mirror of
https://github.com/hashicorp/vault.git
synced 2025-12-25 19:31:14 +01:00
3074 lines
79 KiB
JSON
3074 lines
79 KiB
JSON
[
|
|
{
|
|
"title": "About Vault",
|
|
"routes": [
|
|
{
|
|
"title": "What is Vault?",
|
|
"path": "about-vault/what-is-vault"
|
|
},
|
|
{
|
|
"title": "Why use Vault?",
|
|
"routes": [
|
|
{
|
|
"title": "Solve security problems",
|
|
"path": "about-vault/why-use-vault"
|
|
},
|
|
{
|
|
"title": "Manage 3rd-party secrets",
|
|
"path": "about-vault/why-use-vault/3rd-party-secrets"
|
|
},
|
|
{
|
|
"title": "Manage certificates",
|
|
"path": "about-vault/why-use-vault/certificates"
|
|
},
|
|
{
|
|
"title": "Manage identities",
|
|
"path": "about-vault/why-use-vault/identities"
|
|
},
|
|
{
|
|
"title": "Manage static secrets",
|
|
"path": "about-vault/why-use-vault/static-secrets"
|
|
},
|
|
{
|
|
"title": "Secure sensitive data",
|
|
"path": "about-vault/why-use-vault/sensitive-data"
|
|
},
|
|
{
|
|
"title": "Support regulatory compliance",
|
|
"path": "about-vault/why-use-vault/regulatory-compliance"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "How Vault works",
|
|
"path": "about-vault/how-vault-works"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Partnerships",
|
|
"routes": [
|
|
{
|
|
"title": "Verification and validation",
|
|
"path": "partners"
|
|
},
|
|
{
|
|
"title": "Verified protocols",
|
|
"path": "partners/protocols"
|
|
},
|
|
{
|
|
"title": "HSM partners",
|
|
"path": "partners/hsm"
|
|
},
|
|
{
|
|
"title": "External key partners",
|
|
"path": "partners/external-keys"
|
|
},
|
|
{
|
|
"title": "Partner program",
|
|
"path": "partners/program"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Key concepts",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "concepts"
|
|
},
|
|
{
|
|
"title": "'Dev' Server",
|
|
"path": "concepts/dev-server"
|
|
},
|
|
{
|
|
"title": "Seal/Unseal",
|
|
"path": "concepts/seal"
|
|
},
|
|
{
|
|
"title": "Namespace API Lock",
|
|
"path": "concepts/namespace-api-lock"
|
|
},
|
|
{
|
|
"title": "Lease, Renew, and Revoke",
|
|
"path": "concepts/lease"
|
|
},
|
|
{
|
|
"title": "Authentication",
|
|
"path": "concepts/auth"
|
|
},
|
|
{
|
|
"title": "Tokens",
|
|
"path": "concepts/tokens"
|
|
},
|
|
{
|
|
"title": "Identity",
|
|
"path": "concepts/identity"
|
|
},
|
|
{
|
|
"title": "OIDC Provider",
|
|
"path": "concepts/oidc-provider"
|
|
},
|
|
{
|
|
"title": "Response Wrapping",
|
|
"path": "concepts/response-wrapping"
|
|
},
|
|
{
|
|
"title": "Policies",
|
|
"path": "concepts/policies"
|
|
},
|
|
{
|
|
"title": "Password Policies",
|
|
"path": "concepts/password-policies"
|
|
},
|
|
{
|
|
"title": "Username Templating",
|
|
"path": "concepts/username-templating"
|
|
},
|
|
{
|
|
"title": "High Availability",
|
|
"path": "concepts/ha"
|
|
},
|
|
{
|
|
"title": "Production hardening",
|
|
"path": "concepts/production-hardening"
|
|
},
|
|
{
|
|
"title": "Storage",
|
|
"path": "concepts/storage"
|
|
},
|
|
{
|
|
"title": "Tune server performance",
|
|
"path": "concepts/tune-server-performance"
|
|
},
|
|
{
|
|
"title": "Cloud access management",
|
|
"path": "concepts/cloud-access-management"
|
|
},
|
|
{
|
|
"title": "Integrated Storage",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "concepts/integrated-storage"
|
|
},
|
|
{
|
|
"title": "Autopilot",
|
|
"path": "concepts/integrated-storage/autopilot"
|
|
},
|
|
{
|
|
"title": "Migration checklist",
|
|
"path": "concepts/integrated-storage/migration-checklist"
|
|
},
|
|
{
|
|
"title": "Migrate Consul storage",
|
|
"path": "concepts/integrated-storage/migrate-consul-storage"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "PGP, GnuPG, and Keybase",
|
|
"path": "concepts/pgp-gpg-keybase"
|
|
},
|
|
{
|
|
"title": "Recovery Mode",
|
|
"path": "concepts/recovery-mode"
|
|
},
|
|
{
|
|
"title": "Resource Quotas",
|
|
"path": "concepts/resource-quotas"
|
|
},
|
|
{
|
|
"title": "Billing Start Date",
|
|
"path": "concepts/billing-start-date"
|
|
},
|
|
{
|
|
"title": "Client count",
|
|
"routes": [
|
|
{
|
|
"title": "Clients and entities",
|
|
"path": "concepts/client-count"
|
|
},
|
|
{
|
|
"title": "Client count calculation",
|
|
"path": "concepts/client-count/counting"
|
|
},
|
|
{
|
|
"title": "Client usage",
|
|
"path": "concepts/client-count/client-usage"
|
|
},
|
|
{
|
|
"title": "FAQ",
|
|
"path": "concepts/client-count/faq"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Transform",
|
|
"path": "concepts/transform"
|
|
},
|
|
{
|
|
"title": "Mount Migration",
|
|
"path": "concepts/mount-migration"
|
|
},
|
|
{
|
|
"title": "Duration String Format",
|
|
"path": "concepts/duration-format"
|
|
},
|
|
{
|
|
"title": "User lockout",
|
|
"path": "concepts/user-lockout"
|
|
},
|
|
{
|
|
"title": "Events",
|
|
"path": "concepts/events",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Filtering",
|
|
"path": "concepts/filtering",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Adaptive overload protection",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "concepts/adaptive-overload-protection"
|
|
},
|
|
{
|
|
"title": "Vault server temporarily overloaded",
|
|
"path": "concepts/adaptive-overload-protection/vault-server-temporarily-overloaded"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Quickstarts",
|
|
"routes": [
|
|
{
|
|
"title": "Developer quick start",
|
|
"path": "get-started/developer-qs"
|
|
},
|
|
{
|
|
"title": "Operations quick start",
|
|
"path": "get-started/operations-qs"
|
|
},
|
|
{
|
|
"title": "Vault foundations tutorials",
|
|
"href": "https://developer.hashicorp.com/vault/tutorials/get-started"
|
|
},
|
|
{
|
|
"title": "HCP Vault Dedicated tutorials",
|
|
"href": "https://developer.hashicorp.com/vault/tutorials/get-started-hcp-vault-dedicated"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Recent updates",
|
|
"routes": [
|
|
{
|
|
"title": "Release notes",
|
|
"path": "updates/release-notes"
|
|
},
|
|
{
|
|
"title": "Important changes",
|
|
"path": "updates/important-changes"
|
|
},
|
|
{
|
|
"title": "Deprecation notices",
|
|
"path": "updates/deprecation"
|
|
},
|
|
{
|
|
"title": "Change tracker",
|
|
"path": "updates/change-tracker"
|
|
},
|
|
{
|
|
"title": "Full changelog",
|
|
"href": "https://raw.githubusercontent.com/hashicorp/vault/refs/heads/main/CHANGELOG.md"
|
|
}
|
|
]
|
|
},
|
|
|
|
{ "divider": true },
|
|
{ "heading": "OPERATIONS" },
|
|
|
|
{
|
|
"title": "Get Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Install options",
|
|
"path": "get-vault"
|
|
},
|
|
{
|
|
"title": "Build from code",
|
|
"path": "get-vault/build-from-code"
|
|
},
|
|
{
|
|
"title": "Package manager installs",
|
|
"href": "https://developer.hashicorp.com/vault/install",
|
|
"badge": {
|
|
"text": "COMMUNITY",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Package manager installs",
|
|
"href": "https://developer.hashicorp.com/vault/install/enterprise",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "All Vault binaries",
|
|
"href": "https://releases.hashicorp.com/vault/"
|
|
},
|
|
{
|
|
"title": "Manually install a binary",
|
|
"path": "get-vault/install-binary"
|
|
}
|
|
]
|
|
},
|
|
|
|
{
|
|
"title": "License Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "license"
|
|
},
|
|
{
|
|
"title": "Autoload a license",
|
|
"path": "license/autoloading"
|
|
},
|
|
{
|
|
"title": "Change licenses",
|
|
"path": "license/change-license"
|
|
},
|
|
{
|
|
"title": "Anonymized usage reporting",
|
|
"path": "license/product-usage-reporting"
|
|
},
|
|
{
|
|
"title": "Utilization reporting",
|
|
"routes": [
|
|
{
|
|
"title": "Automatic ",
|
|
"path": "license/utilization/auto-reporting"
|
|
},
|
|
{
|
|
"title": "Manual",
|
|
"path": "license/utilization/manual-reporting"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
|
|
{
|
|
"title": "Configure Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Parameter overview ",
|
|
"path": "configuration"
|
|
},
|
|
{
|
|
"title": "GUI configuration",
|
|
"path": "configuration/ui"
|
|
},
|
|
{
|
|
"title": "Programmatic best practices",
|
|
"path": "configuration/programmatic-best-practices"
|
|
},
|
|
{
|
|
"title": "Manage resources programmatically",
|
|
"path": "configuration/programmatic-management"
|
|
},
|
|
{
|
|
"title": "Prevent lease explosions",
|
|
"path": "configuration/prevent-lease-explosions"
|
|
},
|
|
{
|
|
"title": "Create a lease count quota",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/create-lease-count-quota"
|
|
},
|
|
{
|
|
"title": "Create a rate limit quota",
|
|
"path": "configuration/create-rate-limit-quota"
|
|
},
|
|
{
|
|
"title": "Rate limit quotas group_by modes",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/identity-based-rate-limit"
|
|
},
|
|
{
|
|
"title": "Configure completed request logging",
|
|
"path": "configuration/log-requests-level"
|
|
},
|
|
{
|
|
"title": "Configure entropy augmentation",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/entropy-augmentation"
|
|
},
|
|
|
|
{ "heading": "Configuration stanzas" },
|
|
|
|
{
|
|
"title": "<code>adaptive_overload_protection</code>",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/adaptive-overload-protection"
|
|
},
|
|
{
|
|
"title": "<code>kms_library</code>",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/kms-library"
|
|
},
|
|
{
|
|
"title": "<code>listener</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "configuration/listener"
|
|
},
|
|
{
|
|
"title": "TCP listener configuration",
|
|
"routes": [
|
|
{
|
|
"title": "Basic configuration",
|
|
"path": "configuration/listener/tcp"
|
|
},
|
|
{
|
|
"title": "Configure TLS",
|
|
"path": "configuration/listener/tcp/tcp-tls"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Unix listener configuration",
|
|
"path": "configuration/listener/unix"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>replication</code>",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/replication"
|
|
},
|
|
{
|
|
"title": "<code>reporting</code>",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/reporting"
|
|
},
|
|
{
|
|
"title": "<code>seal</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "configuration/seal"
|
|
},
|
|
{
|
|
"title": "Sealing best practices",
|
|
"path": "configuration/seal/seal-best-practices"
|
|
},
|
|
{
|
|
"title": "Configure HA for seals",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/seal/seal-ha"
|
|
},
|
|
{ "heading": "Seal wrapper options" },
|
|
{
|
|
"title": "AliCloud KMS",
|
|
"path": "configuration/seal/alicloudkms"
|
|
},
|
|
{
|
|
"title": "AWS KMS",
|
|
"path": "configuration/seal/awskms"
|
|
},
|
|
{
|
|
"title": "Azure Key Vault",
|
|
"path": "configuration/seal/azurekeyvault"
|
|
},
|
|
{
|
|
"title": "GCP Cloud KMS",
|
|
"path": "configuration/seal/gcpckms"
|
|
},
|
|
{
|
|
"title": "OCI KMS",
|
|
"path": "configuration/seal/ocikms"
|
|
},
|
|
{
|
|
"title": "HSM PKCS11",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/seal/pkcs11"
|
|
},
|
|
{
|
|
"title": "Transit plugin",
|
|
"path": "configuration/seal/transit"
|
|
},
|
|
{
|
|
"title": "Auto-unseal best practices for Transit",
|
|
"path": "configuration/seal/transit-best-practices"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>sentinel</code>",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "configuration/sentinel"
|
|
},
|
|
{
|
|
"title": "<code>service_registration</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "configuration/service-registration"
|
|
},
|
|
{ "heading": "Service registration options" },
|
|
{
|
|
"title": "Consul",
|
|
"path": "configuration/service-registration/consul"
|
|
},
|
|
{
|
|
"title": "Kubernetes",
|
|
"path": "configuration/service-registration/kubernetes"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>storage</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Backend storage for Vault",
|
|
"path": "configuration/storage"
|
|
},
|
|
{ "heading": "Storage options" },
|
|
{
|
|
"title": "Aerospike",
|
|
"path": "configuration/storage/aerospike"
|
|
},
|
|
{
|
|
"title": "Alicloud OSS",
|
|
"path": "configuration/storage/alicloudoss"
|
|
},
|
|
{
|
|
"title": "Azure",
|
|
"path": "configuration/storage/azure"
|
|
},
|
|
{
|
|
"title": "Cassandra",
|
|
"path": "configuration/storage/cassandra"
|
|
},
|
|
{
|
|
"title": "CockroachDB",
|
|
"path": "configuration/storage/cockroachdb"
|
|
},
|
|
{
|
|
"title": "Consul",
|
|
"path": "configuration/storage/consul"
|
|
},
|
|
{
|
|
"title": "CouchDB",
|
|
"path": "configuration/storage/couchdb"
|
|
},
|
|
{
|
|
"title": "DynamoDB",
|
|
"path": "configuration/storage/dynamodb"
|
|
},
|
|
{
|
|
"title": "Etcd",
|
|
"path": "configuration/storage/etcd"
|
|
},
|
|
{
|
|
"title": "File system",
|
|
"path": "configuration/storage/filesystem"
|
|
},
|
|
{
|
|
"title": "FoundationDB",
|
|
"path": "configuration/storage/foundationdb"
|
|
},
|
|
{
|
|
"title": "Google Cloud Spanner",
|
|
"path": "configuration/storage/google-cloud-spanner"
|
|
},
|
|
{
|
|
"title": "Google Cloud Storage",
|
|
"path": "configuration/storage/google-cloud-storage"
|
|
},
|
|
{
|
|
"title": "In-memory storage",
|
|
"path": "configuration/storage/in-memory"
|
|
},
|
|
{
|
|
"title": "Integrated storage (Raft)",
|
|
"path": "configuration/storage/raft"
|
|
},
|
|
{
|
|
"title": "Manta",
|
|
"path": "configuration/storage/manta"
|
|
},
|
|
{
|
|
"title": "MSSQL",
|
|
"path": "configuration/storage/mssql"
|
|
},
|
|
{
|
|
"title": "MySQL",
|
|
"path": "configuration/storage/mysql"
|
|
},
|
|
{
|
|
"title": "OCI Object Storage",
|
|
"path": "configuration/storage/oci-object-storage"
|
|
},
|
|
{
|
|
"title": "PostgreSQL",
|
|
"path": "configuration/storage/postgresql"
|
|
},
|
|
{
|
|
"title": "S3",
|
|
"path": "configuration/storage/s3"
|
|
},
|
|
{
|
|
"title": "Swift",
|
|
"path": "configuration/storage/swift"
|
|
},
|
|
{
|
|
"title": "Zookeeper",
|
|
"path": "configuration/storage/zookeeper"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>telemetry</code>",
|
|
"path": "configuration/telemetry"
|
|
},
|
|
{
|
|
"title": "<code>user_lockout</code>",
|
|
"path": "configuration/user-lockout"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Deploy Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Run as a service",
|
|
"path": "deploy/run-as-service"
|
|
},
|
|
{
|
|
"title": "Run on AWS",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/aws"
|
|
},
|
|
{
|
|
"title": "Vault Lambda Extension",
|
|
"path": "deploy/aws/lambda-extension"
|
|
},
|
|
{
|
|
"title": "Running Vault",
|
|
"path": "deploy/aws/run"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Run on Kubernetes",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes"
|
|
},
|
|
{
|
|
"title": "Agent Injector vs. Vault CSI Provider",
|
|
"path": "deploy/kubernetes/injector-csi"
|
|
},
|
|
{
|
|
"title": "Migrate Consul to Raft storage",
|
|
"path": "deploy/kubernetes/consul-to-raft"
|
|
},
|
|
{
|
|
"title": "Helm Chart",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/helm"
|
|
},
|
|
{
|
|
"title": "Running Vault",
|
|
"path": "deploy/kubernetes/helm/run"
|
|
},
|
|
{
|
|
"title": "Enterprise Licensing",
|
|
"path": "deploy/kubernetes/helm/enterprise"
|
|
},
|
|
{
|
|
"title": "Running Vault on OpenShift",
|
|
"path": "deploy/kubernetes/helm/openshift"
|
|
},
|
|
{
|
|
"title": "Configuration",
|
|
"path": "deploy/kubernetes/helm/configuration"
|
|
},
|
|
{
|
|
"title": "Terraform",
|
|
"path": "deploy/kubernetes/helm/terraform"
|
|
},
|
|
{
|
|
"title": "Examples",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/helm/examples"
|
|
},
|
|
{
|
|
"title": "Development",
|
|
"path": "deploy/kubernetes/helm/examples/development"
|
|
},
|
|
{
|
|
"title": "Standalone with Load Balanced UI",
|
|
"path": "deploy/kubernetes/helm/examples/standalone-load-balanced-ui"
|
|
},
|
|
{
|
|
"title": "Standalone with TLS",
|
|
"path": "deploy/kubernetes/helm/examples/standalone-tls"
|
|
},
|
|
{
|
|
"title": "Standalone with Audit Storage",
|
|
"path": "deploy/kubernetes/helm/examples/standalone-audit"
|
|
},
|
|
{
|
|
"title": "External Vault",
|
|
"path": "deploy/kubernetes/helm/examples/external"
|
|
},
|
|
{
|
|
"title": "Using Kubernetes Auth Method",
|
|
"path": "deploy/kubernetes/helm/examples/kubernetes-auth"
|
|
},
|
|
{
|
|
"title": "HA Cluster with Consul",
|
|
"path": "deploy/kubernetes/helm/examples/ha-with-consul"
|
|
},
|
|
{
|
|
"title": "HA Cluster with Raft",
|
|
"path": "deploy/kubernetes/helm/examples/ha-with-raft"
|
|
},
|
|
{
|
|
"title": "HA Cluster with Raft and TLS",
|
|
"path": "deploy/kubernetes/helm/examples/ha-tls"
|
|
},
|
|
{
|
|
"title": "HA Enterprise Cluster with Raft",
|
|
"path": "deploy/kubernetes/helm/examples/enterprise-with-raft"
|
|
},
|
|
{
|
|
"title": "HA Enterprise DR Clusters with Raft",
|
|
"path": "deploy/kubernetes/helm/examples/enterprise-dr-with-raft"
|
|
},
|
|
{
|
|
"title": "HA Enterprise Performance Clusters with Raft",
|
|
"path": "deploy/kubernetes/helm/examples/enterprise-perf-with-raft"
|
|
},
|
|
{
|
|
"title": "Vault Agent Injector TLS Configuration",
|
|
"path": "deploy/kubernetes/helm/examples/injector-tls"
|
|
},
|
|
{
|
|
"title": "Vault Agent Injector TLS with Cert-Manager",
|
|
"path": "deploy/kubernetes/helm/examples/injector-tls-cert-manager"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Agent Injector",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/injector"
|
|
},
|
|
{
|
|
"title": "Annotations",
|
|
"path": "deploy/kubernetes/injector/annotations"
|
|
},
|
|
{
|
|
"title": "Installation",
|
|
"path": "deploy/kubernetes/injector/installation"
|
|
},
|
|
{
|
|
"title": "Examples",
|
|
"path": "deploy/kubernetes/injector/examples"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault CSI Provider",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/csi"
|
|
},
|
|
{
|
|
"title": "Installation",
|
|
"path": "deploy/kubernetes/csi/installation"
|
|
},
|
|
{
|
|
"title": "Configurations",
|
|
"path": "deploy/kubernetes/csi/configurations"
|
|
},
|
|
{
|
|
"title": "Examples",
|
|
"path": "deploy/kubernetes/csi/examples"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault Secrets Operator",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/vso"
|
|
},
|
|
{
|
|
"title": "Installation",
|
|
"path": "deploy/kubernetes/vso/installation"
|
|
},
|
|
{
|
|
"title": "Secret Sources",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/vso/sources"
|
|
},
|
|
{
|
|
"title": "Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/vso/sources/vault"
|
|
},
|
|
{
|
|
"title": "Authentication",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "deploy/kubernetes/vso/sources/vault/auth"
|
|
},
|
|
{
|
|
"title": "AWS",
|
|
"path": "deploy/kubernetes/vso/sources/vault/auth/aws"
|
|
},
|
|
{
|
|
"title": "GCP",
|
|
"path": "deploy/kubernetes/vso/sources/vault/auth/gcp"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Encrypted client cache",
|
|
"path": "deploy/kubernetes/vso/sources/vault/client-cache"
|
|
},
|
|
{
|
|
"title": "Instant updates",
|
|
"path": "deploy/kubernetes/vso/sources/vault/instant-updates"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "HCP Vault Secrets",
|
|
"path": "deploy/kubernetes/vso/sources/hvs"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Secret Data Transformation",
|
|
"path": "deploy/kubernetes/vso/secret-transformation"
|
|
},
|
|
{
|
|
"title": "Helm Chart",
|
|
"path": "deploy/kubernetes/vso/helm"
|
|
},
|
|
{
|
|
"title": "Examples",
|
|
"path": "deploy/kubernetes/vso/examples"
|
|
},
|
|
{
|
|
"title": "Telemetry",
|
|
"path": "deploy/kubernetes/vso/telemetry"
|
|
},
|
|
{
|
|
"title": "API Reference",
|
|
"path": "deploy/kubernetes/vso/api-reference"
|
|
},
|
|
{
|
|
"title": "OpenShift",
|
|
"path": "deploy/kubernetes/vso/openshift"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Upgrade Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Single-instance",
|
|
"path": "upgrade"
|
|
},
|
|
{
|
|
"title": "Replicated deployments",
|
|
"path": "upgrade/replicated-deployment"
|
|
},
|
|
{
|
|
"title": "Manual upgrade for HA deployments",
|
|
"path": "upgrade/vault-ha-upgrade"
|
|
},
|
|
{
|
|
"title": "LTS Vault upgrades",
|
|
"path": "upgrade/lts-upgrade"
|
|
},
|
|
{
|
|
"title": "Rollback an upgrade",
|
|
"path": "upgrade/rollback"
|
|
},
|
|
{
|
|
"title": "Update to Raft WAL",
|
|
"path": "upgrade/raft-wal",
|
|
"badge": {
|
|
"text": "EXPERIMENTAL",
|
|
"type": "outlined",
|
|
"color": "neutral"
|
|
}
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "System administration",
|
|
"routes": [
|
|
{
|
|
"title": "Manage snapshots",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "sysadmin/snapshots"
|
|
},
|
|
{
|
|
"title": "Automation and integrated storage",
|
|
"path": "sysadmin/snapshots/automation-overview",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Automate cluster snapshots",
|
|
"path": "sysadmin/snapshots/automate",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Save a cluster snapshot",
|
|
"path": "sysadmin/snapshots/save"
|
|
},
|
|
{
|
|
"title": "Restore a cluster snapshot",
|
|
"path": "sysadmin/snapshots/restore"
|
|
},
|
|
{
|
|
"title": "Recover a secret",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "sysadmin/snapshots/recover-a-secret"
|
|
},
|
|
{
|
|
"title": "Restore to a replicated cluster",
|
|
"path": "sysadmin/snapshots/recover-a-secret/replicated-cluster"
|
|
},
|
|
{
|
|
"title": "Restore to an unreplicated cluster",
|
|
"path": "sysadmin/snapshots/recover-a-secret/single-cluster"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
|
|
{
|
|
"divider": true
|
|
},
|
|
|
|
{
|
|
"title": "Internals",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "internals"
|
|
},
|
|
{
|
|
"title": "Architecture",
|
|
"path": "internals/architecture"
|
|
},
|
|
{
|
|
"title": "High Availability",
|
|
"path": "internals/high-availability"
|
|
},
|
|
{
|
|
"title": "Integrated Storage",
|
|
"path": "internals/integrated-storage"
|
|
},
|
|
{
|
|
"title": "Recommended patterns",
|
|
"path": "internals/recommended-patterns"
|
|
},
|
|
{
|
|
"title": "Security Model",
|
|
"path": "internals/security"
|
|
},
|
|
{
|
|
"title": "Telemetry",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "internals/telemetry"
|
|
},
|
|
{
|
|
"title": "Enable telemetry gathering",
|
|
"path": "internals/telemetry/enable-telemetry"
|
|
},
|
|
{
|
|
"title": "Key metrics",
|
|
"path": "internals/telemetry/key-metrics"
|
|
},
|
|
{
|
|
"title": "Metric reference",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "internals/telemetry/metrics"
|
|
},
|
|
{
|
|
"title": "Activity metrics",
|
|
"path": "internals/telemetry/metrics/activity"
|
|
},
|
|
{
|
|
"title": "Audit log metrics",
|
|
"path": "internals/telemetry/metrics/audit"
|
|
},
|
|
{
|
|
"title": "Authentication metrics",
|
|
"path": "internals/telemetry/metrics/authn"
|
|
},
|
|
{
|
|
"title": "Auto-snapshot metrics",
|
|
"path": "internals/telemetry/metrics/autosnap"
|
|
},
|
|
{
|
|
"title": "Availability metrics",
|
|
"path": "internals/telemetry/metrics/availability"
|
|
},
|
|
{
|
|
"title": "Core system metrics",
|
|
"path": "internals/telemetry/metrics/core-system"
|
|
},
|
|
{
|
|
"title": "Database metrics",
|
|
"path": "internals/telemetry/metrics/database"
|
|
},
|
|
{
|
|
"title": "Policy metrics",
|
|
"path": "internals/telemetry/metrics/policy"
|
|
},
|
|
{
|
|
"title": "Raft metrics",
|
|
"path": "internals/telemetry/metrics/raft"
|
|
},
|
|
{
|
|
"title": "Secrets Sync metrics",
|
|
"path": "internals/telemetry/metrics/secrets-sync"
|
|
},
|
|
{
|
|
"title": "Secrets metrics",
|
|
"path": "internals/telemetry/metrics/secrets"
|
|
},
|
|
{
|
|
"title": "Storage plugin metrics",
|
|
"path": "internals/telemetry/metrics/storage"
|
|
},
|
|
{
|
|
"title": "Full metrics list",
|
|
"path": "internals/telemetry/metrics/all"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
|
|
{
|
|
"title": "Token Authentication",
|
|
"path": "internals/token"
|
|
},
|
|
{
|
|
"title": "Key Rotation",
|
|
"path": "internals/rotation"
|
|
},
|
|
{
|
|
"title": "Replication",
|
|
"path": "internals/replication"
|
|
},
|
|
{
|
|
"title": "Limits and Maximums",
|
|
"path": "internals/limits"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault CLI",
|
|
"routes": [
|
|
{
|
|
"title": "Usage",
|
|
"path": "commands"
|
|
},
|
|
{
|
|
"title": "Use a custom token helper",
|
|
"path": "commands/token-helper"
|
|
},
|
|
{ "divider": true },
|
|
{ "heading": "CLI commands" },
|
|
{
|
|
"title": "Vault Agent",
|
|
"routes": [
|
|
{
|
|
"title": "<code>agent</code>",
|
|
"path": "commands/agent"
|
|
},
|
|
{
|
|
"title": "<code>generate-config</code>",
|
|
"path": "commands/agent/generate-config"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>audit</code>",
|
|
"routes": [
|
|
{
|
|
"title": "<code>disable</code>",
|
|
"path": "commands/audit/disable"
|
|
},
|
|
{
|
|
"title": "<code>enable</code>",
|
|
"path": "commands/audit/enable"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/audit/list"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>auth</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/auth"
|
|
},
|
|
{
|
|
"title": "<code>disable</code>",
|
|
"path": "commands/auth/disable"
|
|
},
|
|
{
|
|
"title": "<code>enable</code>",
|
|
"path": "commands/auth/enable"
|
|
},
|
|
{
|
|
"title": "<code>help</code>",
|
|
"path": "commands/auth/help"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/auth/list"
|
|
},
|
|
{
|
|
"title": "<code>move</code>",
|
|
"path": "commands/auth/move"
|
|
},
|
|
{
|
|
"title": "<code>tune</code>",
|
|
"path": "commands/auth/tune"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>debug</code>",
|
|
"path": "commands/debug"
|
|
},
|
|
{
|
|
"title": "<code>delete</code>",
|
|
"path": "commands/delete"
|
|
},
|
|
{
|
|
"title": "<code>events</code>",
|
|
"path": "commands/events"
|
|
},
|
|
{
|
|
"title": "<code>hcp</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/hcp"
|
|
},
|
|
{
|
|
"title": "<code>connect</code>",
|
|
"path": "commands/hcp/connect"
|
|
},
|
|
{
|
|
"title": "<code>disconnect</code>",
|
|
"path": "commands/hcp/disconnect"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>kv</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/kv"
|
|
},
|
|
{
|
|
"title": "<code>delete</code>",
|
|
"path": "commands/kv/delete"
|
|
},
|
|
{
|
|
"title": "<code>destroy</code>",
|
|
"path": "commands/kv/destroy"
|
|
},
|
|
{
|
|
"title": "<code>enable-versioning</code>",
|
|
"path": "commands/kv/enable-versioning"
|
|
},
|
|
{
|
|
"title": "<code>get</code>",
|
|
"path": "commands/kv/get"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/kv/list"
|
|
},
|
|
{
|
|
"title": "<code>metadata</code>",
|
|
"path": "commands/kv/metadata"
|
|
},
|
|
{
|
|
"title": "<code>patch</code>",
|
|
"path": "commands/kv/patch"
|
|
},
|
|
{
|
|
"title": "<code>put</code>",
|
|
"path": "commands/kv/put"
|
|
},
|
|
{
|
|
"title": "<code>rollback</code>",
|
|
"path": "commands/kv/rollback"
|
|
},
|
|
{
|
|
"title": "<code>undelete</code>",
|
|
"path": "commands/kv/undelete"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>lease</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/lease"
|
|
},
|
|
{
|
|
"title": "<code>lookup</code>",
|
|
"path": "commands/lease/lookup"
|
|
},
|
|
{
|
|
"title": "<code>renew</code>",
|
|
"path": "commands/lease/renew"
|
|
},
|
|
{
|
|
"title": "<code>revoke</code>",
|
|
"path": "commands/lease/revoke"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>license</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/license"
|
|
},
|
|
{
|
|
"title": "<code>get</code>",
|
|
"path": "commands/license/get"
|
|
},
|
|
{
|
|
"title": "<code>inspect</code>",
|
|
"path": "commands/license/inspect"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/list"
|
|
},
|
|
{
|
|
"title": "<code>login</code>",
|
|
"path": "commands/login"
|
|
},
|
|
{
|
|
"title": "<code>monitor</code>",
|
|
"path": "commands/monitor"
|
|
},
|
|
{
|
|
"title": "<code>namespace</code>",
|
|
"path": "commands/namespace"
|
|
},
|
|
{
|
|
"title": "<code>operator</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/operator"
|
|
},
|
|
{
|
|
"title": "<code>diagnose</code>",
|
|
"path": "commands/operator/diagnose"
|
|
},
|
|
{
|
|
"title": "<code>generate-root</code>",
|
|
"path": "commands/operator/generate-root"
|
|
},
|
|
{
|
|
"title": "<code>import</code>",
|
|
"path": "commands/operator/import"
|
|
},
|
|
{
|
|
"title": "<code>init</code>",
|
|
"path": "commands/operator/init"
|
|
},
|
|
{
|
|
"title": "<code>key-status</code>",
|
|
"path": "commands/operator/key-status"
|
|
},
|
|
{
|
|
"title": "<code>members</code>",
|
|
"path": "commands/operator/members"
|
|
},
|
|
{
|
|
"title": "<code>migrate</code>",
|
|
"path": "commands/operator/migrate"
|
|
},
|
|
{
|
|
"title": "<code>raft</code>",
|
|
"path": "commands/operator/raft"
|
|
},
|
|
{
|
|
"title": "<code>rekey</code>",
|
|
"path": "commands/operator/rekey"
|
|
},
|
|
{
|
|
"title": "<code>rotate</code>",
|
|
"path": "commands/operator/rotate"
|
|
},
|
|
{
|
|
"title": "<code>seal</code>",
|
|
"path": "commands/operator/seal"
|
|
},
|
|
{
|
|
"title": "<code>step-down</code>",
|
|
"path": "commands/operator/step-down"
|
|
},
|
|
{
|
|
"title": "<code>unseal</code>",
|
|
"path": "commands/operator/unseal"
|
|
},
|
|
{
|
|
"title": "<code>usage</code>",
|
|
"path": "commands/operator/usage"
|
|
},
|
|
{
|
|
"title": "<code>utilization</code>",
|
|
"path": "commands/operator/utilization"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>patch</code>",
|
|
"path": "commands/patch"
|
|
},
|
|
{
|
|
"title": "<code>path-help</code>",
|
|
"path": "commands/path-help"
|
|
},
|
|
{
|
|
"title": "<code>pki</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/pki"
|
|
},
|
|
{
|
|
"title": "<code>health-check</code>",
|
|
"path": "commands/pki/health-check"
|
|
},
|
|
{
|
|
"title": "<code>verify-sign</code>",
|
|
"path": "commands/pki/verify-sign"
|
|
},
|
|
{
|
|
"title": "<code>list-intermediates</code>",
|
|
"path": "commands/pki/list-intermediates"
|
|
},
|
|
{
|
|
"title": "<code>issue</code>",
|
|
"path": "commands/pki/issue"
|
|
},
|
|
{
|
|
"title": "<code>reissue</code>",
|
|
"path": "commands/pki/reissue"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>plugin</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/plugin"
|
|
},
|
|
{
|
|
"title": "<code>deregister</code>",
|
|
"path": "commands/plugin/deregister"
|
|
},
|
|
{
|
|
"title": "<code>info</code>",
|
|
"path": "commands/plugin/info"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/plugin/list"
|
|
},
|
|
{
|
|
"title": "<code>register</code>",
|
|
"path": "commands/plugin/register"
|
|
},
|
|
{
|
|
"title": "<code>reload</code>",
|
|
"path": "commands/plugin/reload"
|
|
},
|
|
{
|
|
"title": "<code>runtime</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/plugin/runtime"
|
|
},
|
|
{
|
|
"title": "<code>deregister</code>",
|
|
"path": "commands/plugin/runtime/deregister"
|
|
},
|
|
{
|
|
"title": "<code>info</code>",
|
|
"path": "commands/plugin/runtime/info"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/plugin/runtime/list"
|
|
},
|
|
{
|
|
"title": "<code>register</code>",
|
|
"path": "commands/plugin/runtime/register"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>policy</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/policy"
|
|
},
|
|
{
|
|
"title": "<code>delete</code>",
|
|
"path": "commands/policy/delete"
|
|
},
|
|
{
|
|
"title": "<code>fmt</code>",
|
|
"path": "commands/policy/fmt"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/policy/list"
|
|
},
|
|
{
|
|
"title": "<code>read</code>",
|
|
"path": "commands/policy/read"
|
|
},
|
|
{
|
|
"title": "<code>write</code>",
|
|
"path": "commands/policy/write"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>print</code>",
|
|
"path": "commands/print"
|
|
},
|
|
{
|
|
"title": "<code>proxy</code>",
|
|
"path": "commands/proxy"
|
|
},
|
|
{
|
|
"title": "<code>read</code>",
|
|
"path": "commands/read"
|
|
},
|
|
{
|
|
"title": "<code>recover</code>",
|
|
"path": "commands/recover"
|
|
},
|
|
{
|
|
"title": "<code>secrets</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/secrets"
|
|
},
|
|
{
|
|
"title": "<code>disable</code>",
|
|
"path": "commands/secrets/disable"
|
|
},
|
|
{
|
|
"title": "<code>enable</code>",
|
|
"path": "commands/secrets/enable"
|
|
},
|
|
{
|
|
"title": "<code>list</code>",
|
|
"path": "commands/secrets/list"
|
|
},
|
|
{
|
|
"title": "<code>move</code>",
|
|
"path": "commands/secrets/move"
|
|
},
|
|
{
|
|
"title": "<code>tune</code>",
|
|
"path": "commands/secrets/tune"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>server</code>",
|
|
"path": "commands/server"
|
|
},
|
|
{
|
|
"title": "<code>ssh</code>",
|
|
"path": "commands/ssh"
|
|
},
|
|
{
|
|
"title": "<code>status</code>",
|
|
"path": "commands/status"
|
|
},
|
|
{
|
|
"title": "<code>token</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/token"
|
|
},
|
|
{
|
|
"title": "<code>capabilities</code>",
|
|
"path": "commands/token/capabilities"
|
|
},
|
|
{
|
|
"title": "<code>create</code>",
|
|
"path": "commands/token/create"
|
|
},
|
|
{
|
|
"title": "<code>lookup</code>",
|
|
"path": "commands/token/lookup"
|
|
},
|
|
{
|
|
"title": "<code>renew</code>",
|
|
"path": "commands/token/renew"
|
|
},
|
|
{
|
|
"title": "<code>revoke</code>",
|
|
"path": "commands/token/revoke"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>transit</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/transit"
|
|
},
|
|
{
|
|
"title": "<code>import</code> and <code>import-version</code>",
|
|
"path": "commands/transit/import"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>transform</code>",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "commands/transform"
|
|
},
|
|
{
|
|
"title": "<code>import</code> and <code>import-version</code>",
|
|
"path": "commands/transform/import"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "<code>unwrap</code>",
|
|
"path": "commands/unwrap"
|
|
},
|
|
{
|
|
"title": "<code>version</code>",
|
|
"path": "commands/version"
|
|
},
|
|
{
|
|
"title": "<code>version-history</code>",
|
|
"path": "commands/version-history"
|
|
},
|
|
{
|
|
"title": "<code>write</code>",
|
|
"path": "commands/write"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault GUI",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "ui"
|
|
},
|
|
{
|
|
"title": "Browser support",
|
|
"path": "ui/browser-support"
|
|
},
|
|
{
|
|
"title": "Custom login",
|
|
"path": "ui/custom-login",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Custom messages",
|
|
"path": "ui/custom-messages",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Namespaces",
|
|
"path": "ui/namespaces",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "CLI emulation",
|
|
"path": "ui/web-cli"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault tools: Agent and Proxy",
|
|
"routes": [
|
|
{
|
|
"title": "Why use Agent or Proxy?",
|
|
"path": "agent-and-proxy"
|
|
},
|
|
{
|
|
"title": "Upgrade Agent or Proxy",
|
|
"path": "agent-and-proxy/upgrade"
|
|
},
|
|
{
|
|
"title": "Auto-authentication",
|
|
"routes": [
|
|
{
|
|
"title": "What is auto-authentication?",
|
|
"path": "agent-and-proxy/autoauth"
|
|
},
|
|
{
|
|
"title": "Auto-auth methods",
|
|
"routes": [
|
|
{
|
|
"title": "AliCloud",
|
|
"path": "agent-and-proxy/autoauth/methods/alicloud"
|
|
},
|
|
{
|
|
"title": "AppRole",
|
|
"path": "agent-and-proxy/autoauth/methods/approle"
|
|
},
|
|
{
|
|
"title": "AWS",
|
|
"path": "agent-and-proxy/autoauth/methods/aws"
|
|
},
|
|
{
|
|
"title": "Azure",
|
|
"path": "agent-and-proxy/autoauth/methods/azure"
|
|
},
|
|
{
|
|
"title": "TLS certificates",
|
|
"path": "agent-and-proxy/autoauth/methods/cert"
|
|
},
|
|
{
|
|
"title": "Cloud Foundry (CF)",
|
|
"path": "agent-and-proxy/autoauth/methods/cf"
|
|
},
|
|
{
|
|
"title": "GCP",
|
|
"path": "agent-and-proxy/autoauth/methods/gcp"
|
|
},
|
|
{
|
|
"title": "JWT",
|
|
"path": "agent-and-proxy/autoauth/methods/jwt"
|
|
},
|
|
{
|
|
"title": "LDAP",
|
|
"path": "agent-and-proxy/autoauth/methods/ldap"
|
|
},
|
|
{
|
|
"title": "Kerberos",
|
|
"path": "agent-and-proxy/autoauth/methods/kerberos"
|
|
},
|
|
{
|
|
"title": "Kubernetes",
|
|
"path": "agent-and-proxy/autoauth/methods/kubernetes"
|
|
},
|
|
{
|
|
"title": "Oracle Cloud Infrastructure (OCI",
|
|
"path": "agent-and-proxy/autoauth/methods/oci"
|
|
},
|
|
{
|
|
"title": "Token file",
|
|
"path": "agent-and-proxy/autoauth/methods/token_file"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Token sinks",
|
|
"routes": [
|
|
{
|
|
"title": "File",
|
|
"path": "agent-and-proxy/autoauth/sinks/file"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault Proxy",
|
|
"routes": [
|
|
{
|
|
"title": "What is Vault Proxy?",
|
|
"path": "agent-and-proxy/proxy"
|
|
},
|
|
{
|
|
"title": "Vault Proxy as Vault API proxy",
|
|
"path": "agent-and-proxy/proxy/apiproxy"
|
|
},
|
|
{
|
|
"title": "Vault Proxy caching",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "agent-and-proxy/proxy/caching"
|
|
},
|
|
{
|
|
"title": "Improve Vault traffic resiliency",
|
|
"path": "agent-and-proxy/proxy/caching/static-secret-caching",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "outlined",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Persistent Caching",
|
|
"routes": [
|
|
{
|
|
"title": "Use built-in persistent caching",
|
|
"path": "agent-and-proxy/proxy/caching/persistent-caches"
|
|
},
|
|
{
|
|
"title": "Use Kubernetes persistent cache",
|
|
"path": "agent-and-proxy/proxy/caching/persistent-caches/kubernetes"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Risks of inconsistent Proxy and Vault versions",
|
|
"path": "agent-and-proxy/proxy/versions"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Vault Agent",
|
|
"routes": [
|
|
{
|
|
"title": "What is Vault Agent?",
|
|
"path": "agent-and-proxy/agent"
|
|
},
|
|
{
|
|
"title": "Vault Agent as Vault API proxy",
|
|
"path": "agent-and-proxy/agent/apiproxy"
|
|
},
|
|
{
|
|
"title": "Vault Agent caching",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "agent-and-proxy/agent/caching"
|
|
},
|
|
{
|
|
"title": "Persistent caching",
|
|
"routes": [
|
|
{
|
|
"title": "Use built-in persistent caching",
|
|
"path": "agent-and-proxy/agent/caching/persistent-caches"
|
|
},
|
|
{
|
|
"title": "Use Kubernetes persistent cache",
|
|
"path": "agent-and-proxy/agent/caching/persistent-caches/kubernetes"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Generate a development config file",
|
|
"path": "agent-and-proxy/agent/generate-config"
|
|
},
|
|
{
|
|
"title": "Run in process supervisor mode",
|
|
"path": "agent-and-proxy/agent/process-supervisor"
|
|
},
|
|
{
|
|
"title": "Use Vault Agent templates",
|
|
"path": "agent-and-proxy/agent/template"
|
|
},
|
|
{
|
|
"title": "Run Vault Agent as a Windows service",
|
|
"path": "agent-and-proxy/agent/winsvc"
|
|
},
|
|
{
|
|
"title": "Risks of inconsistent Agent and Vault versions",
|
|
"path": "agent-and-proxy/agent/versions"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"divider": true
|
|
},
|
|
{
|
|
"title": "Secrets Engines",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets"
|
|
},
|
|
{
|
|
"title": "AliCloud",
|
|
"path": "secrets/alicloud"
|
|
},
|
|
{
|
|
"title": "AWS",
|
|
"path": "secrets/aws"
|
|
},
|
|
{
|
|
"title": "Azure",
|
|
"path": "secrets/azure"
|
|
},
|
|
{
|
|
"title": "Consul",
|
|
"path": "secrets/consul"
|
|
},
|
|
{
|
|
"title": "Cubbyhole",
|
|
"path": "secrets/cubbyhole"
|
|
},
|
|
{
|
|
"title": "Databases",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/databases"
|
|
},
|
|
{
|
|
"title": "Cassandra",
|
|
"path": "secrets/databases/cassandra"
|
|
},
|
|
{
|
|
"title": "Couchbase",
|
|
"path": "secrets/databases/couchbase"
|
|
},
|
|
{
|
|
"title": "Elasticsearch",
|
|
"path": "secrets/databases/elasticdb"
|
|
},
|
|
{
|
|
"title": "HanaDB",
|
|
"path": "secrets/databases/hanadb"
|
|
},
|
|
{
|
|
"title": "IBM Db2",
|
|
"path": "secrets/databases/db2"
|
|
},
|
|
{
|
|
"title": "InfluxDB",
|
|
"path": "secrets/databases/influxdb"
|
|
},
|
|
{
|
|
"title": "MongoDB",
|
|
"path": "secrets/databases/mongodb"
|
|
},
|
|
{
|
|
"title": "MongoDB Atlas",
|
|
"path": "secrets/databases/mongodbatlas"
|
|
},
|
|
{
|
|
"title": "MSSQL",
|
|
"path": "secrets/databases/mssql"
|
|
},
|
|
{
|
|
"title": "MySQL/MariaDB",
|
|
"path": "secrets/databases/mysql-maria"
|
|
},
|
|
{
|
|
"title": "Oracle",
|
|
"path": "secrets/databases/oracle"
|
|
},
|
|
{
|
|
"title": "PostgreSQL",
|
|
"path": "secrets/databases/postgresql"
|
|
},
|
|
{
|
|
"title": "Redis",
|
|
"path": "secrets/databases/redis"
|
|
},
|
|
{
|
|
"title": "Redis ElastiCache",
|
|
"path": "secrets/databases/rediselasticache"
|
|
},
|
|
{
|
|
"title": "Redshift",
|
|
"path": "secrets/databases/redshift"
|
|
},
|
|
{
|
|
"title": "Snowflake",
|
|
"path": "secrets/databases/snowflake"
|
|
},
|
|
{
|
|
"title": "Custom",
|
|
"path": "secrets/databases/custom"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Google Cloud",
|
|
"path": "secrets/gcp"
|
|
},
|
|
{
|
|
"title": "Google Cloud KMS",
|
|
"path": "secrets/gcpkms"
|
|
},
|
|
{
|
|
"title": "Identity",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/identity"
|
|
},
|
|
{
|
|
"title": "Identity Tokens",
|
|
"path": "secrets/identity/identity-token"
|
|
},
|
|
{
|
|
"title": "OIDC Identity Provider",
|
|
"path": "secrets/identity/oidc-provider"
|
|
},
|
|
{
|
|
"title": "Resolve duplicate identities",
|
|
"routes": [
|
|
{
|
|
"title": "Process overview",
|
|
"path": "secrets/identity/deduplication"
|
|
},
|
|
{
|
|
"title": "Fix different-case entity alias duplicates",
|
|
"path": "secrets/identity/deduplication/different-case"
|
|
},
|
|
{
|
|
"title": "Fix entity and group duplicates",
|
|
"path": "secrets/identity/deduplication/entity-group"
|
|
},
|
|
{
|
|
"title": "Resolve ACL policy templates",
|
|
"path": "secrets/identity/deduplication/acl-policy-templates"
|
|
},
|
|
{
|
|
"title": "Resolve Terraform config",
|
|
"path": "secrets/identity/deduplication/terraform-refs"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Key Management",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/key-management"
|
|
},
|
|
{
|
|
"title": "Azure Key Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/key-management/azurekeyvault"
|
|
},
|
|
{
|
|
"title": "Setup guide",
|
|
"path": "secrets/key-management/azurekeyvault/setup"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "AWS KMS",
|
|
"path": "secrets/key-management/awskms"
|
|
},
|
|
{
|
|
"title": "GCP Cloud KMS",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/key-management/gcpkms"
|
|
},
|
|
{
|
|
"title": "Setup guide",
|
|
"path": "secrets/key-management/gcpkms/setup"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Key/Value",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/kv"
|
|
},
|
|
{
|
|
"title": "KV version 1",
|
|
"path": "secrets/kv/kv-v1"
|
|
},
|
|
{
|
|
"title": "KV version 2",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/kv/kv-v2"
|
|
},
|
|
{
|
|
"title": "Upgrade from v1",
|
|
"path": "secrets/kv/kv-v2/upgrade"
|
|
},
|
|
{
|
|
"title": "Setup",
|
|
"path": "secrets/kv/kv-v2/setup"
|
|
},
|
|
{
|
|
"title": "Save random strings",
|
|
"path": "secrets/kv/kv-v2/random-string"
|
|
},
|
|
{
|
|
"title": "Cookbook",
|
|
"routes": [
|
|
{
|
|
"title": "Read data",
|
|
"path": "secrets/kv/kv-v2/cookbook/read-data"
|
|
},
|
|
{
|
|
"title": "Read subkeys",
|
|
"path": "secrets/kv/kv-v2/cookbook/read-subkey"
|
|
},
|
|
{
|
|
"title": "Set max data versions",
|
|
"path": "secrets/kv/kv-v2/cookbook/max-versions"
|
|
},
|
|
{
|
|
"title": "Write data",
|
|
"path": "secrets/kv/kv-v2/cookbook/write-data"
|
|
},
|
|
{
|
|
"title": "Patch/update data",
|
|
"path": "secrets/kv/kv-v2/cookbook/patch-data"
|
|
},
|
|
{
|
|
"title": "Soft delete data",
|
|
"path": "secrets/kv/kv-v2/cookbook/delete-data"
|
|
},
|
|
{
|
|
"title": "Restore soft deleted data",
|
|
"path": "secrets/kv/kv-v2/cookbook/undelete-data"
|
|
},
|
|
{
|
|
"title": "Destroy data",
|
|
"path": "secrets/kv/kv-v2/cookbook/destroy-data"
|
|
},
|
|
{
|
|
"title": "Write custom metadata",
|
|
"path": "secrets/kv/kv-v2/cookbook/custom-metadata"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "KMIP",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "secrets/kmip"
|
|
},
|
|
{
|
|
"title": "KMIP - Profile Support",
|
|
"path": "secrets/kmip-profiles",
|
|
"hidden": true
|
|
},
|
|
{
|
|
"title": "Kubernetes",
|
|
"path": "secrets/kubernetes"
|
|
},
|
|
{
|
|
"title": "MongoDB Atlas",
|
|
"path": "secrets/mongodbatlas"
|
|
},
|
|
{
|
|
"title": "Nomad",
|
|
"path": "secrets/nomad"
|
|
},
|
|
{
|
|
"title": "LDAP",
|
|
"path": "secrets/ldap"
|
|
},
|
|
{
|
|
"title": "PKI (Certificates)",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/pki"
|
|
},
|
|
{
|
|
"title": "Setup and Usage",
|
|
"path": "secrets/pki/setup"
|
|
},
|
|
{
|
|
"title": "Quick Start - Root CA Setup",
|
|
"path": "secrets/pki/quick-start-root-ca"
|
|
},
|
|
{
|
|
"title": "Quick Start - Intermediate CA Setup",
|
|
"path": "secrets/pki/quick-start-intermediate-ca"
|
|
},
|
|
{
|
|
"title": "Considerations",
|
|
"path": "secrets/pki/considerations"
|
|
},
|
|
{
|
|
"title": "Rotation Primitives",
|
|
"path": "secrets/pki/rotation-primitives"
|
|
},
|
|
{
|
|
"title": "Certificate Issuance External Policy Service (CIEPS)",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "secrets/pki/cieps"
|
|
},
|
|
{
|
|
"title": "Enrollment over Secure Transport (EST)",
|
|
"path": "secrets/pki/est",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Certificate Management Protocol (CMPv2)",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "secrets/pki/cmpv2"
|
|
},
|
|
{
|
|
"title": "Simple Certificate Enrollment Protocol (SCEP)",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "secrets/pki/scep"
|
|
},
|
|
{
|
|
"title": "Troubleshooting ACME",
|
|
"path": "secrets/pki/troubleshooting-acme"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "RabbitMQ",
|
|
"path": "secrets/rabbitmq"
|
|
},
|
|
{
|
|
"title": "SSH",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/ssh"
|
|
},
|
|
{
|
|
"title": "Signed Certificates",
|
|
"path": "secrets/ssh/signed-ssh-certificates"
|
|
},
|
|
{
|
|
"title": "SSH OTP",
|
|
"path": "secrets/ssh/one-time-ssh-passwords"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "HCP Terraform",
|
|
"path": "secrets/terraform"
|
|
},
|
|
{
|
|
"title": "TOTP",
|
|
"path": "secrets/totp"
|
|
},
|
|
{
|
|
"title": "Transform",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/transform"
|
|
},
|
|
{
|
|
"title": "FF3-1 Tweak Usage",
|
|
"path": "secrets/transform/ff3-tweak-details"
|
|
},
|
|
{
|
|
"title": "Tokenization Transform",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"path": "secrets/transform/tokenization"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Transit",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "secrets/transit"
|
|
},
|
|
{
|
|
"title": "Import Key Wrapping Guide",
|
|
"path": "secrets/transit/key-wrapping-guide"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Secrets Sync",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "sync"
|
|
},
|
|
{
|
|
"title": "Sync to AWS Secrets Manager",
|
|
"path": "sync/awssm"
|
|
},
|
|
{
|
|
"title": "Sync to Azure Key Vault",
|
|
"path": "sync/azurekv"
|
|
},
|
|
{
|
|
"title": "Sync to GCP Secret Manager",
|
|
"path": "sync/gcpsm"
|
|
},
|
|
{
|
|
"title": "Sync to GitHub",
|
|
"path": "sync/github"
|
|
},
|
|
{
|
|
"title": "Sync to Vercel Project",
|
|
"path": "sync/vercelproject"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Secrets Import",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "import",
|
|
"badge": {
|
|
"text": "BETA",
|
|
"type": "outlined",
|
|
"color": "highlight"
|
|
}
|
|
},
|
|
{
|
|
"title": "AWS Secret Manager",
|
|
"path": "import/awssm"
|
|
},
|
|
{
|
|
"title": "Azure KeyVault",
|
|
"path": "import/azurekv"
|
|
},
|
|
{
|
|
"title": "GCP Secret Manager",
|
|
"path": "import/gcpsm"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "AuthN methods",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "auth"
|
|
},
|
|
{
|
|
"title": "AppRole",
|
|
"routes": [
|
|
{
|
|
"title": "Use AppRole authN",
|
|
"path": "auth/approle"
|
|
},
|
|
{
|
|
"title": "AppRole best practices",
|
|
"path": "auth/approle/approle-pattern"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "AliCloud",
|
|
"path": "auth/alicloud"
|
|
},
|
|
{
|
|
"title": "AWS",
|
|
"path": "auth/aws"
|
|
},
|
|
{
|
|
"title": "Azure",
|
|
"path": "auth/azure"
|
|
},
|
|
{
|
|
"title": "Cloud Foundry",
|
|
"path": "auth/cf"
|
|
},
|
|
{
|
|
"title": "GitHub",
|
|
"path": "auth/github"
|
|
},
|
|
{
|
|
"title": "Google Cloud",
|
|
"path": "auth/gcp"
|
|
},
|
|
{
|
|
"title": "JWT/OIDC",
|
|
"routes": [
|
|
{
|
|
"title": "Use JWT/OIDC",
|
|
"path": "auth/jwt"
|
|
},
|
|
{
|
|
"title": "OIDC providers",
|
|
"routes": [
|
|
{
|
|
"title": "OIDC provider list",
|
|
"path": "auth/jwt/oidc-providers"
|
|
},
|
|
{
|
|
"title": "ADFS",
|
|
"path": "auth/jwt/oidc-providers/adfs"
|
|
},
|
|
{
|
|
"title": "Auth0",
|
|
"path": "auth/jwt/oidc-providers/auth0"
|
|
},
|
|
{
|
|
"title": "Azure AD",
|
|
"path": "auth/jwt/oidc-providers/azuread"
|
|
},
|
|
{
|
|
"title": "Forgerock",
|
|
"path": "auth/jwt/oidc-providers/forgerock"
|
|
},
|
|
{
|
|
"title": "Gitlab",
|
|
"path": "auth/jwt/oidc-providers/gitlab"
|
|
},
|
|
{
|
|
"title": "Google",
|
|
"path": "auth/jwt/oidc-providers/google"
|
|
},
|
|
{
|
|
"title": "Keycloak",
|
|
"path": "auth/jwt/oidc-providers/keycloak"
|
|
},
|
|
{
|
|
"title": "Kubernetes",
|
|
"path": "auth/jwt/oidc-providers/kubernetes"
|
|
},
|
|
{
|
|
"title": "Okta",
|
|
"path": "auth/jwt/oidc-providers/okta"
|
|
},
|
|
{
|
|
"title": "SecureAuth",
|
|
"path": "auth/jwt/oidc-providers/secureauth"
|
|
},
|
|
{
|
|
"title": "IBM Verify",
|
|
"path": "auth/jwt/oidc-providers/ibmisam"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Kerberos",
|
|
"path": "auth/kerberos"
|
|
},
|
|
{
|
|
"title": "Kubernetes",
|
|
"path": "auth/kubernetes"
|
|
},
|
|
{
|
|
"title": "LDAP",
|
|
"path": "auth/ldap"
|
|
},
|
|
{
|
|
"title": "Login MFA",
|
|
"routes": [
|
|
{
|
|
"title": "Setup login MFA",
|
|
"path": "auth/login-mfa"
|
|
},
|
|
{
|
|
"title": "Login MFA FAQ",
|
|
"path": "auth/login-mfa/faq"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Oracle Cloud Infrastructure",
|
|
"path": "auth/oci"
|
|
},
|
|
{
|
|
"title": "Okta",
|
|
"path": "auth/okta"
|
|
},
|
|
{
|
|
"title": "RADIUS",
|
|
"path": "auth/radius"
|
|
},
|
|
{
|
|
"title": "Use SAML authentication",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
},
|
|
"routes": [
|
|
{
|
|
"title": "Set up SAML authN",
|
|
"path": "auth/saml"
|
|
},
|
|
{
|
|
"title": "Use AD FS for SAML authN",
|
|
"path": "auth/saml/adfs"
|
|
},
|
|
{
|
|
"title": "Link SAML AD groups to Vault",
|
|
"path": "auth/saml/link-vault-group-to-ad"
|
|
},
|
|
{
|
|
"title": "Troubleshoot SAML+ADFS",
|
|
"routes": [
|
|
{
|
|
"title": "Before you start",
|
|
"path": "auth/saml/troubleshoot-adfs"
|
|
},
|
|
{
|
|
"title": "Bad mapping",
|
|
"path": "auth/saml/troubleshoot-adfs/bad-mapping"
|
|
},
|
|
{
|
|
"title": "Invalid `BoundSubjects`",
|
|
"path": "auth/saml/troubleshoot-adfs/boundsubjects"
|
|
},
|
|
{
|
|
"title": "AD FS event 320",
|
|
"path": "auth/saml/troubleshoot-adfs/adfs-event-320"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "SCEP",
|
|
"path": "auth/scep",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "TLS Certificates",
|
|
"path": "auth/cert"
|
|
},
|
|
{
|
|
"title": "Tokens",
|
|
"path": "auth/token"
|
|
},
|
|
{
|
|
"title": "Username and Password",
|
|
"path": "auth/userpass"
|
|
},
|
|
{
|
|
"divider": true
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Audit Devices",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "audit"
|
|
},
|
|
{
|
|
"title": "File",
|
|
"path": "audit/file"
|
|
},
|
|
{
|
|
"title": "Syslog",
|
|
"path": "audit/syslog"
|
|
},
|
|
{
|
|
"title": "Socket",
|
|
"path": "audit/socket"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Plugins",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "plugins"
|
|
},
|
|
{
|
|
"title": "Plugin architecture",
|
|
"path": "plugins/plugin-architecture"
|
|
},
|
|
{
|
|
"title": "Register a plugin",
|
|
"path": "plugins/register"
|
|
},
|
|
{
|
|
"title": "Upgrade plugins",
|
|
"path": "plugins/upgrade"
|
|
},
|
|
{
|
|
"title": "Rollback upgrades",
|
|
"path": "plugins/rollback"
|
|
},
|
|
{
|
|
"title": "Plugin development",
|
|
"path": "plugins/plugin-development"
|
|
},
|
|
{
|
|
"title": "Plugin event notifications",
|
|
"path": "plugins/plugin-development-event-notifications",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Plugin management",
|
|
"path": "plugins/plugin-management"
|
|
},
|
|
{
|
|
"title": "Containerized plugins",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "plugins/containerized-plugins"
|
|
},
|
|
{
|
|
"title": "Add a containerized plugin",
|
|
"path": "plugins/containerized-plugins/add-a-containerized-plugin"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Plugin library",
|
|
"href": "/vault/integrations"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Troubleshoot Vault",
|
|
"routes": [
|
|
{
|
|
"title": "Generate a root token",
|
|
"path": "troubleshoot/generate-root-token"
|
|
},
|
|
{
|
|
"title": "Troubleshoot lease errors",
|
|
"path": "troubleshoot/lease-issues"
|
|
},
|
|
{
|
|
"title": "Tune the lease TTL",
|
|
"path": "troubleshoot/tune-lease-ttl"
|
|
},
|
|
{
|
|
"title": "Troubleshooting tutorials",
|
|
"href": "https://learn.hashicorp.com/tutorials/vault/troubleshooting-vault"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"divider": true
|
|
},
|
|
{
|
|
"title": "Platforms",
|
|
"routes": [
|
|
{
|
|
"title": "GitHub",
|
|
"routes": [
|
|
{
|
|
"title": "GitHub Actions",
|
|
"path": "platform/github-actions"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Microsoft SQL Server EKM provider",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "platform/mssql"
|
|
},
|
|
{
|
|
"title": "Installation",
|
|
"path": "platform/mssql/installation"
|
|
},
|
|
{
|
|
"title": "Configuration",
|
|
"path": "platform/mssql/configuration"
|
|
},
|
|
{
|
|
"title": "Key Rotation",
|
|
"path": "platform/mssql/rotation"
|
|
},
|
|
{
|
|
"title": "Upgrading",
|
|
"path": "platform/mssql/upgrading"
|
|
},
|
|
{
|
|
"title": "Troubleshooting",
|
|
"path": "platform/mssql/troubleshooting"
|
|
},
|
|
{
|
|
"title": "Release Notes",
|
|
"path": "platform/mssql/changelog"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "ServiceNow",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "platform/servicenow"
|
|
},
|
|
{
|
|
"title": "Installation",
|
|
"path": "platform/servicenow/installation"
|
|
},
|
|
{
|
|
"title": "Configuration",
|
|
"path": "platform/servicenow/configuration"
|
|
},
|
|
{
|
|
"title": "Troubleshooting",
|
|
"path": "platform/servicenow/troubleshooting"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"divider": true
|
|
},
|
|
{
|
|
"title": "Vault Enterprise",
|
|
"routes": [
|
|
{
|
|
"title": "Overview",
|
|
"path": "enterprise"
|
|
},
|
|
{
|
|
"title": "Long-term support (LTS)",
|
|
"path": "enterprise/lts"
|
|
},
|
|
{
|
|
"title": "Design your Vault Enterprise cluster",
|
|
"path": "enterprise/cluster-design"
|
|
},
|
|
{
|
|
"title": "Replication",
|
|
"routes": [
|
|
{
|
|
"title": "Replication support in Vault",
|
|
"path": "enterprise/replication"
|
|
},
|
|
{
|
|
"title": "Check for Merkle tree corruption",
|
|
"path": "enterprise/replication/check-merkle-tree-corruption"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "HSM Support",
|
|
"routes": [
|
|
{
|
|
"title": "HSM support overview",
|
|
"path": "enterprise/hsm"
|
|
},
|
|
{
|
|
"title": "How HSM changes Vault",
|
|
"path": "enterprise/hsm/behavior"
|
|
},
|
|
{
|
|
"title": "HSM security details",
|
|
"path": "enterprise/hsm/security"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "PKCS11 provider",
|
|
"routes": [
|
|
{
|
|
"title": "PKCS#11 support in Vault",
|
|
"path": "enterprise/pkcs11-provider"
|
|
},
|
|
{
|
|
"title": "Use PKCS#11 with AWS KMS",
|
|
"path": "enterprise/pkcs11-provider/aws-xks"
|
|
},
|
|
{
|
|
"title": "Use PKCS#11 with Oracle TDE",
|
|
"path": "enterprise/pkcs11-provider/oracle-tde"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Automatically upgrade Vault clusters",
|
|
"path": "enterprise/automated-upgrades"
|
|
},
|
|
{
|
|
"title": "Use redundancy zones",
|
|
"path": "enterprise/redundancy-zones"
|
|
},
|
|
{
|
|
"title": "Enforce lease count quotas",
|
|
"path": "enterprise/lease-count-quotas"
|
|
},
|
|
{
|
|
"title": "Augment entropy with external samples",
|
|
"path": "enterprise/entropy-augmentation"
|
|
},
|
|
{
|
|
"title": "FIPS",
|
|
"routes": [
|
|
{
|
|
"title": "FIPS compliance in Vault",
|
|
"path": "enterprise/fips"
|
|
},
|
|
{
|
|
"title": "Built-in FIPS 140-3 support",
|
|
"path": "enterprise/fips/fips1403"
|
|
},
|
|
{
|
|
"title": "Seal wrap for FIPS compliance",
|
|
"path": "enterprise/fips/sealwrap"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Wrap seals with encryption",
|
|
"path": "enterprise/sealwrap"
|
|
},
|
|
{
|
|
"title": "Namespaces and SMT",
|
|
"routes": [
|
|
{
|
|
"title": "Namespace + SMT support in Vault",
|
|
"path": "enterprise/namespaces"
|
|
},
|
|
{
|
|
"title": "Create an administrative namespace",
|
|
"path": "enterprise/namespaces/create-admin-namespace"
|
|
},
|
|
{
|
|
"title": "Run Vault with many namespaces",
|
|
"path": "enterprise/namespaces/namespace-limits",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Configure cross namespace access",
|
|
"path": "enterprise/namespaces/configure-cross-namespace-access",
|
|
"badge": {
|
|
"text": "ENT",
|
|
"type": "filled",
|
|
"color": "neutral"
|
|
}
|
|
},
|
|
{
|
|
"title": "Best practices for namespaces",
|
|
"path": "enterprise/namespaces/namespace-structure"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Use performance standby nodes",
|
|
"path": "enterprise/performance-standby"
|
|
},
|
|
{
|
|
"title": "Data consistency for replication",
|
|
"path": "enterprise/consistency"
|
|
},
|
|
{
|
|
"title": "Audit",
|
|
"routes": [
|
|
{
|
|
"title": "Audit Exclusion",
|
|
"path": "enterprise/audit/exclusion"
|
|
},
|
|
{
|
|
"title": "Audit Filtering",
|
|
"path": "enterprise/audit/filtering"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Use control group authZ ",
|
|
"path": "enterprise/control-groups"
|
|
},
|
|
{
|
|
"title": "3rd party key management",
|
|
"path": "enterprise/managed-keys"
|
|
},
|
|
{
|
|
"title": "Multi-factor authN",
|
|
"routes": [
|
|
{
|
|
"title": "MFA support in Vault",
|
|
"path": "enterprise/mfa"
|
|
},
|
|
{
|
|
"title": "Configure Duo for MFA",
|
|
"path": "enterprise/mfa/mfa-duo"
|
|
},
|
|
{
|
|
"title": "Configure Okta for MFA",
|
|
"path": "enterprise/mfa/mfa-okta"
|
|
},
|
|
{
|
|
"title": "Configure PingID for MFA",
|
|
"path": "enterprise/mfa/mfa-pingid"
|
|
},
|
|
{
|
|
"title": "Configure TOTP for MFA",
|
|
"path": "enterprise/mfa/mfa-totp"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "Manage policies as code",
|
|
"routes": [
|
|
{
|
|
"title": "Manage Vault policies with Sentinel",
|
|
"path": "enterprise/sentinel"
|
|
},
|
|
{
|
|
"title": "Sentinel properties for Vault",
|
|
"path": "enterprise/sentinel/properties"
|
|
},
|
|
{
|
|
"title": "Sentinel examples",
|
|
"path": "enterprise/sentinel/examples"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"title": "HCP Vault docs",
|
|
"href": "https://cloud.hashicorp.com/docs/vault"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"divider": true
|
|
},
|
|
{
|
|
"title": "Glossary",
|
|
"path": "glossary"
|
|
}
|
|
]
|