mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-16 00:01:13 +01:00
Code Issues Projects Releases Wiki Activity
15,467 Commits 2,845 Branches 459 Tags
Commit Graph

631 Commits

Author SHA1 Message Date
Nick Cabatoff
ed52771d63
Rewrite a confusing bit of policies docs re parameter constraints. (#16182) 2022-06-29 12:28:49 -04:00
Christopher Swenson
7b887533c1
docs/platform: Add brief GitHub Actions page (#16129) 
I added a small example from the main docs along with some explanation,
and added links to the main docs and the tutorial.

I also took this opportunity to sort the platform left nav bar.
 2022-06-27 09:47:26 -07:00
Christopher Swenson
c165363841
Update consul-template to latest for pkiCert fix (#16087) 
Update consul-template to latest for pkiCert fix

So that we get the fixes in https://github.com/hashicorp/consul-template/pull/1590
and https://github.com/hashicorp/consul-template/pull/1591.

I tested manually that this no longer causes `pkiCert` to get into an
infinite failure loop when the cert expires, and that the key and CA certificate are also accessible.

Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2022-06-27 08:39:36 -07:00
Rachel Culpepper
7a5f6045d1
Specify the size of the ephemeral key for transit imports (#16135) 
* specify the size of the ephemeral key

* specify aes key size in api docs
 2022-06-24 10:28:09 -05:00
Justin Clayton
0b54acbc38
minor typo fix (#16114) 
Consult -> Consul
 2022-06-22 14:52:42 -07:00
Tom Proctor
f3edee9458
Docs: Fix typo for Lambda extension env var config (#16108) 2022-06-22 17:28:31 +01:00
Rowan Smith
9b186f33ca
fix typo in release notes (#16099) 
cont > count
 2022-06-22 10:39:43 -04:00
Tom Proctor
d44e341480
OIDC/Kubernetes docs: Improve instructions for setting bound_audiences (#16080) 2022-06-22 09:27:19 +01:00
Lucy Davinhart || Strawb System
ea3a6b5a5c
website: Update replication docs to mention Integrated Storage (#16063) 2022-06-21 10:55:15 -07:00
Rachel Culpepper
f9532fed61
fix incorrect HSM mechanisms (#16081) 2022-06-21 10:13:30 -05:00
swayne275
01d5a654f9
fix docs typo - couple to few (#16068) 2022-06-20 11:03:55 -06:00
claire bontempo
dc8689110d
change rotation_period to algorithm (#16051) 2022-06-20 08:39:22 -07:00
Rachel Culpepper
b0cbc03f00
Vault-5619: Transit BYOK Documentation (#15817) 
* add api documentation

* add guide for wrapping keys

* fix formatting and tweak wording

* add hash function

* remove convergent param

* fix hash function description

* add security note

* fix mechanism

* fix notes

* add spaces

* fix hash function and add context
 2022-06-17 14:53:39 -05:00
Christopher Swenson
2a69947b3b
Update helm standalone TLS doc for k8s 1.22 (#16029) 
Update helm standalone TLS doc for k8s 1.22

The `CertificateSigningRequest` for `v1beta1` API is no longer
available, and now requires the `signerName` parameter.

Many thanks to @DavidRBanks for the helpful notes in
https://github.com/hashicorp/vault-helm/issues/243#issuecomment-962551898

I tested this on Kubernetes 1.21 and 1.24. I also adjusted the `tr`
command to work better on macOS (and still works fine on Linux).
 2022-06-17 10:07:39 -07:00
Christopher Swenson
3d01a88e61
docs: Add how to rotate SQL Server key (#15993) 2022-06-17 08:59:27 -07:00
Jason O'Donnell
e38f6e72a2
agent: add disable_idle_connections configurable (#15986) 
* agent: add disable_keep_alives configurable

* Add empty test

* Add website doc

* Change to disable_idle_connections

* Update tests and doc

* Add note about env

* Changelog

* Change to slice

* Remove unused disable keep alive methods

* Add invalid value test
 2022-06-16 18:06:22 -04:00
Loann Le
2cb55f5204
Vault documentation: updated client count faqs for 1.11 (#16007) 
* stashed changes

changes stashed

* Update faq.mdx

Updated links

* Update website/content/docs/concepts/client-count/faq.mdx

* added image

* fixed image name

* updated text

* fixed spacing

* fixed spacing

* added missing info

* missed a period
 2022-06-16 11:05:55 -07:00
Alexander Scheel
a58c6ecd9f
Add additional usage clarifications to EA docs (#16017) 
- Document Transit and sys random endpoint in 1.11+
 - Document PKI and SSH CAs only, no leaves

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-06-16 13:56:22 -04:00
Alexander Scheel
93eaf3c860
Document limitations in FIPS 140-2 migrations (#16012) 
Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-06-16 10:18:47 -04:00
Loann Le
e74c45abbd
Vault documentation: release notes for 1.11.0 (#16005) 
* added new content

* new content

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

* Update website/content/docs/release-notes/1.11.0.mdx

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>

Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
 2022-06-15 18:25:14 -07:00
VAL
531abac2c1
Use new -mount syntax for all KV subcommands in 1.11 docs (#16002) 
* Use new -mount syntax for all KV subcommands in 1.11 docs

* Use more appropriate heading size for mount flag syntax

* Add the explanatory syntax blurb from the -help text

* Adjust some wording
 2022-06-15 19:07:50 -04:00
Austin Gebauer
c6173f64bf
auth/gcp: adds note on custom endpoints to configuration section (#15990) 2022-06-15 10:06:58 -07:00
Loann Le
5841875fe3
updated table for vault 1.11 release (#15856) 2022-06-15 09:40:49 -07:00
Theron Voran
9566221303
docs/vault-k8s: update the service annotation (#15965) 
The injector's `service` annotation is really the vault address to
use, and not just the name of the service.

Also change a couple mentions of "controller" to "injector".
 2022-06-14 11:03:00 -07:00
Kyle MacDonald
12f8381cfc
docs: update double use of "note" in client faq (#15958) 2022-06-13 13:37:58 -04:00
Alexander Scheel
1e3e97bb8d
Document agent injecting PKI CAs (#15930) 
* Document agent injecting PKI CAs

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Remove extra empty-string conditional
 2022-06-13 13:15:54 -04:00
Nick Cabatoff
f9b8413d48
Add 1.10 upgrade note for SSCT on Consul. (#15873) 2022-06-13 11:48:53 -04:00
Violet Hynes
d58583f7ad
VAULT-6091 Document Duration Format String (#15920) 
* VAULT-6091 Document duration format

* VAULT-6091 Document duration format

* VAULT-6091 Update wording

* VAULT-6091 Update to duration format string, replace everywhere I've found so far

* VAULT-6091 Add the word 'string' to the nav bar

* VAULT-6091 fix link

* VAULT-6091 fix link

* VAULT-6091 Fix time/string, add another reference

* VAULT-6091 add some misses for references to this format
 2022-06-13 08:51:07 -04:00
Austin Gebauer
bf8891d87a
docs/oidc: adds missing steps for Google Workspace configuration (#15943) 2022-06-10 16:29:49 -07:00
Violet Hynes
cc3de02e18
VAULT-5095 Update docs to reflect that child namespaces do not inherit parent quotas (#15906) 
* VAULT-5095 Update docs to reflect current behaviour

* Update website/content/api-docs/system/lease-count-quotas.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

* Update website/content/api-docs/system/rate-limit-quotas.mdx

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>

Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
 2022-06-10 11:53:01 -04:00
Mark Lewis
c97cfa8807
Update index.mdx (#15861) 
Typo
 2022-06-10 11:44:43 -04:00
Austin Gebauer
e1a8454c5c
secrets/db: documents credential types and snowflake key pair auth (#15892) 2022-06-09 15:56:50 -07:00
Austin Gebauer
8bf6a5952a
docs/postgres: replaces lib/pq with pgx (#15901) 2022-06-09 14:37:14 -07:00
Peter Wilson
a7111c5c12
Removed IRC reference in architecture internals doc (#15904) 
* Removed IRC reference in architecture internals doc
 2022-06-09 15:41:14 +01:00
VAL
e40dcf9cdc
Use KV helpers in docs and dev quickstart guide (#15902) 2022-06-08 17:37:02 -07:00
akshya96
8b6582573c
Kv cas parameter documentation (#15885) 
* adding cas documentation changes

* remove extra space

* remove -
 2022-06-08 16:51:08 -07:00
Robert
656335f13c
Update Consul secrets features docs, api-docs for 1.11 (#15854) 
* Overhaul consul docs and api-docs for new 1.11 features

Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com>
Co-authored-by: Calvin Leung Huang <1883212+calvn@users.noreply.github.com>
Co-authored-by: John-Michael Faircloth <fairclothjm@users.noreply.github.com>
 2022-06-08 13:54:55 -05:00
Victor Rodriguez
c9ff68f2b0
Update KMIP documentation to reflect Vault 1.11 changes. (#15868) 
Update documentation to reflect new KMIP features in Vault 1.11.

Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
 2022-06-08 13:58:45 -04:00
Alexander Scheel
e6684554a2
Use manual_chain for cross-signed intermediates (#15876) 
This adds a note that manual_chain is required for cross-signed
intermediates, as Vault will not automatically associate the
cross-signed pair during chain construction. During issuance, the chain
is used verbatim from the issuer, so no chain detection will be used
then.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-06-08 13:13:45 -04:00
Ikko Ashimine
dc27364c78
docs: fix typo in configurations.mdx (#15863) 
paramters -> parameters
 2022-06-08 09:03:45 -04:00
Robert
8eff5a181d
Update GCP auth docs (#15855) 
* Add automatic GCE identity token login
 2022-06-07 18:22:09 -05:00
Josh Black
55bc40235d
Autopilot enterprise docs (#15589) 2022-06-07 14:32:45 -07:00
Christopher Swenson
1865d577f7
Update AWS auth docs for SHA-1 deprecation (#15741) 
Update AWS auth docs for SHA-1 deprecation

We now recommend `/rsa2048` as the preferred AWS signature moving
foward, as `/pkcs7` and `/signature` will stop working by default in
Vault 1.12 without setting `GODEBUG=x509sha1=1` in the Vault deployment
due to the move to Go 1.18.

I also took this oppoturnity to try to make the docs less confusing
and more consistent with all of the usages of signature, PKCS#7, DSA,
and RSA terminology.

Co-authored-by: Ben Ash <32777270+benashz@users.noreply.github.com>
Co-authored-by: Theron Voran <tvoran@users.noreply.github.com>
 2022-06-07 12:45:46 -07:00
Calvin Leung Huang
06c56355b5
docs: add pkiCert example on agent template docs (#15836) 2022-06-07 10:33:17 -07:00
Loann Le
cf5c820355
updated table (#15850) 2022-06-07 10:22:21 -07:00
Alexander Scheel
bd4389a8b6
Add support notes, Entropy Augmentation notes, RH repo (#15843) 
* Add support notes, Entropy Augmentation notes, RH repo

This adds a known-panic w.r.t. Entropy Augmentation due to restrictions
in how BoringCrypto's RNG works. Additionally adds the RH Access
container repository and adds a note about restricted support scenarios.

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>

* Wording changes per Scott

Signed-off-by: Alexander Scheel <alex.scheel@hashicorp.com>
 2022-06-07 11:23:26 -04:00
Brian Candler
47e72a9168
Fixes for -listing-visibility flag values in CLI tools (#15838) 
See also: #15833, #15209

Signed-off-by: Brian Candler <b.candler@pobox.com>
 2022-06-07 09:49:13 -04:00
Tom Proctor
3419c276c2
docs: Update CSI Provider command line arguments (#15810) 2022-06-07 10:20:47 +01:00
Michael Williams
c4289a20ab
Update documentation to reduce confusion about default_extensions. (#14069) 2022-06-06 15:53:05 -04:00
Scott Miller
577479e880
Document Convergent Tokenization and Token Lookup (#15819) 
* Document Convergent Tokenization and Token Lookup

* tweaks

* Fix sample response

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/index.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/docs/secrets/transform/tokenization.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* Update website/content/api-docs/secret/transform.mdx

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>

* update awkward text

Co-authored-by: Matt Schultz <975680+schultz-is@users.noreply.github.com>
 2022-06-06 13:34:08 -05:00