to Vault Clients Guide (#4871 ) * WIP * WIP - Secure Intro Guide * WIP secure intro guide * WIP Secure Intro Guide * WIP Secure Intro Guide * WIP Secure Intro Guide	2018-07-16 15:17:52 -07:00
Julien Blache	e59d19325c	FoundationDB physical backend (#4900 )	2018-07-16 10:18:09 -04:00
Ram Nadella	e6a4d35bb3	Fix environment mismatch in MySQL cert step (#4835 )	2018-07-16 10:13:44 -04:00
Seth Vargo	c50881b274	Add plugin CLI for interacting with the plugin catalog (#4911 ) * Add 'plugin list' command * Add 'plugin register' command * Add 'plugin deregister' command * Use a shared plugin helper * Add 'plugin read' command * Rename to plugin info * Add base plugin for help text * Fix arg ordering * Add docs * Rearrange to alphabetize * Fix arg ordering in example * Don't use "sudo" in command description	2018-07-13 10:35:08 -07:00
dmicanzerofox	6559f5fe76	PKI Tidy Revocation List optionally Tidy Revoked Certs that are Unexpired (#4916 )	2018-07-13 09:32:32 -04:00
Seth Vargo	c4d57245f2	Update GCP docs (#4898 ) * Consistently use "Google Cloud" where appropriate * Update GCP docs This updates the GCP docs to use the new updated fields that will be present in the next release of the plugin as well as fixes up some inconsistencies between the GCP docs and other auth method documentation.	2018-07-11 15:52:22 -04:00
Jeff Mitchell	6b4f6b9361	Add jwt auth docs (#4891 )	2018-07-11 15:08:49 -04:00
Jeff Mitchell	0883dc3e0b	Fix permitted dns domain handling (#4905 ) It should not require a period to indicate subdomains being allowed Fixes #4863	2018-07-11 12:44:49 -04:00
Md. Nure Alam Nahid	cf587cf525	Add additional config keys for swift (#4901 ) * Add additional config keys for swift * Add additional swift config keys in the doc page	2018-07-11 08:29:29 -07:00
Seth Vargo	1268342acc	Properly capitalize H in GitHub (#4889 ) It's really bothering me, sorry.	2018-07-10 08:11:03 -07:00
Jeff Mitchell	ce81df0ba2	Remove vault.rocks from some that were missed	2018-07-10 10:47:30 -04:00
Jeff Mitchell	5a2d80e487	Allow max request size to be user-specified (#4824 ) * Allow max request size to be user-specified This turned out to be way more impactful than I'd expected because I felt like the right granularity was per-listener, since an org may want to treat external clients differently from internal clients. It's pretty straightforward though. This also introduces actually using request contexts for values, which so far we have not done (using our own logical.Request struct instead), but this allows non-logical methods to still get this benefit. * Switch to ioutil.ReadAll()	2018-07-06 15:44:56 -04:00
Kawsar Kamal	9591e44bef	Fixed example file extensions from .hcl to .json (#4810 )	2018-07-06 08:59:09 -04:00
Chris Bednarski	bebf54c6aa	Added documentation to consul and listener pages explaining how to control Consul's DNS resolution with multiple listeners (#4862 )	2018-07-06 08:51:51 -04:00
Calvin Leung Huang	bc88718d56	Add missing replication props, prettify tables (#4816 ) * Add missing request.replication props, prettify tables * Fix location of replication prop	2018-07-05 16:11:21 -04:00
Chris Hoffman	52a6ea3937	Update docs	2018-07-03 08:28:43 -04:00
Brian Shumate	5c7300323b	Clarify policies note (#4832 ) - Make it even clearer that "*" is the glob character referred to	2018-07-03 08:27:12 -04:00
Jeff Mitchell	24c776180b	Fix tuning visibility in CLI (#4827 ) The API elides the value if it's empty, but empty has meaning. This adds "hidden" as an option which is fundamentally identical to the default.	2018-07-02 12:13:25 -04:00
Yoko	f2fb469c51	Updates made by Michael Lucas (#4855 ) Since this PR was created on behalf of EA and I approve all the changes, I'm merging this.	2018-07-02 08:56:15 -07:00
Chris Hoffman	41ec5bc61d	Clarify performance replication token handling	2018-06-29 09:32:35 -04:00
Chris Hoffman	b9cd68a952	adding sample request to key status api docs (#4853 )	2018-06-29 09:17:51 -04:00
Logan Rakai	984ee07a1c	Typo fix (#4822 )	2018-06-23 16:34:25 -07:00
Logan Rakai	f8ac612eaa	Small grammar fix (#4821 )	2018-06-22 21:59:39 -07:00
Jeff Mitchell	ca67d0df60	Add a warning to syslog Ping #3617	2018-06-22 09:00:07 -04:00
Kevin Hicks	ae72826be1	Fix typos (#4813 )	2018-06-21 12:29:18 -07:00
Yoko	a1a3ca0951	Fixed a typo (#4812 )	2018-06-21 11:11:30 -07:00
Steven Farage	62c472399c	Make documentation match API example (#4809 ) Quick and easy change to make the passwords match.	2018-06-21 10:50:02 -07:00
Yoko	10e725f71d	Vault DR Replication Setup Guide (#4790 ) * WIP DR setup guide * Fix typos * Added the steps to demote & disable primary * Clarified some of the explanation	2018-06-21 08:42:35 -07:00
Becca Petrin	b3a711d717	Add bound cidrs to tokens in AppRole (#4680 )	2018-06-19 22:57:11 -04:00
Becca Petrin	fe3404ad46	clarify aws role tag doc (#4797 )	2018-06-19 15:59:57 -07:00
Becca Petrin	dc88c64c36	Update Active Directory secret engine docs (#4788 ) * active directory rotate root docs * update doc	2018-06-19 09:11:46 -07:00
Calvin Leung Huang	29f5296519	Be explicit about trailing slash on paths for list capability (#4793 )	2018-06-19 12:10:39 -04:00
Jeff Mitchell	df00e62d92	Database updates (#4787 ) * Database updates * Add create/update distinction for connection config * Add create/update distinction for role config * Add db name and revocation statements to leases to give revocation a shot at working if the role has been deleted Fixes #3544 Fixes #4782 * Add create/update info to docs	2018-06-19 11:24:28 -04:00
Ryan Loomba	b2bb13221c	fix typo in Vault Encryption as a Service Guide (#4789 )	2018-06-18 17:32:43 -07:00
Laura Uva	2e24e3dc64	Add example of min_wrapping_ttl and max_wrapping_ttl (#4753 )	2018-06-18 19:59:21 -04:00
Mike Fortuno	43e218e5b1	Update policies.html.md (#4780 ) Policy file name was incorrect, causing instructions to be unclear.	2018-06-15 15:49:09 -07:00
Mr Talbot	042b9d4715	pki: add ext_key_usage to mirror key_usage and add to sign-verbatim (#4777 ) * pki: add ext_key_usage parameter to role * pki: add key_usage and ext_key_usage parameter to sign-verbatim * pki: cleanup code as per comments	2018-06-15 18:20:43 -04:00
Jeff Mitchell	73e8031d35	Mention delegating change password privs in ad docs	2018-06-15 17:01:47 -04:00
Jeff Mitchell	9bed291ce7	Remove msa info from AD page	2018-06-15 16:55:28 -04:00
Jeff Mitchell	6951b70dd9	Add URI SANs (#4767 )	2018-06-15 15:32:25 -04:00
Nándor István Krácser	bd0b7f1861	docs: kv 2 is used by default in the dev server only (#4773 )	2018-06-15 09:09:27 -04:00
Jeff Mitchell	56cb1e05a9	Update index.html.md Fixes #4763	2018-06-14 10:19:38 -04:00
Laura Uva	567824500f	Update kv v2 documentation to better warn and elaborate on changes needed when upgrading a mount from version 1 to version 2 (customer request) (#4754 )	2018-06-13 16:44:15 -07:00
Brian Kassouf	2fbe04132c	Update replication status (#4761 ) * Update replication-performance.html.md * Update replication-dr.html.md * Update replication.html.md * Update replication-dr.html.md * Update replication-dr.html.md * Update replication-performance.html.md * Update replication.html.md	2018-06-13 16:43:39 -07:00
Becca Petrin	53e6dc53e4	add link to api docs (#4757 )	2018-06-13 09:35:37 -07:00
Yoko	0962253c4b	Vault guides example update (#4756 ) * Typos in the sample payload JSON * AWS support files were added * yet another typo	2018-06-13 09:34:07 -07:00
Pavlos Ratis	d39a25cb5c	Use shell highlighting in the command snippets (#4736 )	2018-06-11 08:46:35 -04:00
Tom Schlenkhoff	fd6d75609c	Fix typo (#4738 )	2018-06-11 05:38:21 -07:00
Chris Hoffman	f394cc496d	reorder sidebar	2018-06-08 17:22:27 -04:00
Chris Hoffman	0d9a4142c6	Update gcpckms.html.md	2018-06-08 17:07:59 -04:00
Chris Hoffman	bd4ad80b1b	fix typo	2018-06-08 17:05:17 -04:00
Chris Hoffman	d6d7191978	Adding Azure Key Vault seal docs (#4728 )	2018-06-08 17:04:14 -04:00
Jeff Mitchell	a03f86b6f6	Add missing sidebar links for AD	2018-06-07 10:21:22 -04:00
Brian Shumate	2667a5560e	Tiny formalized edit (#4715 )	2018-06-07 06:44:57 -07:00
Kevin Hicks	284600fbef	update docs and help text to include 'operator' (#4712 )	2018-06-06 21:11:21 -07:00
Jeff Mitchell	070267d1da	Update 0.10.2 upgrade guide	2018-06-06 10:45:15 -04:00
Jeff Mitchell	4bcbc5a784	Transit convergent v3	2018-06-05 18:53:39 -04:00
LeSuisse	8df30fc414	Update usage of deprecated commands rekey and rotate in the documentation (#4703 )	2018-06-05 12:37:26 -04:00
Eli Oxman	d6efc1cff6	Add async python client to docs (#4698 )	2018-06-05 10:23:56 -04:00
Nándor István Krácser	76be6ce5e6	Fix VAULT_LOG_LEVEL in docs (#4696 )	2018-06-05 10:23:32 -04:00
Becca Petrin	063d9ed756	be more explicit about names (#4695 )	2018-06-04 21:34:17 -04:00
amcbarnett	e7335efad4	Update mount-filter.html.md (#4656 )	2018-05-30 08:28:51 -04:00
emily	8568e791dd	Add GCP auth helper (#4654 ) * update auth plugin vendoring * add GCP auth helper and docs	2018-05-29 20:36:24 -04:00
Becca Petrin	648ea3345f	add formatter to ad docs (#4653 )	2018-05-29 16:47:46 -07:00
Eduardo Criado Mascaray	9535f0704b	Fix typo in group parameter in Vault systemd file (#4642 )	2018-05-29 15:04:43 -04:00
Viacheslav Vasilyev	bec5c172fe	Make test-case output a little bit consistent (#4645 ) As well as in some places `-d` were incorrectly replaced with `--data`, sample commands with `accessor` were added	2018-05-29 15:03:33 -04:00
Jeff Mitchell	373a7472e9	Merge pull request #4600 from hashicorp/rekey-verification Rekey verification, allowing new key shares to be confirmed before committing the new key.	2018-05-29 15:00:07 -04:00
Becca Petrin	f6b5cab7ba	Docs for the upcoming Active Directory secrets engine (#4612 )	2018-05-29 08:49:09 -07:00
Jeff Mitchell	6fa29dda67	Merge branch 'master' into rekey-verification	2018-05-29 10:19:57 -04:00
Chris Hoffman	3bdfa4ae0a	pkcs11 docs updates	2018-05-25 15:39:07 -04:00
Becca Petrin	71fb24e5ac	add userpass note on bound cidrs (#4610 )	2018-05-25 14:35:09 -04:00
Jeff Mitchell	c4f8a3a5c3	Changelogify and fix some minor website bits	2018-05-25 10:39:23 -04:00
Nicholas Jackson	61e0eda70c	Breakout parameters for x.509 certificate login (#4463 )	2018-05-25 10:34:46 -04:00
Yoko	7522d56669	Vault Interactive Tutorial updates (#4623 ) * Added more tutorial steps * Updated the step texts	2018-05-24 11:39:02 -07:00
nelson	f87d452d40	Update kv-v2.html.md (#4614 ) correct the payload format for "Configure the KV Engine" and "Update Metadata"	2018-05-24 12:44:44 -04:00
Jeff Mitchell	0545944fc5	Interactive server now uses kvv2 so update text	2018-05-23 09:59:52 -04:00
Chris Hoffman	c42adad873	remove incorrect parameter	2018-05-23 08:58:27 -04:00
Jeff Mitchell	804b5e9bd2	Minor website doc updates	2018-05-22 15:12:12 -04:00
Yoko	d67e3b3200	Seal Wrap / FIPS 140-2 Compliance guide (#4558 ) * WIP - Seal Wrap guide * WIP: Seal Wrap guide * Added a brief description about the Seal Wrap guide * Incorporated feedbacks * Updated FIPS language Technically everything looks great. I've updated some of the language here as "compliance" could be interpreted to mean that golang's crypto and xcrypto libraries have been certified compliant with FIPS. Unfortunately they have not, and Leidos' cert is only about how Vault can operate in tandem with FIPS-certified modules. It's a very specific update, but it's an important one for some VE customers. Looks great - thanks! * Removed 'Compliance' from title * typo fix	2018-05-22 11:23:11 -07:00
Jeff Mitchell	c0275a3c7d	Add instructions for both kvv1 and kvv2 to getting started policies info	2018-05-22 14:07:12 -04:00
Yoko	500cb5737c	Mount Filters guide (#4536 ) * WIP: Mount filter guide * WIP * Mount filter guide for CLI, API, and UI * updated the next step * Updated the verification steps * Added a note about the unseal key on secondaries * Added more details * Added a reference to mount filter guide * Added a note about generating a new root token * Added a note about local secret engine	2018-05-22 08:57:36 -07:00
Chris Hoffman	25df1c28e4	updating link	2018-05-22 10:00:20 -04:00
Chris Hoffman	e614cadbe5	adding options information to mount endpoint (#4606 )	2018-05-21 16:39:43 -04:00
Jeff Mitchell	3e95a48e7b	Remove dupe website text	2018-05-21 16:30:45 -04:00
Jeff Mitchell	153d5360f7	Address feedback	2018-05-21 16:13:38 -04:00
Jeff Mitchell	98f0485d84	Add verification documentation	2018-05-21 12:00:36 -04:00
Jeff Mitchell	1fa5e18d44	Make description of prehashed a bit more friendly	2018-05-21 09:08:22 -04:00
Jeff Mitchell	ec24d3d2f7	Update key_type parameter description	2018-05-19 12:20:37 -04:00
Kevin Paulisse	7a6777b41a	Docs: Clarify that revoking token revokes dynamic secrets (#4592 )	2018-05-18 23:27:53 -07:00
Jeff Mitchell	f6b6ce1837	Add missing drsecondarycode to health API docs	2018-05-18 12:39:13 -04:00
Jeff Mitchell	2f97c3017f	Flip documented resolve_aws_unique_id value Fixes #4583	2018-05-18 12:05:52 -04:00
Reid Wiggins	668e2358aa	Add documentation for MySQL 5.6 root rotation (#4584 ) The default root rotation statement for MySQL is only valid for 5.7 and up. This commit adds example documentation for 5.6. Fixes #4567	2018-05-18 08:56:11 -07:00
Romain Vrignaud	5e62b26f10	Rename Google Container Engine to Google Kubernetes Engine (#4586 )	2018-05-18 08:19:56 -07:00
Jeff Mitchell	91b9ffdb33	Merge pull request #4580 from tavislikedavis/patch-1 Update policies.html.md	2018-05-17 09:14:35 -07:00
Jeff Mitchell	15a365c76f	Updated for new syntax	2018-05-17 09:14:12 -07:00
Jeff Mitchell	2a6f08a0b8	Merge pull request #4575 from avoidik/patch-2 Add more essential notes into production hardening guide	2018-05-17 09:05:34 -07:00
Jeff Mitchell	f058a82010	Update production.html.md	2018-05-17 09:05:08 -07:00
Jim Kalafut	e47c602654	Fix GCP API parameter docs	2018-05-17 08:54:25 -07:00
Seth Vargo	4479d42688	Move UI docs from enterprise to OSS (#4565 )	2018-05-17 08:48:10 -07:00
Andrew Slattery	e1eafc78b5	Update KV response code (#4568 ) Creating/Updating a secret in KV-V2 produces a status code `200` with a response body of `application/json`, whereas the previous documentation notated a `204 (empty body)` expected response code.	2018-05-17 08:46:19 -07:00
Tavis Wilson	215b89d363	Update policies.html.md	2018-05-16 14:35:30 -05:00
Jeff Mitchell	9a9638c93d	Update website ldap url text	2018-05-16 11:58:10 -04:00
Viacheslav Vasilyev	47d8604fe5	Update production.html.md	2018-05-16 11:16:04 +03:00
Jacob Friedman	36f3f61ac5	fixed spelling error in step 1 (#4572 )	2018-05-15 17:43:35 -07:00
Jeff Mitchell	476b150a19	Mention that you can actually rekey when using an HSM	2018-05-13 16:49:42 -04:00
Jeff Mitchell	112510da63	Update HSM documentation and fix GCP docs build	2018-05-13 16:39:22 -04:00
Robbie McKinstry	fd6f676f8f	Client side rate limiting (#4421 )	2018-05-11 10:42:06 -04:00
Seth Vargo	5769fb4416	Update GCP secrets to be example-driven (#4539 ) 👍	2018-05-10 16:58:22 -04:00
Tyler Marshall	9e059e65e9	Fix minor spelling mistake (#4548 )	2018-05-10 13:42:01 -07:00
Becca Petrin	df4b650e61	Restrict cert auth by CIDR (#4478 )	2018-05-09 15:39:55 -07:00
Jeff Kohrman	47aab6e22e	Add link to updated privacy policy in layout.erb (#4533 ) Added link to updated privacy policy in footer of `layout.erb` for the OSS website.	2018-05-09 16:11:57 -04:00
Yoko	c648475746	[Guide] DB Root Credential Rotation (#4508 ) * DB root credential rotation guide * Fixed typos * Added a note about creating a dedicated superuser * Incorporated Chris's feedback * Added a reference to DB root credential rotation * Rephrase some of the languages * Minor re-wording of a sentence	2018-05-09 11:01:58 -07:00
Jeff VanSickle	cc800b649a	Update jq path for "excited" in JSON output example (#4531 )	2018-05-09 08:41:41 -07:00
Shelby Moore	4a1c826d98	Updated proxy protocol config validation (#4528 )	2018-05-09 10:53:44 -04:00
Jeff Mitchell	9fb688f789	Clarify that rotate requires sudo	2018-05-09 10:19:35 -04:00
tdsacilowski	7694c8e1c2	Clarify HA params, fixed typos (#4527 ) * Clarify HA params, fixed typos * Additional clarifications to listener parameters * Updated cluster_address values	2018-05-08 13:36:42 -07:00
Jacob Friedman	390068b54e	Updated link for k8s-tokenreview (#4523 ) Link for k8s-tokenreview was broken when they released a new version so I went ahead and fixed it.	2018-05-08 13:36:12 -07:00
Jacob Friedman	38192cf97c	Changed DR docs page to fix generating secondary DR token (#4521 ) The docs for how to create secondary DR tokens were incorrect, which caused issues at a customer. I fixed the documentation with the proper syntax and formatting, which I copied from the perf replication docs (after changing endpoints). Can someone take a quick look for me?	2018-05-08 13:35:48 -07:00
vishalnayak	c61fd9bba6	docs: s/entity/group-alias	2018-05-08 16:32:35 -04:00
Chris Hoffman	2654a55574	docs update	2018-05-07 16:34:39 -04:00
Chris Hoffman	168d02c9a8	docs updates	2018-05-07 16:33:38 -04:00
Chris Hoffman	befd3cf451	updating pkcs11 docs (#4520 )	2018-05-07 13:50:45 -04:00
Anthony Dong	7ad10034ed	Fix typo in AppRole guide (#4509 )	2018-05-04 10:10:21 -04:00
Jeff	3bfa45e306	Typo (#4505 )	2018-05-03 13:37:44 -07:00
Jerome Cheng	e701b6adea	Fix incorrect file path in Token Helper doc (#4499 ) Vault stores the token in `~/.vault-token` and not `~/.vault_token`.	2018-05-02 21:56:38 -07:00
Laura Uva	765b1a0cb0	Payload key should be dr_operation_token (#4498 )	2018-05-02 18:35:51 -07:00
Nathan Valentine	ff62d2a585	s/aws_region/region/ (#4497 ) The correct key name is 'region' as opposed to 'aws_region'.	2018-05-02 14:25:03 -07:00
Fabrizio Cucci	92502021e5	Fix role of example in Kubernetes Auth Method (#4483 ) It was `test` but it should be `demo` to be aligned with the example.	2018-05-01 15:04:53 -07:00
Matthew Irish	9ac9e088ba	add script defer to the demo app tag as well (#4489 )	2018-04-29 22:14:54 -05:00
Jeff Escalante	3b442f8da7	fix fout issue (#4477 )	2018-04-27 14:34:20 -07:00
Yoko	237a066f39	Spring Cloud Vault Java demo (#4397 ) * WIP - Spring Cloud Vault Java demo * Added 'Reloading the Static Secrets' step * Fixed a typo * Minor wording change Remove redundant "a". * Typos and grammar Fixed a few misspellings ("spring") and the odd "a", "the", or "an".	2018-04-27 09:18:50 -07:00
Pavlos Ratis	c9f989a3fb	[website] fix Markdown formatting on GCP page (#4471 )	2018-04-27 09:13:07 -07:00
Jim Kalafut	4a40bd6432	Minor updates to Azure auth docs	2018-04-27 08:47:06 -07:00
Jeff Escalante	f843f833db	adjust analytics and other js for turbolinks (#4400 )	2018-04-26 16:02:25 -05:00
emily	462f98673f	fix docs (#4466 )	2018-04-26 16:54:19 -04:00
Nathan Dataguake Basanese	da98217e61	Make a minor grammar edit for docs (#4467 ) Previous version used `read` in stead of `get` for everything but the code block examples. It's a minor oversight, and most of us are going to skim to the code blocks anyway. But maybe it'll help.	2018-04-26 16:41:23 -04:00
Jeff Mitchell	783a5c3422	Remove out of date text on HSM rekeying	2018-04-26 10:10:30 -04:00
Jim Kalafut	abcd859236	Fix typo in aws auth docs	2018-04-25 22:57:39 -07:00
Andrew Speed	102be1a679	Fix authentication example mentioning vault auth but using vault login (#4458 )	2018-04-25 14:59:38 -07:00
Krish	bc15f55479	Update authentication.html.md Thanks!	2018-04-25 14:37:59 -07:00
Chris Hoffman	c6551ced97	fix document formatting	2018-04-25 10:16:41 -04:00
Chris Hoffman	2b57907cae	Seal Rotation Docs (#4449 ) * wip docs * adding docs * removing vendor supported mechanism	2018-04-25 09:59:06 -04:00
Nándor István Krácser	420a9b9321	Fix mapping read paths (#4448 )	2018-04-25 09:22:30 -04:00
Chris Kent	47ca22cd00	Website download page update (#4444 ) * Update download page to include community resources + Added “downloads powered by” text to Fastly icon + changed to horizontal grid for download list (vs vertical list) + added community resources below page * Reverting changes from earlier * Added community links to downloads page + added community and getting-started links to sidebar as well	2018-04-24 20:29:36 -05:00
vishalnayak	4222df38c6	Merge branch 'master-oss' into approle-local-secretid	2018-04-24 16:17:56 -04:00
Becca Petrin	b12fa85c9b	uppercase Vault in plugin doc (#4442 )	2018-04-24 10:41:37 -07:00
Brian Shumate	7a5d7713fd	Update curl commands / replace invalid '--payload' flag (#4440 )	2018-04-24 11:20:29 -04:00
vishalnayak	a7814f38cc	Merge branch 'master-oss' into approle-local-secretid	2018-04-24 11:03:39 -04:00
Yoko	8353246eea	Updated the link to the sample app folder which was moved (#4437 ) * Updated the link to the sample app folder which was moved * Folder name changed from vault-transit-rewrap-example to vault-transit-rewrap	2018-04-23 16:45:10 -07:00
vishalnayak	20c7f20265	error on enable_local_secret_ids update after role creation	2018-04-23 17:05:53 -04:00
vishalnayak	b4f6b6fd31	update docs	2018-04-23 16:54:23 -04:00
Jeff Mitchell	87e54d12b2	Update audit text to make it clear that audit logs are for authenticated interactions	2018-04-23 10:49:32 -04:00
Malhar Vora	78aa4876eb	Corrects description for mode option in ssh command (#4420 ) Fixes #4375	2018-04-22 13:42:46 -04:00
Malhar Vora	7b2858b7a3	Correct typo in Kubernetes auth backend docs Resolve small typo in Configuring Kubernetes section in Kubernetes Auth Backend documentation. Fixes #4417	2018-04-21 19:37:59 -07:00
Jeff Mitchell	bc0918a350	Add the ability to restrict token usage by IP. Add to token roles. (#4412 ) Fixes #815	2018-04-21 10:49:16 -04:00
Chris Kent	cee348e75f	Mrktfix (#4411 ) * Updated hero with current logo * Updated logos in these artifact images as well * Added Branded Logo with HashiCorp * Updated logo with branded logo (HashiCorp in the name) * typo * Wrong spot * Updated logo	2018-04-20 14:43:11 -05:00
Chris Kent	01abce85ef	Updated hero with current logo (#4410 )	2018-04-20 12:50:00 -05:00
Alvin Huang	5d440fe618	remove redundant 'Vault' in approle docs (#4405 )	2018-04-20 09:55:15 -04:00
skiggety	4d0b47855a	remove lingering mention of "vault write" command. (#4388 )	2018-04-18 16:32:37 -04:00
Vishal Nayak	e6cc20d1e7	phys/consul: Allow tuning of session ttl and lock wait time (#4352 ) * phys/consul: allow tuning of session ttl and lock wait time * use parseutil * udpate docs	2018-04-18 13:09:55 -04:00
Jeff Mitchell	80b17705a9	X-Forwarded-For (#4380 )	2018-04-17 18:52:09 -04:00
Yoko	81af0f69d1	Versioned KV secret engine (kv-v2) tutorial (#4367 ) * Added versioned kv secret engine tutorial * Added check-and-set feature * Fixed archived -> deleted * Incorporated all suggested changes	2018-04-17 14:42:14 -07:00
Laura Uva	d4b5f94dfe	Add mode to the examples under automation steps (#4374 )	2018-04-17 13:47:41 -04:00
vishalnayak	46d4ded928	docs: update accessor lookup response	2018-04-17 11:52:58 -04:00
vishalnayak	73df4a6f8b	docs: update token lookup response	2018-04-17 11:40:00 -04:00
Sohex	f676ca9db7	Update index.html.md (#4372 ) Remove duplicate of max_ttl description from end of period description under create role parameters.	2018-04-17 11:05:50 -04:00
George Hartzell	fa10bbdc81	Touch up getting started doc (#4373 ) The example uses `vault kv put` but the the commentary references `vault write`. Make them consistent (this commit) or explain the equivalence.	2018-04-16 13:57:12 -04:00
Calvin Leung Huang	36d46452d0	Add docs for internal UI mounts endpoint (#4369 ) * Add docs for internal UI mounts endpoint * Update description section	2018-04-16 12:13:58 -04:00
Jeff Mitchell	b65832d08a	Add ability to disable an entity (#4353 )	2018-04-13 21:49:40 -04:00
Jeff Mitchell	a7f604ff91	Fix token store role documentation around explicit max ttl	2018-04-13 09:59:12 -04:00
Jerome Cheng	06eae018a3	Fix indentation of code block in Consul Secrets Engine docs (#4350 ) The indentation of the code block in the Consul Secrets Engine doc was removed in #4224, but the closing backticks remained indented one level, resulting in the block swallowing all text after it. Removing the indentation from the closing backticks fixes this.	2018-04-13 09:55:35 -04:00
Jeff Escalante	fce704efa2	switch from GA to segment tracking (#4109 )	2018-04-12 21:35:38 -05:00
Peter Souter	0ac5933c24	Remove Enterprise Only flag (#4337 )	2018-04-11 14:27:58 -04:00
James Mannion	986ace5183	Fixes a reference to deprecated init command (#4338 ) Replace "vault init" with "vault operator init" in initialising the vault section.	2018-04-11 14:26:53 -04:00
Jeff Mitchell	f3dadf9bc6	Remove beta tag from Google Cloud	2018-04-10 13:58:16 -04:00
Matthew Irish	e7801faf2a	fix broken link (#4329 )	2018-04-10 11:11:38 -05:00
Jeff Mitchell	8569e6a143	Add more info to upgrade guide and changelog	2018-04-10 12:09:54 -04:00
Chris Hoffman	360819c571	adding 0.10 upgrade guide (#4321 )	2018-04-09 17:32:15 -04:00
Yoko	dc390a9f80	Removed extra '( )' in the link (#4316 )	2018-04-09 09:57:22 -07:00
Brian Kassouf	915e452c0d	KV: Update 'versioned' naming to 'v2' (#4293 ) * Update 'versioned' naming to 'v2' * Make sure options are set * Fix description of auth flag * Review feedback	2018-04-09 09:39:32 -07:00
Yoko	279810a6a6	Fixed a missing 's' (#4314 )	2018-04-09 09:22:11 -07:00
Chris Hoffman	e3742e5a54	Docs for configuration UI headers (#4313 ) * adding /sys/config/ui headers * adding /sys/config/ui headers	2018-04-09 12:21:02 -04:00
Chris Hoffman	295db4718f	Root Credential Rotation Docs (#4312 ) * updating root credential docs * more docs updates * more docs updates	2018-04-09 12:20:29 -04:00
Yoko	815be82ba1	AppRole with Terraform & Chef (#4200 ) * WIP - Teddy's webinar * WIP * Added more details with diagram * Fixed a typo * Added a note about terraform bug with 0.11.4 & 0.11.5 * Minor adjustment * Fixed typos * Added matching CLI commands * Added extra speace for readability	2018-04-09 08:50:50 -07:00
Matthew Irish	fec8f13955	UI - pki updates (#4291 ) * add require_cn to pki roles * add policy_identifiers and basic_constraints_valid_for_non_ca to pki role form * add new fields to the PKI docs * add add_basic_constraints field	2018-04-08 21:09:29 -05:00
Chris Hoffman	6492311767	remove token from curl request for login paths (#4303 )	2018-04-06 18:10:59 -04:00
Yoko	2859c20cb5	Added in-region DR scenario diagram (#4292 ) This is a replica of the PR 4243 which has already been approved.	2018-04-05 16:08:55 -07:00
Andy Manoske	0b4adfd92f	Update index.html.md	2018-04-05 15:16:28 -07:00
Yoko	4d7da27639	Auto Unseal with AWS KMS guide (#4277 ) * WIP * Added auto unseal * Converting to a guide * Added little more explanations * Minor fixes * Fixed a typo * Fixed a typo * Changed auto unseal to auto-unseal * Found more typo... fixed	2018-04-05 13:28:39 -07:00
Geoffrey Grosenbach	dfd8c3ee21	Correct the page title to read `re-wrapping` (#4274 ) The title in the metadata used `re-rapping` instead of `re-wrapping`. This one line change fixes the spelling.	2018-04-04 16:55:46 -04:00
Quinn Stearns	ab79123f2a	Rename Example Key from "value" to "foo" (#4270 ) It is slightly confusing to have the first example include a key named "Value". This can create a slight hump to grokking what's happening in this early step of the README. Here we rename the key to "foo" to help indicate it's dynamic nature.	2018-04-04 16:22:27 -04:00
Yoko	f66615153c	Vault HA with Consul guide (#4187 ) * Vault HA guide draft * Fixed node_id to say node_name based on Brian's input * Fixed the unwanted hyperlink * Vault HA guide * Updated the description of the Vault HA guide * Typo fixes * Added a reference to Vault HA with Consule guide * Incorporated Teddy's feedback * Fixed an env var name * Vault configuration has been updated: 'api_addr'	2018-04-04 08:25:06 -07:00
Seth Vargo	aec4a603b4	Rename Google things to say "Google", update telemetry (#4267 )	2018-04-04 10:37:44 -04:00
Brian Kassouf	56274d854d	Versioned K/V docs (#4259 ) * Work on kv docs * Add more kv docs * Update kv docs * More docs updates * address some review coments	2018-04-03 23:22:41 -07:00
Roy Sindre Norangshol	3ddd3bd20c	project is now project_id (#4251 ) Verified both via vault CLI and direct curl'ing towards API endpoints.	2018-04-03 17:11:47 -04:00
Jeff Mitchell	266a57fab2	Case insensitive behavior for LDAP (#4238 )	2018-04-03 09:52:43 -04:00
Lowe Schmidt	7c06e9610f	Grammatical error (#4246 ) As per Franklin Davis suggestion on the mailing list.	2018-04-03 07:53:38 -04:00
Vishal Nayak	0caa6408c2	Update group alias by ID (#4237 ) * update group alias by id * update docs	2018-04-02 10:42:01 -04:00
Vishal Nayak	c052bb5ae2	move identity docs from ent docs to oss (#4235 )	2018-04-01 13:59:43 -04:00
Vishal Nayak	3930da11d4	add entity merge API to docs (#4234 )	2018-04-01 12:59:57 -04:00
LeSuisse	885a6e754d	Update usage of the deprecated generated-root command in the documentation (#4232 )	2018-03-31 11:17:08 -04:00
Seth Vargo	e0fccbd55a	Add HA support to the Google Cloud Storage backend (#4226 )	2018-03-30 12:36:37 -04:00
Brian Shumate	721bcc6546	Update Consuls Secrets quick start (#4224 ) - Fix typo in role name - Drop ordered list formatting on get credential example	2018-03-30 10:46:05 -04:00
Jon Benson	12cd8bdeb6	Update mfa-totp.html.md (#4220 )	2018-03-29 16:51:13 -04:00
Jeff Mitchell	4b45cb7f91	Merge branch 'master-oss' into 0.10-beta	2018-03-27 12:40:30 -04:00
Yoko	e5788b8860	Update Github auth method API reference (#4202 ) * Update Github auth method API reference * Replaced vault.rocks in API	2018-03-26 16:56:14 -07:00
vishalnayak	29ed7a383f	docs: update aws ec2 auth step	2018-03-26 17:26:48 -04:00
Jeff Mitchell	1c2b610f3a	Remove a few more vault.rocks usages	2018-03-26 15:02:22 -04:00
Wilhelmina Drengwitz	9b91032297	Add general recommendation for the `api_addr` config value (#4198 ) We ran into some confusion about what we should be setting the api_addr config value to. I feel this general recommendation should nudge any others into a better understanding of what this value should point to.	2018-03-26 13:46:54 -04:00
Jeff Mitchell	43e9bcd948	Add more docs around list paths in policies. CC #4199	2018-03-26 11:30:58 -04:00
Brian Shumate	77c5239dc8	Docs: add note about enterprise replication installations section to upgrade guide (#3631 )	2018-03-26 10:25:09 -04:00
Seth Vargo	04708d554c	Drop vault.rocks (#4186 )	2018-03-23 11:41:51 -04:00
Chris Hoffman	505f0ea495	adding Azure docs (#4185 ) Adding Azure Auth Method docs	2018-03-22 18:28:42 -04:00
Jim Kalafut	c646f96786	Fix minor docs and help text issues (#4184 )	2018-03-22 09:29:59 -04:00
Brian Kassouf	1626803f3f	Update kv backend and add some docs (#4182 ) * Add kv backend * Move kv in apha order * Update kv backend and add some docs	2018-03-21 23:10:05 -04:00
Brian Kassouf	d51dc47070	Add kv backend (#4181 )	2018-03-21 22:56:52 -04:00
Calvin Leung Huang	c54c9519c8	Passthrough request headers (#4172 ) * Add passthrough request headers for secret/auth mounts * Update comments * Fix SyncCache deletion of passthrough_request_headers * Remove debug line * Case-insensitive header comparison * Remove unnecessary allocation * Short-circuit filteredPassthroughHeaders if there's nothing to filter * Add whitelistedHeaders list * Update router logic after merge * Add whitelist test * Add lowercase x-vault-kv-client to whitelist * Add back const * Refactor whitelist logic	2018-03-21 19:56:47 -04:00
emily	468cad19f3	Docs for Vault GCP secrets plugin (#4159 )	2018-03-21 15:02:38 -04:00
Brian Shumate	6c0b238459	Docs: update formatting / heading (#4175 ) - Correct Generate Disaster Recovery Operation Token heading level - Tighten up formatting/trailing spaces	2018-03-21 10:14:52 -04:00
Jeff Mitchell	6a82e012a2	Fix file location for 0.9.6 upgrade guide	2018-03-20 22:34:41 -04:00
Jeff Mitchell	d10057e2b8	Add 0.9.6 upgrade guide	2018-03-20 22:27:01 -04:00
Josh Soref	e43b76ef97	Spelling (#4119 )	2018-03-20 14:54:10 -04:00
Jason Martin	7054005e9f	README Spelling error (#4165 )	2018-03-20 11:45:56 -04:00
Jeff Mitchell	59c451d246	Explicitly call out that we use aes-256 gcm-96 for the barrier. Fixes #2913	2018-03-19 19:53:12 -04:00
Jeff Mitchell	f7e80837a7	Note that you can set a CA chain when using set-signed. Fixes #2246	2018-03-19 19:44:07 -04:00
Yoko	5c5586759f	Transit rewrap (#4091 ) * Adding new guides * Replaced backend with engine * Grammar for the encryption guide * Grammar and Markdown style for the Transite Rewrap guide See https://github.com/hashicorp/engineering-docs/blob/master/writing/markdown.md for notes on numbered Markdown lists. * grammar and wording updates for ref arch guide * Updating replication diagram * Removing multi-tenant pattern guide * Added a note 'Enterprise Only' * Removing multi-tenant pattern guide * Modified the topic order * Grammar and Markdown formatting * Grammar, Markdown syntax, and phrasing * Grammar and Markdown syntax * Replaced 'backend' with appropriate terms * Added a note clarifying that replication is an enterprise-only feature * Updated the diagram & added additional resource links * update some grammar and ordering * Removed the inaccurate text in index for EaaS	2018-03-19 14:56:45 -07:00
Jacob Crowther	53b0e5971d	Add Cryptr to related tools (#4126 )	2018-03-19 14:46:54 -04:00
Jeff Mitchell	9e596fcef2	Update path-help to make clear you shouldn't put things in the URL. Remove from website docs as those have been long deprecated.	2018-03-19 11:50:16 -04:00
vishalnayak	e91eaf3e83	s/Methods/Method	2018-03-18 15:46:57 -04:00
Joel Thompson	29551c0b1b	Allow non-prefix-matched IAM role and instance profile ARNs in AWS auth backend (#4071 ) * Update aws auth docs with new semantics Moving away from implicitly globbed bound_iam_role_arn and bound_iam_instance_profile_arn variables to make them explicit * Refactor tests to reduce duplication auth/aws EC2 login tests had the same flow duplicated a few times, so refactoring to reduce duplication * Add tests for aws auth explicit wildcard constraints * Remove implicit prefix matching from AWS auth backend In the aws auth backend, bound_iam_role_arn and bound_iam_instance_profile_arn were ALWAYS prefix matched, and there was no way to opt out of this implicit prefix matching. This now makes the implicit prefix matching an explicit opt-in feature by requiring users to specify a * at the end of an ARN if they want the prefix matching.	2018-03-17 21:24:49 -04:00
Roger Berlind	aabccd5fd2	Fixed broken k8s TokenReview API link (#4144 )	2018-03-17 21:23:41 -04:00
Jeff Mitchell	f4a07e3634	Update interactive tutorial commands	2018-03-16 15:03:51 -04:00
immutability	b2f44f9867	Plugins need setcap too for syscall mlock (#4138 )	2018-03-16 06:05:01 -07:00
Yoko	43f34a19bb	Fixed the hyperlink (#4140 )	2018-03-15 19:24:26 -07:00
Yoko	530d6cac1f	updating the AppRole diagram (#4139 ) Fixing the build error	2018-03-15 18:23:25 -07:00
Yoko	4d3455f9f7	Approle diagram (#4132 ) * Updates requested by the SE team * Added links to AppRole blog and webinar * Updated diagram * Updated diagram	2018-03-15 17:16:59 -07:00
Joel Thompson	d349f5b0a7	auth/aws: Allow binding by EC2 instance IDs (#3816 ) * auth/aws: Allow binding by EC2 instance IDs This allows specifying a list of EC2 instance IDs that are allowed to bind to the role. To keep style formatting with the other bindings, this is still called bound_ec2_instance_id rather than bound_ec2_instance_ids as I intend to convert the other bindings to accept lists as well (where it makes sense) and keeping them with singular names would be the easiest for backwards compatibility. Partially fixes #3797	2018-03-15 09:19:28 -07:00
Brian Nuszkowski	ecb3fe21b7	Add PKCS1v15 as a RSA signature and verification option on the Transit secret engine (#4018 ) Option to specify the RSA signature type, in specific add support for PKCS1v15	2018-03-15 09:17:02 -07:00
Jeff Mitchell	efb7a23498	Make the API docs around ed25519 more clear about what derivation means for this key type	2018-03-15 11:59:50 -04:00
Jim Kalafut	17ed6663f7	Fix description of parameter value globbing (#4131 )	2018-03-14 17:03:00 -04:00
Edward Z. Yang	1adda15299	Vault user needed to use STS Federation Tokens (#4108 ) If you try to use role authorization to get an STS token, you'll get this error: * Error generating STS keys: AccessDenied: Cannot call GetFederationToken with session credentials	2018-03-14 10:24:29 -04:00
Malte	26d8b7f095	Fix typo in recommended vault auth iam policy (#4128 ) The resource arn for the `sts:AssumeRole` action is missing a `:` for the region and therefore invalid.	2018-03-14 03:45:21 -04:00
Joel Thompson	b3ccf7aac9	docs: Alphabetize CLI commands (#4127 ) status was appearing after token when it should be before	2018-03-14 01:44:41 -04:00
Brian Shumate	f8324e9c2a	Docs: grammatical clarification around community supported note (#4122 )	2018-03-13 10:32:28 -04:00
Marien Fressinaud	c248375372	[doc] Change auth token in getting-started (#4118 ) In the authentication section of the getting started doc, the token used to login doesn't match with the one displayed as the command result. This commit makes sure that both tokens correspond to avoid distracting newcomers.	2018-03-13 10:28:09 -04:00
Calvin Leung Huang	034f83f1cd	Audit HMAC values on AuthConfig (#4077 ) * Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs * docs: Add ttl params to auth enable endpoint * Rewording of go string to simply string * Add audit hmac keys as CLI flags on auth/secrets enable * Fix copypasta mistake * Add audit hmac keys to auth and secrets list * Only set config values if they exist * Fix http sys/auth tests * More auth plugin_name test fixes * Pass API values into MountEntry's config when creating auth/secrets mount * Update usage wording	2018-03-09 14:32:28 -05:00
Vishal Nayak	1d8baa9b9c	approle: Use TypeCommaStringSlice for BoundCIDRList (#4078 ) * Use TypeCommaStringSlice for Approle bound_cidr_list * update docs * Add comments in the test	2018-03-08 17:49:08 -05:00
Jeff Mitchell	0fec3965e1	Update text around default policy to make it clear that it is user-modifiable	2018-03-08 15:48:11 -05:00
Jim Kalafut	3024869fdc	Fix instruction in installation docs (#4097 )	2018-03-08 11:02:04 -05:00
Viacheslav Vasilyev	14eef27c28	Fix autoreplacing issue (#4103 )	2018-03-08 11:01:46 -05:00
Jeff Escalante	026113daa1	Some small website fixes (#4087 ) * prepend first instance of 'Vault' with 'HashiCorp' * update dependencies + middleman-hashicorp	2018-03-08 10:58:43 -05:00
Aleksandar	ceef3b60d8	Add the chunk_size optional parameter to gcs storage (#4060 )	2018-03-05 08:32:48 -05:00
Mike	79a884fbe8	Correct endpoint's path in Doc (#4074 ) Fix typo in endpoint's path	2018-03-05 07:41:53 -05:00
Jim Kalafut	9a16efe7db	Change "mount" to "secrets enable" in docs	2018-03-02 12:54:28 -08:00
Calvin Leung Huang	01eecf9d1a	Non-HMAC audit values (#4033 ) * Add non-hmac request keys * Update comment * Initial audit request keys implementation * Add audit_non_hmac_response_keys * Move where req.NonHMACKeys gets set * Minor refactor * Add params to auth tune endpoints * Sync cache on loadCredentials * Explicitly unset req.NonHMACKeys * Do not error if entry is nil * Add tests * docs: Add params to api sections * Refactor audit.Backend and Formatter interfaces, update audit broker methods * Add audit_broker.go * Fix method call params in audit backends * Remove fields from logical.Request and logical.Response, pass keys via LogInput * Use data.GetOk to allow unsetting existing values * Remove debug lines * Add test for unsetting values * Address review feedback * Initialize values in FormatRequest and FormatResponse using input values * Update docs * Use strutil.StrListContains * Use strutil.StrListContains	2018-03-02 12:18:39 -05:00
Jeff Mitchell	90f245995a	Document primary_email in Okta mfa path	2018-03-02 11:54:21 -05:00
Jeff Mitchell	9c5e90cb0a	Actually add PingID to the index of API pages	2018-03-02 11:49:48 -05:00
Joel Thompson	8a115c73d9	auth/aws: Allow lists in binds (#3907 ) * auth/aws: Allow lists in binds In the aws auth method, allow a number of binds to take in lists instead of a single string value. The intended semantic is that, for each bind type set, clients must match at least one of each of the bind types set in order to authenticate.	2018-03-02 11:09:14 -05:00
Vishal Nayak	5ede80de1c	update sys/capabilities docs (#4059 )	2018-03-01 11:42:39 -05:00
Jeff Mitchell	e7524b816d	Add the ability to use multiple paths for capability checking (#3663 ) * Add the ability to use multiple paths for capability checking. WIP (tests, docs). Fixes #3336 * Added tests * added 'paths' field * Update docs * return error if paths is not supplied	2018-03-01 11:14:56 -05:00
Andy Manoske	d21cbe3687	Update index.html.md Updated for Unbound	2018-02-28 16:20:54 -08:00
Jeff Mitchell	8f328c490a	Fix broken link on Consul docs	2018-02-26 13:28:15 -05:00
vishalnayak	c2812d6761	ssh: clarify optional behavior of cidr_list	2018-02-24 06:55:55 -05:00
chris trott	4987468fba	Configurable Consul Service Address (#3971 ) * Consul service address is blank Setting an explicit service address eliminates the ability for Consul to dynamically decide what it should be based on its translate_wan_addrs setting. translate_wan_addrs configures Consul to return its lan address to nodes in its same datacenter but return its wan address to nodes in foreign datacenters. * service_address parameter for Consul storage backend This parameter allows users to override the use of what Vault knows to be its HA redirect address. This option is particularly commpelling because if set to a blank string, Consul will leverage the node configuration where the service is registered which includes the `translate_wan_addrs` option. This option conditionally associates nodes' lan or wan address based on where requests originate. * Add TestConsul_ServiceAddress Ensures that the service_address configuration parameter is setting the serviceAddress field of ConsulBackend instances properly. If the "service_address" parameter is not set, the ConsulBackend serviceAddress field must instantiate as nil to indicate that it can be ignored.	2018-02-23 11:15:29 -05:00
Yoko	39e0422b76	Fixed a broken link (#4032 )	2018-02-22 19:43:27 -08:00
Yoko	e57eb8d1a1	Changed the layout category menu (#4007 ) * Changed the layout category menu * Fixed typos * Fixed a typo, and removed the duplicated generate-root guide * Fixed the redirect.txt	2018-02-22 16:24:01 -08:00
Chris Hoffman	44a58df738	adding LIST for connections in database backend (#4027 )	2018-02-22 15:27:33 -05:00
Jeff Mitchell	e118ae30ba	Fix formatting on sys/health docs	2018-02-22 10:52:12 -05:00
Jeff Mitchell	207081740e	Make docs around regenerate_key more specific	2018-02-22 09:09:20 -05:00
Calvin Leung Huang	11d15895f9	Add description param on tune endpoints (#4017 )	2018-02-21 17:18:05 -05:00
Jeff Mitchell	f83f41436d	Update PKCS11 seal information	2018-02-21 09:05:36 -05:00
Vishal Nayak	1deaed2ffe	Verify DNS SANs if PermittedDNSDomains is set (#3982 ) * Verify DNS SANs if PermittedDNSDomains is set * Use DNSNames check and not PermittedDNSDomains on leaf certificate * Document the check * Add RFC link * Test for success case * fix the parameter name * rename the test * remove unneeded commented code	2018-02-16 17:42:29 -05:00
Jeff Mitchell	a43a854740	Support other names in SANs (#3889 )	2018-02-16 17:19:34 -05:00
Jeff Mitchell	d325b32a9d	Update website for AWS client max_retries	2018-02-16 11:13:55 -05:00
Jeff Mitchell	e36a49fdf1	Add some info about cert reloading behavior on SIGHUP CC #3990	2018-02-15 17:11:48 -05:00
Seth Vargo	7af2bdc5a4	Add support for Google Cloud Spanner (#3977 )	2018-02-14 20:31:20 -05:00
Jeff Mitchell	ef00a69f11	Add ChaCha20-Poly1305 support to transit (#3975 )	2018-02-14 11:59:46 -05:00
Nick	1489c08ea0	Update lease.html.md (#3759 )	2018-02-14 09:44:34 -05:00
Brian Shumate	2b617f305a	DOCS: update Telemetry with more coverage (#3968 ) - Add initial secrets engines metrics - Update metrics types/values - Update language for auth methods, secrets engines, audit devices - Add more linking to relevant documentation	2018-02-14 09:39:51 -05:00
Seth Vargo	4ae1310b8b	Fix code in header font size (#3970 ) * Fix code in header font size This fixes the tiny code font in header names. * Update _global.scss	2018-02-13 22:17:51 -05:00
Brian Shumate	c400463298	Clarify with example of file-backend specific metrics (#3913 )	2018-02-13 11:04:11 -05:00
George Perez	dba4bc10b9	Update generate-root.html.md (#3894 ) Fix typo: "providers" to "provides"	2018-02-13 11:03:35 -05:00
Brian Shumate	bea6121359	DOCS: update Telemetry (#3964 ) - Correct time to millis - Correct storage backend summaries from # ops to duration of ops	2018-02-13 10:15:19 -05:00
Paul Stack	7181749031	Adding Manta Storage Backend (#3720 ) This PR adds a new Storage Backend for Triton's Object Storage - Manta ``` make testacc TEST=./physical/manta ==> Checking that code complies with gofmt requirements... ==> Checking that build is using go version >= 1.9.1... go generate VAULT_ACC=1 go test -tags='vault' ./physical/manta -v -timeout 45m === RUN TestMantaBackend --- PASS: TestMantaBackend (61.18s) PASS ok github.com/hashicorp/vault/physical/manta 61.210s ``` Manta behaves differently to how S3 works - it has no such concepts of Buckets - it is merely a filesystem style object store Therefore, we have chosen the approach of when writing a secret `foo` it will actually map (on disk) as foo/.vault_value The reason for this is because if we write the secret `foo/bar` and then try and Delete a key using the name `foo` then Manta will complain that the folder is not empty because `foo/bar` exists. Therefore, `foo/bar` is written as `foo/bar/.vault_value` The value of the key is always written to a directory tree of the name and put in a `.vault_value` file.	2018-02-12 18:22:41 -05:00
Calvin Leung Huang	3189278c84	CLI Enhancements (#3897 ) * Use Colored UI if stdout is a tty * Add format options to operator unseal * Add format test on operator unseal * Add -no-color output flag, and use BasicUi if no-color flag is provided * Move seal status formatting logic to OutputSealStatus * Apply no-color to warnings from DeprecatedCommands as well * Add OutputWithFormat to support arbitrary data, add format option to auth list * Add ability to output arbitrary list data on TableFormatter * Clear up switch logic on format * Add format option for list-related commands * Add format option to rest of commands that returns a client API response * Remove initOutputYAML and initOutputJSON, and use OutputWithFormat instead * Remove outputAsYAML and outputAsJSON, and use OutputWithFormat instead * Remove -no-color flag, use env var exclusively to toggle colored output * Fix compile * Remove -no-color flag in main.go * Add missing FlagSetOutputFormat * Fix generate-root/decode test * Migrate init functions to main.go * Add no-color flag back as hidden * Handle non-supported data types for TableFormatter.OutputList * Pull formatting much further up to remove the need to use c.flagFormat (#3950) * Pull formatting much further up to remove the need to use c.flagFormat Also remove OutputWithFormat as the logic can cause issues. * Use const for env var * Minor updates * Remove unnecessary check * Fix SSH output and some tests * Fix tests * Make race detector not run on generate root since it kills Travis these days * Update docs * Update docs * Address review feedback * Handle --format as well as -format	2018-02-12 18:12:16 -05:00
Joel Thompson	d4465fdfcd	auth/aws: Improve role tag docs as suggested on mailing list (#3915 ) Fixes the ambiguity called out in https://groups.google.com/forum/#!msg/vault-tool/X3s7YY0An_w/yH0KFQxlBgAJ	2018-02-12 17:39:17 -05:00
Jeff Mitchell	3ce120e0f9	Add transaction-like behavior for Transit persists. (#3959 )	2018-02-12 17:27:28 -05:00
Jeff Mitchell	f125cda324	Minor website wording updates	2018-02-12 15:28:06 -05:00
Jeff Mitchell	ce025b953f	Document the disable_sealwrap parameter	2018-02-12 15:20:07 -05:00
Jeff Mitchell	a9a322aa39	Adds the ability to bypass Okta MFA checks. (#3944 ) * Adds the ability to bypass Okta MFA checks. Unlike before, the administrator opts-in to this behavior, and is suitably warned. Fixes #3872	2018-02-09 17:03:49 -05:00
Vishal Nayak	58cab5f59f	added a flag to make common name optional if desired (#3940 ) * added a flag to make common name optional if desired * Cover one more case where cn can be empty * remove skipping when empty; instead check for emptiness before calling validateNames * Add verification before adding to DNS names to also fix #3918	2018-02-09 13:42:19 -05:00
alexandrumd	e47c7e866a	Change 'rules' parameter for Policies requests (#3947 ) With Vault Version: 0.9.1, the following is returned when using "rules" for policies operation: ```The following warnings were returned from the Vault server: * 'rules' is deprecated, please use 'policy' instead```	2018-02-09 07:43:18 -05:00
Roger Berlind	f64bcf1a9a	Updated replication table (#3929 )	2018-02-08 18:11:00 -05:00
Jeff Mitchell	ec27e83b6e	Update relatedtools.html.md	2018-02-08 11:15:47 -05:00
Robert Kreuzer	8f475dd93f	Add vaultenv to the list of related tools (#3945 )	2018-02-08 10:30:45 -05:00
Chris Hoffman	d285fdf957	Fixing docs links and adding redirects for new guides (#3939 ) * updating links * updating links * updating links * updating links * updating links * adding redirects	2018-02-07 19:29:07 -05:00
Jed	b020d310e4	Lil typo fixes (#3925 ) Read through the initial docs and noticed a few typos	2018-02-07 09:38:11 -05:00
emily	f59280d6d4	fix IAM diagram for GCP auth method docs (#3927 )	2018-02-07 09:37:11 -05:00
Andy Manoske	8c9aa394cc	Merge branch 'master' into new-guides	2018-02-06 13:09:22 -08:00
cikenerd	f4f66a9779	Update etcd storage doc (#3753 )	2018-02-06 11:00:00 -05:00
Yoko Hyakuna	3302389ca1	Missing * in the command	2018-02-05 16:17:18 -08:00
Jeff Mitchell	22aeac2e8e	Add a space before the MFA super	2018-02-05 12:32:25 -05:00
Jeff Mitchell	d719a6c067	Move MFA to deprecated section, mark with a super	2018-02-05 12:32:21 -05:00
Jeff Mitchell	291df73f42	Minor grammatical update to MFA doc	2018-02-05 12:26:16 -05:00
Jeff Mitchell	ca9aed63bb	Mark old MFA as legacy/unsupported in sidebar	2018-02-05 11:47:59 -05:00
Jeff Mitchell	78ff2014fa	Make the MFA support status more clear for the legacy system	2018-02-04 19:25:27 -05:00
Yoko Hyakuna	2668ff95e8	Merge branch 'master' of github.com:hashicorp/vault into new-guides	2018-02-02 09:03:12 -08:00
George Christou	feb47cbf7f	website: Include `fish` as a supported shell (#3895 )	2018-02-02 10:34:48 -05:00
Yoko	79cb4c86cd	Merge branch 'master' into new-guides	2018-02-01 11:55:18 -08:00
Yoko Hyakuna	0c727dfe6d	Fixed a typo 'on-demand'	2018-02-01 10:00:18 -08:00
Yoko Hyakuna	15ba1142f7	Incorporated review comments	2018-02-01 09:50:59 -08:00
Vishal Nayak	1d310fadb6	docs/telemetry: remove merge conflict remnant (#3882 ) * remove merge conflict remnant * s/auth/authentication	2018-02-01 12:09:58 -05:00
Andy Manoske	b6a6ce6981	Merge branch 'master' into new-guides	2018-01-31 17:17:00 -08:00
Brian Shumate	15982cfa07	Correct cofiguration option in example (#3879 )	2018-01-31 13:41:31 -05:00
Yoko Hyakuna	f21b129a24	Replaced deprecated command	2018-01-31 09:27:14 -08:00
Yoko Hyakuna	53770fcf59	Replaced the deprecated commands with new ones	2018-01-30 10:46:27 -08:00
Jack Pearkes	8ca8b46c51	website: add note about the 0.9.2+ CLI changes to reduce confusion (#3868 ) * website: add note about the 0.9.2+ CLI changes to reduce confusion * website: fix frontmatter for 0.9.3 guide, add to guides index * website: add overview title to 0.9.3 guide for spacing	2018-01-30 13:30:47 -05:00
Yoko Hyakuna	0b45ad6a15	Merge master	2018-01-30 09:57:30 -08:00
Yoko Hyakuna	40da3e785c	resolved the file name conflict	2018-01-29 16:41:44 -08:00
Yoko Hyakuna	f251883109	Re-categorized the guides on the navigation	2018-01-26 15:13:15 -08:00
Jeff Mitchell	6d9efa1dac	Typo fixes on upgrading page	2018-01-26 16:11:25 -05:00
Jeff Mitchell	b637904ba5	Add 0.9.2 upgrade guide	2018-01-26 16:07:41 -05:00
Chris Bartlett	17e1b7538d	#3850 Fixed documentation for aws/sts ttl (#3851 )	2018-01-25 22:20:30 -05:00
Yoko Hyakuna	4cec1436ad	Fixed typos in the command	2018-01-25 15:07:35 -08:00
Yoko Hyakuna	80ef06137b	Fixed the sample admin policies	2018-01-24 22:15:40 -08:00
Yoko Hyakuna	50e997e8d3	Fixed the sample admin policies	2018-01-24 21:21:23 -08:00
Yoko Hyakuna	0dcb02fec7	Fixed the sample admin policies	2018-01-24 18:10:56 -08:00
Yoko Hyakuna	0a923b42c1	Added policy requirements & scenario diagrams	2018-01-24 16:01:44 -08:00
Andy Manoske	352e5937a5	Policy Feedback from PM	2018-01-24 11:47:31 -08:00
Yoko Hyakuna	a8469f89d8	Cleaned up the diagram	2018-01-23 16:22:17 -08:00
Yoko Hyakuna	0362995a30	More detailed descriptions were added	2018-01-23 15:43:07 -08:00
Vishal Nayak	4551b9250f	docs: Fix the expected type of metadata (#3835 )	2018-01-23 16:30:15 -05:00
Jeff Mitchell	a109e2a11e	Sync some bits over	2018-01-22 21:44:49 -05:00
Yoko Hyakuna	1f525a4cf9	WIP - new guides	2018-01-22 18:14:23 -08:00
Brian Shumate	28d6b91fe2	Update API endpoint references for revoke-prefix (#3828 )	2018-01-22 18:04:43 -05:00
Yoko Hyakuna	8c261067a6	WIP - Added personas	2018-01-18 17:40:35 -08:00
Yoko Hyakuna	93601bb786	WIP - new guides	2018-01-17 17:39:21 -08:00
Yoko Hyakuna	246202746a	WIP - new guides	2018-01-16 17:16:20 -08:00
Josh Giles	2b719ae6cd	Support JSON lists for Okta user groups+policies. (#3801 ) * Support JSON lists for Okta user groups+policies. Migrate the manually-parsed comma-separated string field types for user groups and user policies to TypeCommaStringSlice. This means user endpoints now accept proper lists as input for these fields in addition to comma-separated string values. The value for reads remains a list. Update the Okta API documentation for users and groups to reflect that both user group and user/group policy fields are list-valued. Update the Okta acceptance tests to cover passing a list value for the user policy field, and require the OKTA_API_TOKEN env var to be set (required for the "everyone" policy tests to pass). * Fix typo, add comma-separated docs.	2018-01-16 18:20:19 -05:00
Jake Scaltreto	2e51b1562b	Fix minor typo in word "certificate" (#3783 )	2018-01-15 15:52:41 -05:00
Paweł Słomka	276ad1f529	Cleanup of deprecated commands in tests, docs (#3788 )	2018-01-15 15:19:28 -05:00
Harrison Brown	7b7537d936	Suggested website copy changes (#3791 ) * Adds comma * Adds comma * Suggested copy change	2018-01-15 14:33:41 -05:00
Vishal Nayak	80c4bd45af	Delete group alias upon group deletion (#3773 )	2018-01-11 10:58:05 -05:00
Yoko Hyakuna	90442ef139	WIP - New Vault guides	2018-01-10 17:28:00 -08:00
Yoko Hyakuna	d89048c086	WIP - New Vault guides	2018-01-10 11:14:59 -08:00
Jeff Mitchell	0a2c911c03	Merge branch 'master-oss' into sethvargo/cli-magic	2018-01-10 11:15:49 -05:00
Yoko Hyakuna	f52f0e26b2	WIP - New Vault guides	2018-01-09 15:12:08 -08:00
Yoko Hyakuna	9750f4a772	WIP - New Vault guides	2018-01-09 15:06:00 -08:00
Laura Uva	9abac4fd93	Fixed the link to the section on generating DR operation token for promoting secondary. (#3766 )	2018-01-09 10:02:09 -06:00
Brian Shumate	9cac2a0ac1	Docs: add DR secondary/active HTTP 472 code (#3748 )	2018-01-03 15:07:36 -05:00
Jeff Mitchell	d6552a11cc	Merge branch 'master-oss' into sethvargo/cli-magic	2018-01-03 14:02:31 -05:00
Jon Davies	f57329a37a	s3.go: Added options to use paths with S3 and the ability to disable SSL (#3730 )	2018-01-03 12:11:00 -05:00
Brian Nuszkowski	326e1ab24c	Update '/auth/token/revoke-self' endpoint documentation to reflect the proper response code (#3735 )	2018-01-03 12:09:43 -05:00
Didi Kohen	ec8befbaac	Clarify that keybase is supported only in the CLI (#3744 )	2018-01-03 11:18:38 -05:00
dmwilcox	ad0a39dfe1	Update docs to reflect ability to load cold CA certs to output full chains. (#3740 )	2018-01-03 10:59:18 -05:00
Alexandre Nicastro	3108692119	docs: fix typo (change 'a' to 'an' - indefinite article) (#3741 )	2018-01-03 10:47:15 -05:00
markpaine	68f87ba6f6	Spelling correction. "specifig" -> "specific" (#3739 )	2018-01-03 10:38:55 -05:00
markpaine	6201056f11	Spelling correction "datatabse" -> "database" (#3738 )	2018-01-03 10:38:16 -05:00
Brian Shumate	f25f546eb9	Docs: Updated Telemetry documentation (#3722 )	2017-12-26 13:51:15 -05:00
Brian Shumate	2c5b6909c9	Update backend config docs - addresses #3718 (#3724 )	2017-12-26 13:48:45 -05:00
Jeff Mitchell	9c7e739ee7	Port website changes from ent side	2017-12-21 09:00:35 -05:00
Jeff Mitchell	b9714386a6	Bump vars for 0.9.1	2017-12-21 08:39:41 -05:00
Jeff Mitchell	f9f64572f5	Clarify control group APIs are enterprise only. Fixes #3702	2017-12-19 11:00:02 -05:00
Calvin Leung Huang	40b8314c4d	Add period and max_ttl to cert role creation (#3642 )	2017-12-18 15:29:45 -05:00
Roger Berlind	b5b77d29dc	Added example for Azure SQL Database (#3700 )	2017-12-18 13:55:56 -05:00
Travis Cosgrave	95328e2fb4	Use Custom Cert Extensions as Cert Auth Constraint (#3634 )	2017-12-18 12:53:44 -05:00
Jeff Mitchell	4f31ee7cc8	Merge branch 'master' into f-nomad	2017-12-18 12:23:39 -05:00
Ernest W. Durbin III	a6c0194b68	Correct documentation for Kubernetes Auth Plugin (#3708 )	2017-12-18 12:12:08 -05:00
James Nugent	7480287181	physical/dynamodb: Clarify ha_enabled type (#3703 ) The example in the documentation correctly passes a quoted boolean (i.e. true or false as a string) instead of a "real" HCL boolean. This commit corrects the parameter list to document that fact. While it would be more desirable to change the implementation to accept an unquoted boolean, it seems that the use of `hcl.DecodeObject` for parameters which are not common to all storage back ends would make this a rather more involved change than this necessarily warrants.	2017-12-18 09:30:29 -05:00
James Nugent	eb0cd8c29b	docs: Add correct method for mlock on systemd (#3704 ) Although the previously described method of running setcap works if setcap is available, the built-in LimitMEMLOCK directive is better.	2017-12-18 09:29:37 -05:00
Raja Nadar	bb667bf109	added the missing nonce and type fields (#3694 )	2017-12-17 16:26:07 -05:00
Chris Hoffman	737dbca37a	fixing up config to allow environment vars supported by api client	2017-12-17 09:10:56 -05:00
Chris Hoffman	6c19fa3b78	Merge remote-tracking branch 'oss/master' into f-nomad * oss/master: Add support for encrypted TLS key files (#3685)	2017-12-15 19:51:28 -05:00
Chris Hoffman	098c66a624	Add support for encrypted TLS key files (#3685 )	2017-12-15 17:33:55 -05:00
Chris Hoffman	152b6e4305	address some feedback	2017-12-15 17:06:56 -05:00
Jeff Mitchell	96b0c31de5	Merge branch 'master' into f-nomad	2017-12-14 16:44:28 -05:00
Vishal Nayak	c38f9884ce	Transit: backup/restore (#3637 )	2017-12-14 12:51:50 -05:00
Brian Shumate	6395252068	Docs: fix typo in libtool ltdl name and link to avoid confusion and note about arch (#3644 )	2017-12-11 13:42:19 -05:00
Brian Shumate	912ec80ad8	Docs: Update PKI URL config examples to FQDN — addresses #3606 (#3647 )	2017-12-11 13:25:59 -05:00
Chris Hoffman	628153979a	Converting key_usage and allowed_domains in PKI to CommaStringSlice (#3621 )	2017-12-11 13:13:35 -05:00
Paulo Ribeiro	a179a1804d	Remove duplicate link in ToC (#3671 )	2017-12-11 12:52:58 -05:00
Brian Shumate	62097160e5	Docs: Update PKI output examples - addresses #3606 (#3628 )	2017-12-11 11:57:07 -05:00
Jeff Mitchell	32a7503b89	Cross reference pki/cert in a few places.	2017-12-11 11:10:28 -05:00
Brad Sickles	dc70b1c21f	Adding mfa support to okta auth backend. (#3653 )	2017-12-07 14:17:42 -05:00
Brian Shumate	c767dc4ed6	Conditionally set file audit log mode (#3649 )	2017-12-07 11:44:15 -05:00
Mohsen	77fc89088d	Small typo relating to no_store in pki secret backend (#3662 ) * Removed typo :) * Corrected typo in the website related to no_store	2017-12-07 10:40:21 -05:00
Brian Kassouf	f700c64551	Remove the note about GKE from the Kubernetes docs (#3658 )	2017-12-06 13:38:00 -05:00
Calvin Leung Huang	a9e7dbb7b4	Support MongoDB session-wide write concern (#3646 ) * Initial work on write concern support, set for the lifetime of the session * Add base64 encoded value support, include docs and tests * Handle error from json.Unmarshal, fix test and docs * Remove writeConcern struct, move JSON unmarshal to Initialize * Return error on empty mapping of write_concern into mgo.Safe struct	2017-12-05 15:31:01 -05:00
Calvin Leung Huang	208dc55830	Clarify api_addr related errors on VaultPluginTLSProvider (#3620 ) * Mention api_addr on VaultPluginTLSProvider logs, update docs * Clarify message and mention automatic api_address detection * Change error message to use api_addr * Change error messages to use api_addr	2017-12-05 12:01:35 -05:00
Laura Uva	291edb9746	Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key (#3632 )	2017-12-04 12:12:58 -05:00
Brian Shumate	61eac778cc	Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629 )	2017-12-04 12:10:26 -05:00
Jeff Mitchell	063f3d575e	Update secrets page Fixes #3623	2017-12-04 12:05:34 -05:00
Jeff Mitchell	a898bd272d	Remove beta notice	2017-12-04 08:25:16 -08:00
Chris Hoffman	effeb02afa	Expanding on the quick start guide with how to set up an intermediate authority (#3622 )	2017-12-04 11:23:58 -05:00
Brian Shumate	0a53ea27bf	Docs: mlock() notes, fixes #3605 (#3614 )	2017-12-04 10:56:16 -05:00
crdotson	9692cde57f	Fix spelling (#3609 ) changed "aomma" to "comma"	2017-12-04 10:53:58 -05:00
csawyerYumaed	e2cdbf4913	update relatedtools, add Goldfish UI. (#3597 ) Add link to Goldfish a web UI for Vault.	2017-12-04 10:51:16 -05:00
Paul Pieralde	3b56130f10	Fix docs for Transit API (#3588 )	2017-12-04 10:34:05 -05:00
Jeff Mitchell	14b43deb05	Update cassandra docs with consistency value. Fixes #3361	2017-12-02 14:18:23 -05:00
Marc Sensenich	100ec6c292	Remove Trailing White space in Kubernetes Doc (#3360 ) Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example ``` vault write auth/kubernetes/role/demo \ bound_service_account_names=vault-auth \ bound_service_account_namespaces=default \ policies=default \ ttl=1h ```	2017-12-02 14:12:39 -05:00
immutability	b64a416101	Missing command for vault PUT operation (#3355 )	2017-12-02 13:43:37 -05:00
Jeff Mitchell	49af594287	Update some rekey docs Fixes #3306	2017-12-02 13:34:52 -05:00
Nicolas Corrarello	ea66973fcb	Fix docs up to current standards Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 16:53:42 +00:00
Nicolas Corrarello	12e77fac51	Rename policy into policies	2017-11-29 16:31:17 +00:00
Nicolas Corrarello	a3df394134	Pull master into f-nomad Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>	2017-11-29 15:56:37 +00:00
Laura Uva	d3a2844a75	Added clarification to KV documentation about default CLI behavior and how to preserve non-string type values (#3596 )	2017-11-27 11:43:49 -05:00
Brian Shumate	4e69240ad2	Docs: policy update for multiple policies, fixes #3611 (#3613 )	2017-11-27 09:54:38 -05:00
mariachugunova	1d2a38028a	Fix typo in s3 storage backend docs (#3603 )	2017-11-23 13:28:33 -08:00
Vishal Nayak	0f8e4c826c	docs: encryption/decryption now supports asymmetric keys (#3599 )	2017-11-21 12:25:28 -05:00
Jeff Mitchell	09740f8525	Update upgrade guide with HSM info	2017-11-16 11:04:46 -05:00
Vishal Nayak	0fccc908d0	Docs: Remove 'none' as algorithm options (#3587 )	2017-11-15 09:09:45 -05:00
Jeff Mitchell	89809168fe	Add now-necessary mfa import to sentinel MFA example	2017-11-14 21:42:43 -05:00
Brian Kassouf	f67feaea20	Add token_reviewer_jwt to the kubernetes docs (#3586 )	2017-11-14 13:27:09 -08:00
Chris Hoffman	95d4f68d26	adding licensing docs (#3585 )	2017-11-14 16:15:09 -05:00
Paul Pieralde	ce49d77f86	Docs change for Policy API (#3584 ) vault 0.9.0 deprecated the term `rules` in favor of the term `policy` in several of the /sys/policy APIs. The expected return state of 200 SUCCESS_NO_DATA only happens if the `policy` term is used. A response including the deprecation notice and a 204 SUCCESS_WITH_DATA status code is returned when `rules` is applied.	2017-11-14 14:26:26 -05:00
Vishal Nayak	e9ebdca66d	Upgrade to 0.9 (#3583 ) * Upgrade to 0.9 * Add link to sidebar * Remove items that were already in 0.8 upgrade guide	2017-11-14 13:32:09 -05:00
Vishal Nayak	16b1cbacc1	Doc: Add groups to identity concepts (#3581 ) * Add groups to the concepts page * s/pulled-in and pulled-out/synced against * Remove double spaces	2017-11-14 13:27:49 -05:00
Seth Vargo	355fc65464	Flip seal pages upside down to put examples first	2017-11-14 13:12:35 -05:00
Seth Vargo	09366b573c	Add an auto-unseal page to the docs This helps with SEO and also is where I'd expect auto unsealing to be referenced.	2017-11-14 13:12:20 -05:00
Seth Vargo	249417481f	Use super to show enterprise	2017-11-14 13:11:55 -05:00
Jeff Mitchell	8a9d2e7df9	Minor website wording updates	2017-11-14 12:34:28 -05:00
Jeff Mitchell	e56f1beda9	Fix some broken links	2017-11-14 12:32:03 -05:00
Jeff Mitchell	f056cf9119	Sync docs	2017-11-14 06:13:11 -05:00
Vishal Nayak	b659e94a3b	API refactoring and doc updates (#3577 ) * Doc updates and API refactoring * fix tests * change metadata fieldtype to TypeKVPairs * Give example for TypeKVPairs in CLI for metadata * Update API docs examples to reflect the native expected value for TypeKVPairs * Don't mention comma separation in the docs for TypeCommaStringSlice * s/groups/group; s/entities/entity; s/entity-aliases/entity-alias; s/group-aliases/group-alias * Address review feedback * Fix formatting * fix sidebar links	2017-11-13 20:59:42 -05:00
Laura Uva	c09165b5ff	Updated the Replication guide to make it clear that it is focused on Performance Replication. Added a link to our general info page for information on DR Replication. Removed some statements about DR not being available yet. (#3502 )	2017-11-13 11:55:04 -05:00
Brian Shumate	ac95095a99	DOCS: Update telemetry docs - fixes #3557 (#3571 )	2017-11-13 09:58:04 -05:00
Calvin Leung Huang	56b5c8e8bd	Docs update related to new top-level config values (#3556 ) * Add new top level config value docs, add VAULT_API_ADDR, purge old references * Fix indentation * Update wording on ha.html * Add section on split data/HA mode * Fix grammar	2017-11-10 20:06:07 -05:00
Vishal Nayak	31484b7d55	transit doc update (#3564 )	2017-11-09 16:17:54 -05:00
James Soubry	859bd4fa1d	Fix curl commands (#3558 ) Curl commands require HCL within JSON to work.	2017-11-09 10:16:09 -05:00
Calvin Leung Huang	b9348ebf4c	Add docs for /sys/rekey-recovery-key (#3520 )	2017-11-08 14:22:30 -05:00
Paul Pieralde	91d2c05a34	Doc fix for Create/Update Token API (#3548 ) `orphan` is intended to be default to False. Docs indicate this is default to True. Simple change to update the docs only.	2017-11-07 18:06:44 -05:00
Joel Thompson	50aa3d9e1f	auth/aws: Make disallow_reauthentication and allow_instance_migration mutually exclusive (#3291 )	2017-11-06 17:12:07 -05:00
Chris Hoffman	cbe172fb65	minor cleanup	2017-11-06 16:34:20 -05:00
Jonathan Freedman	a40f8c40e6	More Mount Conflict Detection (#2919 )	2017-11-06 15:29:09 -05:00
Gregory Reshetniak	81e18aeccd	added AWS enpoint handling (#3416 )	2017-11-06 13:31:38 -05:00
Calvin Leung Huang	447d13ec39	Add note on support for using rec keys on /sys/rekey (#3517 )	2017-11-06 12:18:15 -05:00
Jason Antman	ee438809d6	Add third party tools list to website (#3488 )	2017-11-06 12:11:02 -05:00
Jeff Mitchell	33cf98026e	Add PKCS8 marshaling to PKI (#3518 )	2017-11-06 12:05:07 -05:00
Nicolas Corrarello	f9c30bff20	Updated documentation	2017-11-06 15:13:50 +00:00
Calvin Leung Huang	22e156712c	Update SSH list roles docs (#3536 )	2017-11-03 18:00:46 -04:00
Vishal Nayak	d5ad857a86	Capabilities responds considering policies on entities and groups (#3522 ) * Capabilities endpoint will now return considering policies on entities and groups * refactor the policy derivation into a separate function * Docs: Update docs to reflect the change in capabilities endpoint	2017-11-03 11:20:10 -04:00
Vishal Nayak	4d3b3bed08	docs: s/persona/alias (#3529 )	2017-11-03 11:17:59 -04:00
Vishal Nayak	ced60dbc0c	Encrypt/Decrypt/Sign/Verify using RSA in Transit backend (#3489 ) * encrypt/decrypt/sign/verify RSA * update path-help and doc * Fix the bug which was breaking convergent encryption * support both 2048 and 4096 * update doc to contain both 2048 and 4096 * Add test for encrypt, decrypt and rotate on RSA keys * Support exporting RSA keys * Add sign and verify test steps * Remove 'RSA' from PEM header * use the default salt length * Add 'RSA' to PEM header since openssl is expecting that * export rsa keys as signing-key as well * Comment the reasoning behind the PEM headers * remove comment * update comment * Parameterize hashing for RSA signing and verification * Added test steps to check hash algo choice for RSA sign/verify * fix test by using 'prehashed'	2017-11-03 10:45:53 -04:00
Vishal Nayak	7ca73556e4	docs: Add config/ca delete operation (#3525 )	2017-11-03 06:19:21 -04:00
Chris Hoffman	ed8cf070c9	Add ability to require parameters in ACLs (#3510 )	2017-11-02 07:18:49 -04:00
Nicolas Corrarello	3a0d7ac9a6	Unifying Storage and API path in role	2017-10-31 21:06:10 +00:00
Nicolas Corrarello	482d73aebe	Minor/Cosmetic fixes	2017-10-31 19:11:24 +00:00
Nathan Valentine	ad6b4df9a8	Should these names not reference Vault? (#3506 ) Since we are in the Vault docs, should these names not reference Vault instead of Nomad?	2017-10-30 11:04:38 -05:00
Jeff Mitchell	bba371c7de	Fix C&P in docs. Fixes #3454	2017-10-27 16:43:26 -04:00
Vishal Nayak	30aab2aa2f	aws-ec2: Avoid audit logging of custom nonces (#3381 )	2017-10-27 11:23:15 -04:00
smeach	6157a89f1b	Updated cli arg to reflect text description (#3487 )	2017-10-27 09:44:56 -05:00
AJ Bourg	e26573cb78	Add a doc for the token helper (#3411 ) * Add token helper docs. * Update it so the new token helpers page appears in the navigation.	2017-10-27 09:42:33 -05:00
Christophe Tafani-Dereeper	f8e6f9ed70	Correct typos in the sys/raw documentation (#3484 )	2017-10-24 10:33:57 -04:00
Seth Vargo	50caac0bb6	More naming cleanup	2017-10-24 09:35:03 -04:00
Seth Vargo	9bb7ccd988	Update guides to use new CLI commands	2017-10-24 09:34:30 -04:00
Seth Vargo	ec79e1ddde	Update getting started walkthrough	2017-10-24 09:34:30 -04:00
Seth Vargo	e118a16f63	Oops typo	2017-10-24 09:34:30 -04:00
Seth Vargo	1c9dadd1f7	Remove more references to auth backend	2017-10-24 09:34:12 -04:00
Seth Vargo	94fdc0e7d2	Update k8s documentation	2017-10-24 09:34:12 -04:00
Seth Vargo	23d1d9a1ac	Resolve the most painful merge conflict known on earth	2017-10-24 09:34:12 -04:00
Seth Vargo	39097c80d6	Remove ?list examples They are documented in the overall API section, but people should get used to seeing LIST as a verb	2017-10-24 09:32:15 -04:00
Seth Vargo	7eb406f24f	Remove smaller font on embedded code snippets	2017-10-24 09:32:15 -04:00
Seth Vargo	b8e4b0d515	Standardize on "auth method" This removes all references I could find to: - credential provider - authentication backend - authentication provider - auth provider - auth backend in favor of the unified: - auth method	2017-10-24 09:32:15 -04:00
Seth Vargo	965b8809e3	Audit backend -> device	2017-10-24 09:30:52 -04:00
Seth Vargo	fc0ba28051	Add new commands to the sidebar	2017-10-24 09:30:52 -04:00
Seth Vargo	9ae01f1e6a	Absorb help and read-write into index	2017-10-24 09:30:52 -04:00
Seth Vargo	aaeacc291a	Add "write" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	878f80e47f	Add "unwrap" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	a282ac98f2	Add "token" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	0783fe73fd	Add "status" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	a0d67d8540	Add "ssh" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	914321259a	Add "server" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	b046a6bcdd	Add "secrets" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	8e0eeade04	Add "read" command documentation	2017-10-24 09:30:52 -04:00
Seth Vargo	66448e3f82	Add "policy" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	7a88b59414	Update "path-help" documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	f3fc20b64b	Add "operator" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	afd289f65a	Add "login" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	737540b9ba	Add "list" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	53f3db41b6	Add "lease" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	9d6cae1f5d	Add "delete" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	e776921f96	Add "auth" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	0844c285b2	Add "audit" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	0024eca6b1	Add "token revoke" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	46b3f74988	Add "token renew" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	15b6cbf9e5	Add "token lookup" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	b8987e00c7	Add "token create" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	36b6563867	Add "token capabilities" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	ee6849c01c	Add "secrets tune" command documentation	2017-10-24 09:30:51 -04:00
Seth Vargo	bfaabc5cae	Add "secrets move" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	4f5a073a62	Add "secrets list" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	7e9c0004b4	Add "secrets enable" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	872ccb49cf	Add "secrets disable" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	44ea6f47d0	Add "policy write" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	88524e1f00	Add "policy read" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	7d96e6cc4e	Add "policy list" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	0dc501cc9b	Add "policy fmt" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	2217c037d7	Add "policy delete" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	ca7a0a5d4d	Add "operator unseal" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	ccb3bec2a5	Add "operator step-down" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	eaf634ca34	Add "operator seal" command documentation	2017-10-24 09:30:50 -04:00
Seth Vargo	cfc0940a23	Add "operator rotate" command documentation	2017-10-24 09:30:50 -04:00

... 9 10 11 12 13 ...

2583 Commits