mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-08-16 11:37:04 +02:00
Code Issues Projects Releases Wiki Activity
18,193 Commits 2,843 Branches 445 Tags 454 MiB
bc69ef899a
Commit Graph

29 Commits

Author SHA1 Message Date
Christopher Swenson
12fc5bed7c
Add subscribe capability to policies (#22474) 
* Add `subscribe` capability to policies

... and `subscribe_event_types` to the policy body.

These are not currently enforced in the events system (as that
will require populating the full secrets path in the event).

Co-authored-by: Tom Proctor <tomhjp@users.noreply.github.com>
 2023-08-22 18:07:32 +00:00
Kevin Wang
cbae51fdbc
docs: fix codeblock language (#22367) 2023-08-17 13:25:08 -07:00
Max Bowsher
188bdca4bd
Fix sudo paths missing from OpenAPI and docs (#21772) 
* Fix sudo paths missing from OpenAPI and docs

Various sudo (a.k.a. root-protected) paths are implemented in
non-standard ways, and as a result:

* are not declared as x-vault-sudo in the OpenAPI spec

* and as a result of that, are not included in the hardcoded patterns
  powering the Vault CLI `-output-policy` flag

* and in some cases are missing from the table of all sudo paths in the
  docs too

Fix these problems by:

* Adding `seal` and `step-down` to the list of root paths for the system
  backend. They don't need to be there for enforcement, as those two
  special endpoints bypass the standard request handling code, but they
  do need to be there for the OpenAPI generator to be able to know they
  require sudo.

  The way in which those two endpoints do things differently can be
  observed in the code search results for `RootPrivsRequired`:
  https://github.com/search?q=repo%3Ahashicorp%2Fvault%20RootPrivsRequired&type=code

* Fix the implementation of `auth/token/revoke-orphan` to implement
  endpoint sudo requirements in the standard way. Currently, it has an
  **incorrect** path declared in the special paths metadata, and then
  compensates with custom code throwing an error within the request
  handler function itself.

* changelog

* As discussed in PR, delete test which is just testing equality of a constant

* Restore sudo check as requested, and add comment

* Update vault/token_store.go

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>

---------

Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
 2023-07-19 16:28:17 +00:00
Anton Averchenkov
f4f0412b6a
[docs] Convert titles to sentense case (#21426) 
* Convert documentation titles to sentense case

* Docker, Google, Foundry, Cloud proper case
 2023-06-30 19:22:07 -04:00
Jonathan Frappier
c6970cd2fd
Add additional endpoints, remove non-protected endpoints (#20669) 
* Add additional endpoints, remove non-protected endpoints

* Add step-down per engineering

* Match HTTP verb to individual doc pages

* Add /sys/internal/inspect/router to table

* Apply additional suggestions

* Updates based on engineering feedback

* Adding unsaved changes
 2023-05-24 17:32:53 -04:00
Jonathan Frappier
ef3db02198
Add root protected endpoint table (#20650) 
* Add root protected endpoint table

* Fix heading case
 2023-05-18 11:53:22 -04:00
miagilepner
051e6fe25f
VAULT-14204 Update parameter policy documentation (#19586) 2023-03-17 11:14:54 +01:00
Bryce Kalow
79f6ff191c
update learn links to point to developer locations (#19026) 2023-02-06 20:34:51 -08:00
Ashlee M Boyer
06df5b9d95
docs: Migrate link formats (#18696) 
* Adding check-legacy-links-format workflow

* Adding test-link-rewrites workflow

* Updating docs-content-check-legacy-links-format hash

* Migrating links to new format

Co-authored-by: Kendall Strautman <kendallstrautman@gmail.com>
 2023-01-25 16:12:15 -08:00
mickael-hc
e367c5a280
docs: clarify parameter constraints limitations when using globs (#18593) 2023-01-04 15:58:27 -05:00
Jason O'Donnell
bc42a6cce8
docs/policies: update denied_parameters description (#18366) 2022-12-14 16:51:02 +00:00
mickael-hc
b6db9de0ff
docs: detail policies parameter for auth methods using tokenutil (#18015) 
* docs: detail policies parameter for auth methods using tokenutil

* Update website/content/partials/tokenfields.mdx


Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
 2022-11-18 11:09:29 -05:00
Chris Capurso
96d623d3fc
clarify that certain policy examples are for KVv1 (#17861) 2022-11-09 15:42:58 -05:00
Bryce Kalow
fe3daa411a
website: content updates for developer (#17035) 
* Chore (dev portal): update learn nav data links  (#15515)

* Update docs-nav-data.json

* Update docs-nav-data.json

* website: fixes internal redirects (#15750)

* chore: remove duplicate overview item (#15805)

* Use `badge` for `<sup>` tags in nav data JSON files (#15928)

* Replacing <sup> tags with badge

* Adding type and color to badges

* fix broken links in vault docs (#15976)

* website: Update old learn links to redirect locations (#16047)

* update previews to render developer UI

* update redirects

* adjust content so it is backwards compat

Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kendall Strautman <36613477+kendallstrautman@users.noreply.github.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
 2022-09-22 08:11:04 -07:00
Nestor Reyes
3df6e359bc
Update policies.mdx (#16312) 
548 From "builtin" to "built-in" to be consistent with the previous sentence. 

589 from "can not" to "cannot"
 2022-07-15 15:28:49 -07:00
Yoko Hyakuna
38fd8efcb5
Update the policy examples (#16297) 
* Update the policy examples

* Adjusted the examples
 2022-07-14 08:01:22 -07:00
Loann Le
cd3a0b6914
Vault documentation: added info about new policy flag (#16244) 
* added info about new policy flag

* updated wording
 2022-07-07 12:54:27 -07:00
Nick Cabatoff
ed52771d63
Rewrite a confusing bit of policies docs re parameter constraints. (#16182) 2022-06-29 12:28:49 -04:00
Violet Hynes
d58583f7ad
VAULT-6091 Document Duration Format String (#15920) 
* VAULT-6091 Document duration format

* VAULT-6091 Document duration format

* VAULT-6091 Update wording

* VAULT-6091 Update to duration format string, replace everywhere I've found so far

* VAULT-6091 Add the word 'string' to the nav bar

* VAULT-6091 fix link

* VAULT-6091 fix link

* VAULT-6091 Fix time/string, add another reference

* VAULT-6091 add some misses for references to this format
 2022-06-13 08:51:07 -04:00
Chris Capurso
1c284e8b02
add missing patch capability to policy docs (#15704) 2022-06-03 15:40:47 -04:00
Loann Le
3c13d52cb0
Vault documentation: updated all references from Learn to Tutorial (#15514) 
* updated learn to tutorial

* correct spelling
 2022-05-19 18:04:46 -07:00
Loann Le
51cf5acf4d
added note about parameters (#15334) 2022-05-09 11:05:39 -07:00
Nick Cabatoff
7f6e6852eb
Clarify the distinction between token and identity policies. (#13614) 2022-01-11 09:01:43 -05:00
Vasilii Angapov
ab8807dc2d
Fix typo in policies.mdx (#13345) 
Fix typo in Kubernetes policy example which prevents example from working.
 2021-12-20 11:25:50 -08:00
akshya96
7800c45bb7
Docs/custom metadata updates (#13244) 
* adding custom_metadata read and update changes

* adding custom metadata changes
 2021-11-23 09:40:44 -08:00
Mark Lewis
9338b5adf1
Update policies.mdx (#11618) 
Suggested PR to use more inclusive language.
 2021-05-18 13:02:40 -07:00
Bryce Kalow
e27b43c482
feat(website): migrates nav data format and updates docs pages (#11242) 
* migrates nav data format and updates docs pages

* removes sidebar_title from content files
 2021-04-06 13:49:04 -04:00
Aleksandr Bezobchuk
b7891c12b7
docs: update "Policy Syntax" section (#10590) 
Co-authored-by: mgritter <mgritter@hashicorp.com>
 2021-01-26 22:14:47 -06:00
Jeff Escalante
179df992c0
Implement MDX Remote (#10581) 
* implement mdx remote

* fix an unfenced code block

* fix partials path

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>
 2020-12-17 16:53:33 -05:00