9692 Commits

Author SHA1 Message Date
Jeff Mitchell
ee89aa1e3b
allowed/disallowed_policies as TypeCommaStringSlice (#3641)
Our docs apparently claim that this is a list, but the code is
string-only. This fixes that discrepancy.
2017-12-04 12:47:05 -05:00
Laura Uva
291edb9746 Update example payload and response for pem_keys field which needs \n after header and before footer in order to be accepted as a valid RSA or ECDSA public key (#3632) 2017-12-04 12:12:58 -05:00
Brian Shumate
61eac778cc Docs: Update /sys/policies/ re: beta refs to address #3624 (#3629) 2017-12-04 12:10:26 -05:00
Jeff Mitchell
063f3d575e
Update secrets page
Fixes #3623
2017-12-04 12:05:34 -05:00
Jeff Mitchell
a898bd272d
Remove beta notice 2017-12-04 08:25:16 -08:00
Chris Hoffman
effeb02afa Expanding on the quick start guide with how to set up an intermediate authority (#3622) 2017-12-04 11:23:58 -05:00
Brian Shumate
0a53ea27bf Docs: mlock() notes, fixes #3605 (#3614) 2017-12-04 10:56:16 -05:00
crdotson
9692cde57f Fix spelling (#3609)
changed "aomma" to "comma"
2017-12-04 10:53:58 -05:00
Chris White
b94916c570 Add command to example to register plugin (#3601)
The example command to register the plugin into the plugin catalog was missing the command.
2017-12-04 10:52:30 -05:00
csawyerYumaed
e2cdbf4913 update relatedtools, add Goldfish UI. (#3597)
Add link to Goldfish a  web UI for Vault.
2017-12-04 10:51:16 -05:00
Paul Pieralde
3b56130f10 Fix docs for Transit API (#3588) 2017-12-04 10:34:05 -05:00
Jeff Mitchell
14b43deb05 Update cassandra docs with consistency value.
Fixes #3361
2017-12-02 14:18:23 -05:00
Marc Sensenich
100ec6c292 Remove Trailing White space in Kubernetes Doc (#3360)
Removed a trailing white space from which caused `Error loading data: Invalid key/value pair ' ': format must be key=value` if copying the example

```
vault write auth/kubernetes/role/demo \
    bound_service_account_names=vault-auth \
    bound_service_account_namespaces=default \
    policies=default \
    ttl=1h
```
2017-12-02 14:12:39 -05:00
immutability
b64a416101 Missing command for vault PUT operation (#3355) 2017-12-02 13:43:37 -05:00
Jeff Mitchell
49af594287 Update some rekey docs
Fixes #3306
2017-12-02 13:34:52 -05:00
Jeff Mitchell
93f090c2ef changelog++ 2017-12-01 17:11:58 -05:00
Jeff Mitchell
276a230bde
Move location of quit channel closing in exp manager (#3638)
* Move location of quit channel closing in exp manager

If it happens after stopping timers any timers firing before all timers
are stopped will still run the revocation function. With plugin
auto-crash-recovery this could end up instantiating a plugin that could
then try to unwrap a token from a nil token store.

This also plumbs in core so that we can grab a read lock during the
operation and check standby/sealed status before running it (after
grabbing the lock).

* Use context instead of checking core values directly

* Use official Go context in a few key places
2017-12-01 17:08:38 -05:00
Jeff Mitchell
eed45793b9
Re-add some functionality lost during last dep update (#3636) 2017-12-01 10:18:26 -05:00
Jeff Mitchell
c2cef877f4 Port over some changes 2017-11-30 09:43:07 -05:00
Jeff Mitchell
f6839fb9d6 Add some delay to postgres create user test to verify expiration isn't immediate 2017-11-30 09:35:47 -05:00
Nicolas Corrarello
884e25035f
Adding SealWrap configuration, protecting the config/access path
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 21:53:21 +00:00
Nicolas Corrarello
ea66973fcb
Fix docs up to current standards
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:53:42 +00:00
Nicolas Corrarello
12e77fac51
Rename policy into policies 2017-11-29 16:31:17 +00:00
Nicolas Corrarello
0780c6250b
Checking if client is not nil before deleting token
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:23:03 +00:00
Nicolas Corrarello
66840ac4db
%q quotes automatically
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 16:19:31 +00:00
Nicolas Corrarello
9d78bfa721
Refactoring check for empty accessor as per Vishals suggestion
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:58:39 +00:00
Nicolas Corrarello
a3df394134
Pull master into f-nomad
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:56:37 +00:00
Nicolas Corrarello
e6b3438d92
Return an error if accesor_id is nil
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 15:18:03 +00:00
Nicolas Corrarello
cfa0715d1e
Returning nil config if is actually nil, and catching the error before creating the client in backend.go
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 11:15:54 +00:00
Nicolas Corrarello
f8babf19ad
Moving LeaseConfig function to path_config_lease.go
Signed-off-by: Nicolas Corrarello <nicolas@corrarello.com>
2017-11-29 11:07:17 +00:00
Nicolas Corrarello
1db26e73f4
Return error before creating a client if conf is nil 2017-11-29 11:01:31 +00:00
Nicolas Corrarello
a5f01d49e2
Sanitizing error outputs 2017-11-29 10:58:02 +00:00
Nicolas Corrarello
e3a73ead35
Renaming tokenRaw to accessorIDRaw to avoid confusion, as the token is not being used for revoking itself 2017-11-29 10:48:55 +00:00
Nicolas Corrarello
3134c7262d
Updating descriptions, defaults for roles 2017-11-29 10:44:40 +00:00
Nicolas Corrarello
a280884433
Validating that Address and Token are provided in path_config_access.go 2017-11-29 10:36:34 +00:00
Nicolas Corrarello
e1e63f8883
Removing legacy field scheme that belonged to the Consul API 2017-11-29 10:29:39 +00:00
Brian Kassouf
6b474fb169
changelog++ 2017-11-28 10:23:22 -08:00
Brian Kassouf
98a644c21d
database/mysql: Allow the creation statement to use commands that are… (#3619)
* database/mysql: Allow the creation statement to use commands that are not yet supported by the prepare statement protocol

* Remove unnecessary else block
2017-11-28 10:19:49 -08:00
Laura Uva
d3a2844a75 Added clarification to KV documentation about default CLI behavior and how to preserve non-string type values (#3596) 2017-11-27 11:43:49 -05:00
Brian Shumate
4e69240ad2 Docs: policy update for multiple policies, fixes #3611 (#3613) 2017-11-27 09:54:38 -05:00
mariachugunova
1d2a38028a Fix typo in s3 storage backend docs (#3603) 2017-11-23 13:28:33 -08:00
Jeff Mitchell
bf9ddf52ce changelog++ 2017-11-21 16:34:16 -05:00
Vishal Nayak
0f8e4c826c
docs: encryption/decryption now supports asymmetric keys (#3599) 2017-11-21 12:25:28 -05:00
Jeff Mitchell
3bc512bd8d Use Seal Type instead of Type in status output for less confusion 2017-11-21 12:14:00 -05:00
Brian Kassouf
254d0ab784
Update README.md 2017-11-17 10:52:03 -08:00
Jeff Mitchell
09740f8525 Update upgrade guide with HSM info 2017-11-16 11:04:46 -05:00
Vishal Nayak
0fccc908d0
Docs: Remove 'none' as algorithm options (#3587) 2017-11-15 09:09:45 -05:00
Jeff Mitchell
89809168fe Add now-necessary mfa import to sentinel MFA example 2017-11-14 21:42:43 -05:00
Jeff Mitchell
e9f2a54413 Update gitignore 2017-11-14 21:42:06 -05:00
Brian Kassouf
f67feaea20
Add token_reviewer_jwt to the kubernetes docs (#3586) 2017-11-14 13:27:09 -08:00