mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-17 03:57:01 +02:00
Code Issues Projects Releases Wiki Activity
10,305 Commits 2,844 Branches 445 Tags 454 MiB
9be1128201
Commit Graph

125 Commits

Author SHA1 Message Date
Calvin Leung Huang
c54c9519c8
Passthrough request headers (#4172) 
* Add passthrough request headers for secret/auth mounts

* Update comments

* Fix SyncCache deletion of passthrough_request_headers

* Remove debug line

* Case-insensitive header comparison

* Remove unnecessary allocation

* Short-circuit filteredPassthroughHeaders if there's nothing to filter

* Add whitelistedHeaders list

* Update router logic after merge

* Add whitelist test

* Add lowercase x-vault-kv-client to whitelist

* Add back const

* Refactor whitelist logic
 2018-03-21 19:56:47 -04:00
Brian Shumate
6c0b238459 Docs: update formatting / heading (#4175) 
- Correct Generate Disaster Recovery Operation Token heading level
- Tighten up formatting/trailing spaces
 2018-03-21 10:14:52 -04:00
Josh Soref
e43b76ef97 Spelling (#4119) 2018-03-20 14:54:10 -04:00
Jason Martin
7054005e9f README Spelling error (#4165) 2018-03-20 11:45:56 -04:00
Calvin Leung Huang
034f83f1cd
Audit HMAC values on AuthConfig (#4077) 
* Add audit hmac values to AuthConfigInput and AuthConfigOutput, fix docs

* docs: Add ttl params to auth enable endpoint

* Rewording of go string to simply string

* Add audit hmac keys as CLI flags on auth/secrets enable

* Fix copypasta mistake

* Add audit hmac keys to auth and secrets list

* Only set config values if they exist

* Fix http sys/auth tests

* More auth plugin_name test fixes

* Pass API values into MountEntry's config when creating auth/secrets mount

* Update usage wording
 2018-03-09 14:32:28 -05:00
Calvin Leung Huang
01eecf9d1a
Non-HMAC audit values (#4033) 
* Add non-hmac request keys

* Update comment

* Initial audit request keys implementation

* Add audit_non_hmac_response_keys

* Move where req.NonHMACKeys gets set

* Minor refactor

* Add params to auth tune endpoints

* Sync cache on loadCredentials

* Explicitly unset req.NonHMACKeys

* Do not error if entry is nil

* Add tests

* docs: Add params to api sections

* Refactor audit.Backend and Formatter interfaces, update audit broker methods

* Add audit_broker.go

* Fix method call params in audit backends

* Remove fields from logical.Request and logical.Response, pass keys via LogInput

* Use data.GetOk to allow unsetting existing values

* Remove debug lines

* Add test for unsetting values

* Address review feedback

* Initialize values in FormatRequest and FormatResponse using input values

* Update docs

* Use strutil.StrListContains

* Use strutil.StrListContains
 2018-03-02 12:18:39 -05:00
Jeff Mitchell
90f245995a Document primary_email in Okta mfa path 2018-03-02 11:54:21 -05:00
Jeff Mitchell
9c5e90cb0a Actually add PingID to the index of API pages 2018-03-02 11:49:48 -05:00
Vishal Nayak
5ede80de1c
update sys/capabilities docs (#4059) 2018-03-01 11:42:39 -05:00
Jeff Mitchell
e7524b816d Add the ability to use multiple paths for capability checking (#3663) 
* Add the ability to use multiple paths for capability checking. WIP
(tests, docs).

Fixes #3336

* Added tests

* added 'paths' field

* Update docs

* return error if paths is not supplied
 2018-03-01 11:14:56 -05:00
Jeff Mitchell
e118ae30ba Fix formatting on sys/health docs 2018-02-22 10:52:12 -05:00
Calvin Leung Huang
11d15895f9
Add description param on tune endpoints (#4017) 2018-02-21 17:18:05 -05:00
Jeff Mitchell
a109e2a11e Sync some bits over 2018-01-22 21:44:49 -05:00
Jeff Mitchell
0a2c911c03 Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-10 11:15:49 -05:00
Laura Uva
9abac4fd93 Fixed the link to the section on generating DR operation token for promoting secondary. (#3766) 2018-01-09 10:02:09 -06:00
Brian Shumate
9cac2a0ac1 Docs: add DR secondary/active HTTP 472 code (#3748) 2018-01-03 15:07:36 -05:00
Jeff Mitchell
d6552a11cc Merge branch 'master-oss' into sethvargo/cli-magic 2018-01-03 14:02:31 -05:00
Jeff Mitchell
f9f64572f5 Clarify control group APIs are enterprise only. 
Fixes #3702
 2017-12-19 11:00:02 -05:00
Raja Nadar
bb667bf109 added the missing nonce and type fields (#3694) 2017-12-17 16:26:07 -05:00
Brian Shumate
61eac778cc Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629) 2017-12-04 12:10:26 -05:00
Jeff Mitchell
a898bd272d
Remove beta notice 2017-12-04 08:25:16 -08:00
Chris Hoffman
95d4f68d26
adding licensing docs (#3585) 2017-11-14 16:15:09 -05:00
Paul Pieralde
ce49d77f86 Docs change for Policy API (#3584) 
vault 0.9.0 deprecated the term `rules` in favor of the
term `policy` in several of the /sys/policy APIs.

The expected return state of 200 SUCCESS_NO_DATA only happens
if the `policy` term is used. A response including the
deprecation notice and a 204 SUCCESS_WITH_DATA status code
is returned when `rules` is applied.
 2017-11-14 14:26:26 -05:00
Jeff Mitchell
f056cf9119 Sync docs 2017-11-14 06:13:11 -05:00
Calvin Leung Huang
b9348ebf4c Add docs for /sys/rekey-recovery-key (#3520) 2017-11-08 14:22:30 -05:00
Calvin Leung Huang
447d13ec39
Add note on support for using rec keys on /sys/rekey (#3517) 2017-11-06 12:18:15 -05:00
Vishal Nayak
d5ad857a86
Capabilities responds considering policies on entities and groups (#3522) 
* Capabilities endpoint will now return considering policies on entities and groups

* refactor the policy derivation into a separate function

* Docs: Update docs to reflect the change in capabilities endpoint
 2017-11-03 11:20:10 -04:00
Vishal Nayak
4d3b3bed08
docs: s/persona/alias (#3529) 2017-11-03 11:17:59 -04:00
Christophe Tafani-Dereeper
f8e6f9ed70 Correct typos in the sys/raw documentation (#3484) 2017-10-24 10:33:57 -04:00
Seth Vargo
50caac0bb6
More naming cleanup 2017-10-24 09:35:03 -04:00
Seth Vargo
23d1d9a1ac
Resolve the most painful merge conflict known on earth 2017-10-24 09:34:12 -04:00
Seth Vargo
39097c80d6
Remove ?list examples 
They are documented in the overall API section, but people should get used to seeing LIST as a verb
 2017-10-24 09:32:15 -04:00
Seth Vargo
b8e4b0d515
Standardize on "auth method" 
This removes all references I could find to:

- credential provider
- authentication backend
- authentication provider
- auth provider
- auth backend

in favor of the unified:

- auth method
 2017-10-24 09:32:15 -04:00
Seth Vargo
9b18a8ab20
Document mount types/values 2017-10-24 09:28:05 -04:00
Chris Hoffman
49df3d67e5 copying general purpose tools from transit backend to /sys/tools (#3391) 2017-10-20 10:59:17 -04:00
Alex Dadgar
b314c13882 Fix spelling errors (#3390) 2017-09-28 07:54:40 -04:00
Calvin Leung Huang
7e21bb3b5e Clarify backup data that is being stored (#3345) 2017-09-19 07:44:34 -05:00
Laura Uva
0f71b482d8 Updated https://www.vaultproject.io/api/system/replication-dr.html#generate-dr-secondary-token to be a POST rather than GET. This was reported by a customer and I confirmed that this should be a logical.UpdateOperation rather than ReadOperation (24f2b961fd/vault/replication_api.go (L121)). (#3342) 2017-09-15 16:19:16 -04:00
Chris Hoffman
3aa68c0034 Adding support for base_url for Okta api (#3316) 
* Adding support for base_url for Okta api

* addressing feedback suggestions, bringing back optional group query

* updating docs

* cleaning up the login method

* clear out production flag if base_url is set

* docs updates

* docs updates
 2017-09-15 00:27:45 -04:00
Chris Hoffman
4a8c33cca3 Disable the sys/raw endpoint by default (#3329) 
* disable raw endpoint by default

* adding docs

* config option raw -> raw_storage_endpoint

* docs updates

* adding listing on raw endpoint

* reworking tests for enabled raw endpoints

* root protecting base raw endpoint
 2017-09-15 00:21:35 -04:00
Paul Pieralde
7cb3ff1fb8 Fixed docs to reflect correct HTTP method for /sys/config/auditing endpoing (#3331) 
Updated documentation to reflect "Read Single Audit Request Header" endpoint is GET-based.
 2017-09-13 11:59:27 -07:00
Eugene Bekker
176bf9305a Fixing the response sample for reading a plugin (#3278) 
The plugin config data properties are returned immediately within the response's `data` object.
 2017-09-01 08:34:54 -04:00
Calvin Leung Huang
d10075e0fd Normalize plugin_name option for mount and enable-auth (#3202) 2017-08-31 12:16:59 -04:00
Jon Benson
542d4cda62 Fix typo (#3237) 2017-08-25 09:51:33 -04:00
Chris Hoffman
a7105536d6 Add GET variant on LIST endpoints (#3232) 2017-08-23 17:59:22 -04:00
Jeff Mitchell
7c6e18d71e plugins/backend/reload -> plugins/reload/backend (#3186) 2017-08-16 12:40:38 -04:00
Calvin Leung Huang
527e23411d Fix plugin docs (#3185) 
* Fix plugin docs

* Add plugin_name to auth endpoint
 2017-08-16 12:36:46 -04:00
Jeff Mitchell
a7f3f40f9e * Add ability to specify a plugin dir in dev mode (#3184) 
* Change (with backwards compatibility) sha_256 to sha256 for plugin
registration
 2017-08-16 11:17:50 -04:00
Jeff Mitchell
443df65ae5 Add PingID MFA docs (#3182) 2017-08-15 22:01:34 -04:00
Jeff Mitchell
9943ded915 Fix broken url in replication performance docs 2017-08-11 16:03:05 -04:00
Vishal Nayak
f2cf43b01c docs: API docs for TOTP, Okta and Duo MFA (#3129) 
* docs: API docs for TOTP, Okta and Duo MFA

* docs: List types in the MFA main page
 2017-08-08 20:20:37 -04:00
Calvin Leung Huang
ffc7901d88 Add plugin backends docs (#3125) 
* Add docs on plugins/backend/reload, add plugin backend guide

* Fix docs headers

* Fix API endpoint description

* Update plugin guide and internals pages
 2017-08-08 12:39:19 -04:00
Matthew Irish
36d7719e63 update dr replication docs with the promotion response (#3124) 2017-08-07 09:59:46 -05:00
Aaron Salvo
b837a1f4ef Set allowed headers via API instead of defaulting to wildcard. (#3023) 2017-08-07 10:03:30 -04:00
Seth Vargo
8726b2ceab Fix formatting in mfa docs (#3122) 2017-08-07 09:55:17 -04:00
Vishal Nayak
cac8189196 docs: MFA API (#3109) 2017-08-03 23:32:22 -04:00
Calvin Leung Huang
15634f3b6e Store original request path in WrapInfo (#3100) 
* Store original request path in WrapInfo as CreationPath

* Add wrapping_token_creation_path to CLI output

* Add CreationPath to AuditResponseWrapInfo

* Fix tests

* Add and fix tests, update API docs with new sample responses
 2017-08-02 18:28:58 -04:00
Jeff Mitchell
95ce578842 Add leader cluster address to status/leader output. (#3061) 
* Add leader cluster address to status/leader output. This helps in
identifying a particular node when all share the same redirect address.

Fixes #3042
 2017-07-31 18:25:27 -04:00
Chris Hoffman
717ab28e29 adding filtered mount docs (#3059) 2017-07-27 09:28:52 -04:00
Brian Kassouf
a9d4b887e3 Add docs for DR Replication (#3067) 
* Add docs for DR Replication

* Fix up docs
 2017-07-26 13:47:41 -07:00
Jeff Mitchell
203807aea7 Revert "Remove wrapping/wrap from default policy and add a note about guarantees (#2957)" (#3008) 
This reverts commit b2d2459711.
 2017-07-13 18:47:29 -04:00
Jeff Mitchell
b2d2459711 Remove wrapping/wrap from default policy and add a note about guarantees (#2957) 2017-07-13 15:29:04 -07:00
Brian Shumate
2a534bad74 DOCS: Update API docs for /sys/generate-root (#2978) 
- Fix invalid JSON example
 2017-07-07 08:25:32 -04:00
Jeff Mitchell
27e584c2ce Fix up CORS. 
Ref #2021
 2017-06-17 01:26:25 -04:00
Dan Brown
25fd17a9c1 Docs typo fixes (#2830) 
* Fix passing payload.json file to curl

* Correct API endpoint
 2017-06-07 10:02:58 -04:00
Jeff Mitchell
eecebf88e3 Fix revoke-secondary API addr 2017-05-19 00:53:49 -04:00
Brian Kassouf
55f1f5116a Merge remote-tracking branch 'oss/master' into database-refactor 2017-05-04 10:45:18 -07:00
Chris Hoffman
4490e93395 Add the ability to view and list of leases metadata (#2650) 2017-05-03 22:03:42 -04:00
Brian Kassouf
311acb34a5 Add the plugins catalog API docs 2017-05-03 11:43:24 -07:00
Cameron Stokes
91366e256c Add local flag to docs for API endpoints. (#2625) 2017-04-28 14:33:27 -04:00
Ryan Smith-Evans
c58e4f0817 Added required header (#2656) 2017-04-28 08:56:14 -04:00
Chris Hoffman
804bca7bcd Updating revoke/renew to prefer PUT method (#2646) 2017-04-27 10:47:43 -04:00
Phil Watts
e79bdb2dbe Update revoke.html.md (#2604) 
Changed param's description verb from renew to revoke, to match the page context.
 2017-04-17 12:40:24 -04:00
Matthew Irish
774c3bfdbc replication is an enterprise-only feature (#2514) 2017-03-21 13:30:27 -04:00
Seth Vargo
f64bf8d183
/docs/http -> /api 2017-03-17 14:06:03 -04:00