* Add naming restriction
* Update website/content/docs/enterprise/namespaces.mdx
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
* Use sentence case for heading
---------
Co-authored-by: Jonathan Frappier <92055993+jonathanfrappier@users.noreply.github.com>
* Refactor `identity/mfa/method/*` endpoints to fix bad OpenAPI
There is a problem with how the `identity/mfa/method/*` endpoints are
defined, resulting in incorrect OpenAPI generation.
I raised hashicorp/vault-client-go#180 to track a consequence, and
opened #20873 which explains the problem and adds a log message to
detect it.
This PR is now the fix.
It's actually quite an interesting problem, that has come about through
some particular implementation choices, in Vault's first/only case where
REST API objects are created by writing to the collection URL, and have
their ID allocated by the server, instead of the client.
The triggering cause of the malfunction was trying to have a single
framework.Path struct instance which optionally includes or excludes the
method_id path parameter, and also another framework.Path struct
instance handling list operations.
The fix is to simplify the path regexes, and have one framework.Path
which handles the method_id being present, and one that handles it being
absent.
The diff is somewhat large, because the affected code had been
copy/pasted four times (TOTP, Okta, Duo, PingID) - so I took the
opportunity to fix the duplication, creating appropriate helper methods
so that the quadruplicated code could be re-unified.
* Revise documentation
This update refactors how the documentation presents these endpoints to
users, both for clarity, and to align with the new structure of the
code.
From a user perspective, it clears up some unclear presentation of when
the `method_id` parameter should and should not be present, adds
a missing description of the response to create requests, and changes
the `method_id` parameter name to be used consistently (rather than `id`
in some cases, unlike the actual code/OpenAPI).
* Fix incorrect acronym (review fix)
* Accept suggestion of tweaked grammar in documentation
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Add changelog
---------
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
These don't do anything but reject requests:
> The server will not issue certificates for the identifier:
> role (something) will not issue certificate for name
> xps15.local.cipherboy.com
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add notes on PKI performance and key types
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add ACME Public Internet section
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note on importance of tidy
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note on cluster scalability
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note about server log location
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Fix ToC, finish public ACME discussion
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note on role restrictions and ACLs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note on security considerations of ACME
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add consideration note about cluster URLs
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note on 90 day certificates
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Add note about client counts and ACME
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
---------
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
* Update docs for new 1.14 ACME health checks
* Remove wording about informational warning only
- The health check can report back warnings if permissions are an issue
or if the local cluster configuration is missing.
* first pass at docs
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* try to add anchors
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* links didn't work correctly, just remove
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add partial
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* use new style
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add to index
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* edit index
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* add config
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* update file name
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* more changes from PR review
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* updated name
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* convert to old paragraph markers
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* add link
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* exec -> process supervisor
* exec -> process supervisor
* "full stop"
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* little blurb about exit behavior
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* grammar
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Apply suggestions from code review
* add link
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* expand the config section
* add env_template example
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* expand config description
* fix links
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* config example
* doesn't support anchors?
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* update functionality
* Update website/content/docs/agent-and-proxy/agent/process-supervisor.mdx
Co-authored-by: Daniel Huckins <dhuckins@users.noreply.github.com>
* Update website/content/docs/agent-and-proxy/agent/process-supervisor.mdx
* fix link
* move process supervisor mode in alphabetical order
* reference templating language
---------
Signed-off-by: Daniel Huckins <dhuckins@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
Co-authored-by: Anton Averchenkov <anton.averchenkov@hashicorp.com>
* [docs] Remove beta tag and update example code, add HCP as a supported platform.
* [docs] extend vault secrets operator secret CRD examples (#20913)
* [docs] update helm docs for vso GA (#21150)
* [docs] Add some initial telemetry documentation (#21144)
* [docs] update api reference for VSO (#21153)
---------
Co-authored-by: Thy Ton <maithytonn@gmail.com>
* S3 Auto-Snapshot IAM Roles EKS Incompatibility Footnote
This is a common source of confusion for customers when setting up S3 auto snapshots on EKS.
Currently internal feature request 0/1182317814772514/1200126608980599 is open for this.
By adding this footnote, we will save our customer's time spent attempting to configure an unsupported feature.
* Minor updates
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
