mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2025-11-25 12:41:10 +01:00
Code Issues Projects Releases Wiki Activity
6,745 Commits 2,848 Branches 460 Tags
Commit Graph

1152 Commits

Author SHA1 Message Date
Jeff Mitchell
f644557eab Make it clear that generating/setting a CA cert will overwrite what's 
there.
 2015-11-19 09:51:18 -05:00
Jeff Mitchell
3437af0711 Split root and intermediate functionality into their own sections in the API. Update documentation. Add sign-verbatim endpoint. 2015-11-19 09:51:18 -05:00
Jeff Mitchell
237285e822 Address some feedback from review 2015-11-19 09:51:18 -05:00
Jeff Mitchell
cf148d8cc6 Large documentation updates, remove the pathlength path in favor of 
making that a parameter at CA generation/sign time, and allow more
fields to be configured at CSR generation time.
 2015-11-19 09:51:18 -05:00
Jeff Mitchell
c33c43620f Add tests for intermediate signing and CRL, and fix a couple things 
Completes extra functionality.
 2015-11-19 09:51:17 -05:00
Jeff Mitchell
49d525ebf3 Reintroduce the ability to look up obfuscated values in the audit log 
with a new endpoint '/sys/audit-hash', which returns the given input
string hashed with the given audit backend's hash function and salt
(currently, always HMAC-SHA256 and a backend-specific salt).

In the process of adding the HTTP handler, this also removes the custom
HTTP handlers for the other audit endpoints, which were simply
forwarding to the logical system backend. This means that the various
audit functions will now redirect correctly from a standby to master.
(Tests all pass.)

Fixes #784
 2015-11-18 20:26:03 -05:00
Jeff Mitchell
7d03d63bfe Update audit documentation around what hash is used 2015-11-18 10:42:42 -05:00
Jeff Mitchell
f600e3ac29 Add no-default-policy flag and API parameter to allow exclusion of the 
default policy from a token create command.
 2015-11-09 17:30:50 -05:00
Jeff Mitchell
254dcccf44 Update cert documentation to note requiring sudo access. 2015-11-06 16:09:42 -05:00
Jeff Mitchell
dbbbb02daf Update S3 docs 2015-11-06 09:26:09 -05:00
Jeff Mitchell
dafecff414 Switch etcd default port to 2379, in line with 2.x. 
Fixes #753
 2015-11-05 09:47:50 -05:00
Sander van Harmelen
8f17567774 Add a line to the documentation to describe the new feature 2015-11-04 15:36:24 +01:00
Jeff Mitchell
1878696db5 Merge pull request #746 from hashicorp/issue-677 
Add a PermitPool to physical and consul/inmem
 2015-11-03 15:26:58 -05:00
Jeff Mitchell
e0d2b1af78 Add configuration parameter for max parallel connections to Consul 2015-11-03 15:26:07 -05:00
Jeff Mitchell
7709cbf796 Add create-orphan to documentation 2015-11-03 15:15:33 -05:00
Jeff Mitchell
5ccccde6da Fix trailing whitespace complaints 2015-11-03 10:52:20 -05:00
Jeff Mitchell
ef21eb6ee4 Clarify that CRLs are not fetched by Vault 2015-11-03 10:52:20 -05:00
Jeff Mitchell
af4af078fa Address first round of feedback from review 2015-11-03 10:52:20 -05:00
Jeff Mitchell
90a9f25d80 Add documentation for CRLs and some minor cleanup. 2015-11-03 10:52:20 -05:00
Jeff Mitchell
cee292a06a Documentation update around path/key name encryption. 
Make it clear that path/key names in generic are not encrypted.

Fixes #697
 2015-10-29 11:21:40 -04:00
Jeff Mitchell
d7f528a768 Add reset support to the unseal command. 
Reset clears the provided unseal keys, allowing the process to be begun
again. Includes documentation and unit test changes.

Fixes #695
 2015-10-28 15:59:39 -04:00
Jeff Mitchell
b0f24dc820 Minor format fix in environment documentation 2015-10-28 09:56:28 -04:00
Jason Antman
0cf323ce07 add documentation for GitHub Auth Backend 'ttl' and 'max_ttl' parameters 2015-10-23 09:30:48 -04:00
Jason Antman
887257b811 add GitHub Enterprise base_url to docs 
In https://github.com/hashicorp/vault/issues/716 @jefferai confirmed that the GitHub Auth Backend supports GitHub enterprise using an undocumented ``base_url`` parameter. This adds that parameter to the relevant documentation page.
 2015-10-23 09:18:07 -04:00
Jeff Mitchell
6c4e05dbc0 Update token documentation to better explain token durations 2015-10-22 13:02:37 -04:00
Jeff Mitchell
5b5e1850ac Document the renew-self call 2015-10-21 10:53:20 -04:00
Jeff Mitchell
846c1975cc Remove revoke-self from sys API documentation as it's in the token-store instead 2015-10-21 10:46:41 -04:00
Jeff Mitchell
676970574b Allow disabling the physical storage cache with 'disable_cache'. 
Fixes #674.
 2015-10-12 13:00:32 -04:00
Seth Vargo
cfd7aa5983 Remove tabs from terminal output 
This also standardizes on the indentation we use for multi-line commands as
well as prefixes all commands with a $ to indicate a shell.
 2015-10-12 12:10:22 -04:00
vishalnayak
93c4cccc6e mysql: made max_open_connections configurable 2015-10-01 21:15:56 -04:00
vishalnayak
bc5ad114e4 postgresql: Configurable max open connections to the database 2015-10-01 20:11:24 -04:00
Colin Rymer
c9e9fbdab2 Remove redundant wording for SSH OTP introduction. 2015-09-30 10:58:44 -04:00
Jeff Mitchell
70ce824267 Switch per-mount values to strings going in and seconds coming out, like other commands. Indicate deprecation of 'lease' in the token backend. 2015-09-25 10:41:21 -04:00
Jeff Mitchell
6c21b3b693 Remove JWT for the 0.3 release; it needs a lot of rework. 2015-09-24 16:23:44 -04:00
Jeff Mitchell
b2da14c3e8 Documentation fix for global TTLs 2015-09-24 12:17:26 -04:00
Jeff Mitchell
816214c4c9 Add revoke-self to docs 2015-09-24 12:05:00 -04:00
Dominic Luechinger
886c67892d Fixes docs for new JWT secret backend 2015-09-24 16:47:17 +02:00
Spencer Herzberg
66e0cb2175 docs: pg username not prefixed with vault- 
due to
05fa4a4a48,
vault no longer prefixes the username with `vault-`
 2015-09-22 10:14:47 -05:00
Jeff Mitchell
791ae62db3 Minor doc update to SSH 2015-09-21 16:26:07 -04:00
Jeff Mitchell
fa53293b7b Enhance SSH backend documentation; remove getting of stored keys and have TTLs honor backends systemview values 2015-09-21 16:14:30 -04:00
Jeff Mitchell
08a81a3364 Update transit backend documentation, and also return the min decryption 
value in a read operation on the key.
 2015-09-21 16:13:43 -04:00
Jeff Mitchell
a57eb45b50 Add API endpoint documentation to cubbyhole 2015-09-21 16:13:36 -04:00
Jeff Mitchell
e4cab7afe5 Add API endpoint documentation to generic 2015-09-21 16:13:29 -04:00
Jeff Mitchell
97ecc3d72d Add clarity to the lease concepts document. 2015-09-21 08:56:26 -04:00
Jeff Mitchell
46073e4470 Enhance transit backend: 
* Remove raw endpoint from transit
* Add multi-key structure
* Add enable, disable, rewrap, and rotate functionality
* Upgrade functionality, and record creation time of keys in metadata. Add flag in config function to control the minimum decryption version, and enforce that in the decrypt function
* Unit tests for everything
 2015-09-18 14:41:05 -04:00
Jeff Mitchell
913989e4b0 Add revoke-self endpoint. 
Fixes #620.
 2015-09-17 13:22:30 -04:00
Jeff Mitchell
c80fdb4bdc Add documentation for cubbyhole 2015-09-15 13:50:37 -04:00
vishalnayak
ec4f6e59b3 Improve documentation of token renewal 2015-09-11 21:08:32 -04:00
Jeff Mitchell
b9a5a137c0 Address items from feedback. Make MountConfig use values rather than 
pointers and change how config is read to compensate.
 2015-09-10 15:09:54 -04:00
Jeff Mitchell
dd8ac00daa Rejig how dynamic values are represented in system view and location of some functions in various packages; create mount-tune command and API analogues; update documentation 2015-09-10 15:09:54 -04:00