vault

mirror of https://github.com/hashicorp/vault.git synced 2025-08-16 03:27:01 +02:00

History

Joel Thompson ee55e36af6 Check if there's a bound iam arn when renewing (#2819 ) Previously, the renew method would ALWAYS check to ensure the authenticated IAM principal ARN matched the bound ARN. However, there is a valid use case in which no bound_iam_principal_arn is specified and all bindings are done through inferencing. When a role is configured like this, clients won't be able to renew their token because of the check. This now checks to ensure that the bound_iam_principal_arn is not empty before requriing that it match the originally authenticated client. Fixes #2781		2017-06-06 22:35:12 -04:00
..
audit	audit: support a configurable prefix string to write before each message (#2359 )	2017-02-10 16:56:28 -08:00
auth	Check if there's a bound iam arn when renewing (#2819 )	2017-06-06 22:35:12 -04:00
commands	Updated doc to match real output (#2443 )	2017-03-06 10:39:34 -05:00
concepts	doc: leases are generated only for dynamic secrets (#2772 )	2017-05-31 09:47:17 -04:00
configuration	Minor typos & wordsmithing for clarity (#2807 )	2017-06-05 09:32:09 -07:00
guides	[docs] Add header to fix formatting.	2017-04-05 10:35:59 +10:00
install	Move upgrade into guides (#2460 )	2017-03-08 17:33:58 -05:00
internals	Use the role name in the db username (#2812 )	2017-06-06 09:49:49 -04:00
secrets	Use the role name in the db username (#2812 )	2017-06-06 09:49:49 -04:00
vault-enterprise	Add UI docs (#2664 )	2017-05-01 17:36:37 -04:00
index.html.markdown	Fix broken link	2016-12-13 10:56:18 +05:30