Implement MDX Remote (#10581)

* implement mdx remote

* fix an unfenced code block

* fix partials path

Co-authored-by: Jim Kalafut <jkalafut@hashicorp.com>

website/babel.config.js

@@ -1,4 +0,0 @@
-module.exports = {
-  presets: ['next/babel'],
-  plugins: ['import-glob-array']
-}

website/components/enterprise-alert/README.md

@@ -1,27 +0,0 @@
-# Enterprise Alert Component
-
-This component is an easy way to mark some content as only applicable to the enterprise version of vault. It can be used in any documentation pages in a variety of ways. The basic implementation is written as such, on its own line within a markdown file:
-
-```jsx
-<EnterpriseAlert />
-```
-
-And renders [like this](https://p176.p0.n0.cdn.getcloudapp.com/items/geuWOzkz/Screen%20Shot%202020-05-08%20at%204.17.34%20PM.png?v=2ace1c70f48cf1bbdd17f9ce96684453)
-
-The default text can also be replaced with custom text as such:
-
-```jsx
-<EnterpriseAlert>
-  Custom text <a href="">with a link</a>
-</EnterpriseAlert>
-```
-
-Which renders [as such](https://p176.p0.n0.cdn.getcloudapp.com/items/v1uDE2vQ/Screen%20Shot%202020-05-08%20at%204.18.22%20PM.png?v=3a45268830fac868be50047060bb4303)
-
-Finally, it can be rendered inline as a "tag" to mark a section or option as enterprise only by adding the `inline` attribute:
-
-```jsx
-<EnterpriseAlert inline>
-```
-
-This is typically used after a list item, or after a headline. It renders [as such](https://p176.p0.n0.cdn.getcloudapp.com/items/KouqnrOm/Screen%20Shot%202020-05-08%20at%204.16.34%20PM.png?v=ac21328916aa98a1a853cde5989058bd)

website/components/enterprise-alert/index.jsx

@@ -1,5 +0,0 @@
-import EnterpriseAlert from '@hashicorp/react-enterprise-alert'
-
-export default function EnterpriseAlertConsul(props) {
-  return <EnterpriseAlert product="vault" {...props} />
-}

website/components/search-bar/index.jsx

@@ -1,28 +0,0 @@
-import Search from '@hashicorp/react-search'
-
-export default function SearchBar() {
-  return (
-    <Search
-      renderHitContent={({ hit, Highlight }) => (
-        <>
-          <span className="name">
-            <Highlight attribute="page_title" hit={hit} tagName="span" />
-          </span>
-          <span className="description">
-            <Highlight attribute="description" hit={hit} tagName="span" />
-          </span>
-        </>
-      )}
-      resolveHitLink={(hit) => ({
-        href: {
-          pathname: `/${transformIdtoUrl(hit.objectID)}`,
-        },
-      })}
-      placeholder="Search Vault documentation"
-    />
-  )
-}
-
-function transformIdtoUrl(id) {
-  return id.replace(/\/index$/, '')
-}

website/components/search-bar/style.css

@@ -1,4 +0,0 @@
-.g-search {
-  width: calc(100% - 2rem);
-  max-width: 600px;
-}

website/components/subnav/style.css

@@ -1,4 +1,4 @@
-@import '~@hashicorp/react-subnav/dist/style.css';
+@import '~@hashicorp/react-subnav/style.css';
 
 /* limit the inner width of the navigation to match the site layout */
 

website/components/tabs/README.md

@@ -1,61 +0,0 @@
-# Tabs Component
-
-> An MDX-compatible Tabs component
-
-This React component renders tabbed content.
-
-## Usage
-
-- Use the `<Tabs>` tag in your markdown file to begin a tabbed content section.
-- Use the `<Tab>` tag with a `heading` prop to separate your markdown
-
-### Important
-
-A line must be skipped between the `<Tab>` and your markdown (for both above and below said markdown). [This is a limitation of MDX also pointed out by the Docusaurus folks 🔗 ](https://v2.docusaurus.io/docs/markdown-features/#multi-language-support-code-blocks)
-
-### Example
-
-```mdx
-<Tabs>
-<Tab heading="CLI command">
-             <!-- Intentionally skipped line.. -->
-### Content
-            <!-- Intentionally skipped line.. -->
-</Tab>
-<Tab heading="API call using cURL">
-
-### Content
-
-</Tab>
-</Tabs>
-```
-
-### Component Props
-
-`<Tabs>` can be provided any arbitrary `children` so long as the `heading` prop is present the React or HTML tag used to wrap markdown, that said, we provide the `<Tab>` component to separate your tab content without rendering extra, unnecessary markup.
-
-This works:
-
-```mdx
-<Tabs>
-<Tab heading="CLI command">
-
-### Content
-
-</Tab>
-....
-</Tabs>
-```
-
-This _does not_ work:
-
-```mdx
-<Tabs>
-<Tab> <!-- missing the `heading` prop to provide a tab heading -->
-
-### Content
-
-</Tab>
-....
-</Tabs>
-```

website/components/tabs/index.jsx

@@ -1,17 +0,0 @@
-import ReactTabs from '@hashicorp/react-tabs'
-
-export default function Tabs({ children }) {
-  return (
-    <ReactTabs
-      items={children.map((Block) => ({
-        heading: Block.props.heading,
-        // eslint-disable-next-line react/display-name
-        tabChildren: () => Block,
-      }))}
-    />
-  )
-}
-
-export function Tab({ children }) {
-  return <>{children}</>
-}

website/components/tabs/style.css

@@ -1,8 +0,0 @@
-/* This is a CSS overwrite on top of the existing component styles to accommodate the Learn layout */
-.g-tabs {
-  & .g-grid-container,
-  & > .g-grid-container {
-    padding-left: 0;
-    padding-right: 0;
-  }
-}

website/content/api-docs/auth/alicloud.mdx

@@ -29,7 +29,7 @@ will be able to perform the login operation.
 - `role` `(string: <required>)` - Name of the role. Must correspond with the name of the role reflected in the arn.
 - `arn` `(string: <required>)` - The role's arn.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/approle.mdx

@@ -77,7 +77,7 @@ enabled while creating or updating a role.
   using this role will be cluster local. This can only be set during role
   creation and once set, it can't be reset later.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 
@@ -600,7 +600,7 @@ endpoint directly. The endpoints for each field is provided separately
 to be able to delegate specific endpoints using Vault's ACL system.
 
 | Method            | Path                                                  |
-| :---------------- | :---------------------------------------------------- |
+| :---------------- | :---------------------------------------------------- | --------- |
 | `GET/POST/DELETE` | `/auth/approle/role/:role_name/policies`              | `200/204` |
 | `GET/POST/DELETE` | `/auth/approle/role/:role_name/secret-id-num-uses`    | `200/204` |
 | `GET/POST/DELETE` | `/auth/approle/role/:role_name/secret-id-ttl`         | `200/204` |

website/content/api-docs/auth/aws.mdx

@@ -68,7 +68,7 @@ capabilities, the credentials are fetched automatically.
   to a production server. Consider setting this to the Vault server's DNS name.
 - `allowed_sts_header_values` `(string: "")` A comma separated list of
   additional request headers permitted when providing the iam_request_headers for
-  an IAM based login call.  In any case, a default list of headers AWS STS
+  an IAM based login call. In any case, a default list of headers AWS STS
   expects for a GetCallerIdentity are allowed.
 
 ### Sample Payload
@@ -150,9 +150,9 @@ key on the IAM user; otherwise, generation of a new access key will fail. Once
 this method is called, Vault will now be the only entity that knows the AWS
 secret key is used to access AWS.
 
-| Method   | Path                         |
-| :--------------------------- | :--------------------- |
-| `POST`   | `/auth/aws/config/rotate-root`    |
+| Method | Path                           |
+| :----- | :----------------------------- |
+| `POST` | `/auth/aws/config/rotate-root` |
 
 ### Parameters
 
@@ -815,7 +815,7 @@ list in order to satisfy that constraint.
   This only applies to authentications via the ec2 auth method. This is mutually
   exclusive with `allow_instance_migration`.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/azure.mdx

@@ -130,7 +130,7 @@ entities attempting to login.
 - `bound_scale_sets` `(array: [])` - The list of scale set names that the
   login is restricted to.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/cert.mdx

@@ -64,7 +64,7 @@ Sets a CA cert and associated parameters in a role name.
   when authenticating against this CA certificate. If not set, defaults to the
   name of the role.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/cf.mdx

@@ -157,7 +157,7 @@ will be able to authenticate against this role.
   certificate presented. Should only be set to true if required, generally when a proxy
   is used to perform logins.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/gcp.mdx

@@ -156,7 +156,7 @@ entities attempting to login.
   for the entities project and all its folder or organization ancestors. This
   requires Vault to have IAM permission `resourcemanager.projects.get`.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 #### `iam`-only Parameters
 

website/content/api-docs/auth/github.mdx

@@ -31,7 +31,7 @@ distinction between the `create` and `update` capabilities inside ACL policies.
 - `base_url` `(string: "")` - The API endpoint to use. Useful if you are running
   GitHub Enterprise or an API-compatible authentication server.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/jwt.mdx

@@ -149,7 +149,7 @@ entities attempting to login. At least one of the bound values must be set.
   logging is active. Not recommended in production since sensitive information may be present
   in OIDC responses.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/kerberos.mdx

@@ -147,7 +147,7 @@ This endpoint configures LDAP in the Kerberos auth method.
   groupfilter queries returning _group_ objects, use: `cn`. For queries
   returning _user_ objects, use: `memberOf`. The default is `cn`.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Request
 

website/content/api-docs/auth/kubernetes.mdx

@@ -126,7 +126,7 @@ entities attempting to login.
   this and bound_service_account_names can not be set to "\*".
 - `audience` `(string: "")` - Optional Audience claim to verify in the JWT.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/ldap.mdx

@@ -85,7 +85,7 @@ This endpoint configures the LDAP auth method.
   groupfilter queries returning _group_ objects, use: `cn`. For queries
   returning _user_ objects, use: `memberOf`. The default is `cn`.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Request
 

website/content/api-docs/auth/oci.mdx

@@ -84,7 +84,7 @@ Create a Vault administrator role in the OCI Auth method.
 - `name` `(string: <required>)` - Name of the role.
 - `ocid_list` `(string: <required>)` - A comma separated list of Group or Dynamic Group OCIDs that can take this role.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/okta.mdx

@@ -39,7 +39,7 @@ distinction between the `create` and `update` capabilities inside ACL policies.
   Useful if using one of Vault's built-in MFA mechanisms, but this will also
   cause certain other statuses to be ignored, such as `PASSWORD_EXPIRED`.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/radius.mdx

@@ -38,7 +38,7 @@ RADIUS.
 - `nas_port` `(integer: 10)` - The NAS-Port attribute of the RADIUS request.
   Defaults is 10.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/auth/token.mdx

@@ -71,6 +71,7 @@ during this call.
   token ID is a randomly generated value.
 
   _Note:_ The ID should not start with the `s.` prefix.
+
 - `role_name` `(string: "")` – The name of the token role.
 - `policies` `(array: "")` – A list of policies for the token. This must be a
   subset of the policies belonging to the token making the request, unless root.
@@ -709,7 +710,7 @@ tokens created against a role to be revoked using the
   of allowed entity aliases. If set, specifies the entity aliases which are
   allowed to be used during token generation. This field supports globbing.
 
-@include 'partials/tokenstorefields.mdx'
+@include 'tokenstorefields.mdx'
 
 ### Sample Payload
 
@@ -764,14 +765,14 @@ specified namespace, or the root namespace if unspecified.
 Generally, running this is not needed unless upgrade notes or support personnel
 suggest it. There are two potential dangers to running tidy: first, this will
 perform a lot of read I/O to the storage method, as it will essentially reload the
-entirety of the token store into memory.  Depending on how much cleanup is
+entirety of the token store into memory. Depending on how much cleanup is
 required (usually very little) there may also be a large number of writes.
 Second, this will cause Vault's memory usage to balloon up, because the default
 Vault internal cache is unlimited in size and every value read from storage will
-be cached.  Listing the `/auth/token/accessors` endpoint is a good way to get
+be cached. Listing the `/auth/token/accessors` endpoint is a good way to get
 some sense of the potential impact: tidy does this and more, so if this call creates problems
 for your cluster, it would be wise to give Vault more resources before attempting
-tidy.  Note that the request may time out depending on
+tidy. Note that the request may time out depending on
 [max duration](https://www.vaultproject.io/docs/configuration#default_max_request_duration)
 and your client's timeout configuration, make sure to allow it run to completion
 to properly judge the impact.
@@ -792,7 +793,6 @@ have, then delete the accessor.
 Finally, any cubbyhole entries that are associated with tokens which weren't deemed
 valid in the above steps will be deleted.
 
-
 | Method | Path               |
 | :----- | :----------------- |
 | `POST` | `/auth/token/tidy` |

website/content/api-docs/auth/userpass.mdx

@@ -31,7 +31,7 @@ Create a new user or update an existing user. This path honors the distinction b
 - `password` `(string: <required>)` - The password for the user. Only required
   when creating the user.
 
-@include 'partials/tokenfields.mdx'
+@include 'tokenfields.mdx'
 
 ### Sample Payload
 

website/content/api-docs/secret/ad.mdx

@@ -29,6 +29,7 @@ The `config` endpoint configures the LDAP connection and binding parameters, as
   generate passwords from. Mutually exclusive with `length` and `formatter`.
 
 **Deprecated parameters**:
+
 - `length` (string, optional) - The desired password length. Defaults to 64. Minimum is 14. Mutually exclusive
   with `password_policy`.
 - `formatter` (string, optional) - Text into which the base64 password should be inserted, formatted like so:
@@ -88,6 +89,7 @@ $ curl \
     --data @payload.json \
     http://127.0.0.1:8200/v1/ad/config
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -98,6 +100,7 @@ $ vault write ad/config \
     url="ldaps://127.0.0.1" \
     userdn="dc=example,dc=com"
 ```
+
 </Tab>
 </Tabs>
 
@@ -161,6 +164,7 @@ $ curl \
     --data @payload.json \
     http://127.0.0.1:8200/v1/ad/roles/my-application
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -169,6 +173,7 @@ $ vault write ad/roles/my-application \
     service_account_name="my-application@example.com" \
     ttl=100
 ```
+
 </Tab>
 </Tabs>
 
@@ -219,12 +224,14 @@ $ curl \
     --request GET \
     http://127.0.0.1:8200/v1/ad/creds/my-application
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault read ad/creds/my-application
 ```
+
 </Tab>
 </Tabs>
 
@@ -470,7 +477,7 @@ Rotate the `bindpass` to a new one known only to Vault.
 ### Endpoints
 
 | Method | Path              |
-| :----- | :---------------- |
+| :----- | :---------------- | -------------------------------------- |
 | `GET`  | `/ad/rotate-root` | `204 (empty body) or 200 with warning` |
 | `POST` | `/ad/rotate-root` | `204 (empty body) or 200 with warning` |
 

website/content/api-docs/secret/azure.mdx

@@ -63,6 +63,7 @@ $ curl \
     --data @payload.json \
     https://127.0.0.1:8200/v1/azure/config
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -75,6 +76,7 @@ $ vault write azure/config \
     environment="AzureGermanCloud",
     password_policy="azure_policy"
 ```
+
 </Tab>
 </Tabs>
 
@@ -97,12 +99,14 @@ $ curl \
     --request GET \
     https://127.0.0.1:8200/v1/azure/config
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault read azure/config
 ```
+
 </Tab>
 </Tabs>
 
@@ -139,12 +143,14 @@ $ curl \
     --request DELETE \
     https://127.0.0.1:8200/v1/azure/config
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault delete azure/config
 ```
+
 </Tab>
 </Tabs>
 
@@ -223,12 +229,14 @@ $ curl \
     --request LIST \
     https://127.0.0.1:8200/v1/azure/roles
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault list azure/roles
 ```
+
 </Tab>
 </Tabs>
 
@@ -264,12 +272,14 @@ $ curl \
     --header "X-Vault-Token: ..." \
     http://127.0.0.1:8200/v1/azure/creds/my-role
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault read azure/creds/my-role
 ```
+
 </Tab>
 </Tabs>
 

website/content/api-docs/secret/cassandra.mdx

@@ -197,7 +197,7 @@ $ curl \
 This endpoint deletes the role definition.
 
 | Method   | Path                     |
-| :------- | :----------------------- |
+| :------- | :----------------------- | --------------- |
 | `DELETE` | `/cassandra/roles/:name` | `204 (no body)` |
 
 ### Parameters

website/content/api-docs/secret/cubbyhole.mdx

@@ -109,7 +109,7 @@ This endpoint stores a secret at the specified location.
 
 - `:key` `(string: "")` – Specifies a key, paired with an associated value, to
   be held at the given location. Multiple key/value pairs can be specified, and
-  all will be returned on a read operation. 
+  all will be returned on a read operation.
 
 ### Sample Payload
 

website/content/api-docs/secret/databases/index.mdx

@@ -54,14 +54,15 @@ list of additional parameters.
   20 characters with at least 1 uppercase, 1 lowercase, 1 number, and 1 dash character.
 
 ~> We highly recommended that you use a Vault-specific user rather than the admin user
-   in your database when configuring the plugin. This user will be used to
-   create/update/delete users within the database so it will need to have the appropriate
-   permissions to do so. If the plugin supports
-   [rotating the root credentials](#rotate-root-credentials), we highly recommended
-   you perform that action after configuring the plugin. This will change the password
-   of the user configured in this step. The new password will **not** be viewable by users.
+in your database when configuring the plugin. This user will be used to
+create/update/delete users within the database so it will need to have the appropriate
+permissions to do so. If the plugin supports
+[rotating the root credentials](#rotate-root-credentials), we highly recommended
+you perform that action after configuring the plugin. This will change the password
+of the user configured in this step. The new password will **not** be viewable by users.
 
 ### Common fields
+
 There are several common fields that you will see across many of the database plugins.
 Please reference the individual plugin documentation for details on whether these fields
 are supported and any additional details about them.
@@ -238,7 +239,7 @@ password.
 | `POST` | `/database/rotate-root/:name` |
 
 !> **Use caution:** the root user's password will not be accessible once rotated so it is highly
-   recommended that you create a user for Vault to utilize rather than using the actual root user.
+recommended that you create a user for Vault to utilize rather than using the actual root user.
 
 ### Parameters
 
@@ -617,7 +618,7 @@ $ curl \
     "password": "132ae3ef-5a64-7499-351e-bfe59f3a2a21",
     "last_vault_rotation": "2019-05-06T15:26:42.525302-05:00",
     "rotation_period": 30,
-    "ttl": 28,
+    "ttl": 28
   }
 }
 ```

website/content/api-docs/secret/databases/mongodbatlas.mdx

@@ -71,7 +71,7 @@ list the plugin does not support that statement type.
   must also contain a `roles` array, and from Vault version 1.6.0 (plugin
   version 0.2.0) may optionally contain a `scopes` array. The `roles` array
   contains objects that hold a series of roles `roleName`, an optional
-  `databaseName` and `collectionName`  value. The `scopes` array determines
+  `databaseName` and `collectionName` value. The `scopes` array determines
   which clusters and data lakes the user has access to, and defaults to all
   scopes if omitted. For more information regarding the `roles` and `scopes`
   fields, refer to [MongoDB Atlas documentation](https://docs.atlas.mongodb.com/reference/api/database-users-create-a-user/).

website/content/api-docs/secret/gcp.mdx

@@ -182,7 +182,7 @@ $ curl \
 ## Rotate Roleset Account
 
 | Method | Path                        |
-| :----- | :-------------------------- |
+| :----- | :-------------------------- | ------------------- |
 | `POST` | `/gcp/roleset/:name/rotate` | `204 (empty body)`` |
 
 This will rotate the service account this roleset uses to generate secrets.
@@ -202,7 +202,7 @@ $ curl \
 ## Rotate Roleset Account Key (`access_token` Roleset Only)
 
 | Method | Path                            |
-| :----- | :------------------------------ |
+| :----- | :------------------------------ | ------------------- |
 | `POST` | `/gcp/roleset/:name/rotate-key` | `204 (empty body)`` |
 
 This will rotate the service account key this roleset uses to generate

website/content/api-docs/secret/gcpkms.mdx

@@ -544,11 +544,11 @@ path "gcpkms/keys/my-key" {
   the key purpose. The value cannot be changed after creation. See table below
   for the supported algorithms of each purpose.
 
-  | Purpose | Supported Algorithms |
-  | :------ | :------------------- |
-  | `encrypt_decrypt` | `symmetric_encryption` |
-  | `asymmetric_decrypt` | `rsa_decrypt_oaep_2048_sha256`<br/>`rsa_decrypt_oaep_3072_sha256`<br/>`rsa_decrypt_oaep_4096_sha256` |
-  | `asymmetric_sign` | `rsa_sign_pss_2048_sha256`<br/>`rsa_sign_pss_3072_sha256`<br/>`rsa_sign_pss_4096_sha256`<br/>`rsa_sign_pkcs1_2048_sha256`<br/>`rsa_sign_pkcs1_3072_sha256`<br/>`rsa_sign_pkcs1_4096_sha256`<br/>`ec_sign_p256_sha256`<br/>`ec_sign_p384_sha384` |
+  | Purpose              | Supported Algorithms                                                                                                                                                                                                                            |
+  | :------------------- | :---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `encrypt_decrypt`    | `symmetric_encryption`                                                                                                                                                                                                                          |
+  | `asymmetric_decrypt` | `rsa_decrypt_oaep_2048_sha256`<br/>`rsa_decrypt_oaep_3072_sha256`<br/>`rsa_decrypt_oaep_4096_sha256`                                                                                                                                            |
+  | `asymmetric_sign`    | `rsa_sign_pss_2048_sha256`<br/>`rsa_sign_pss_3072_sha256`<br/>`rsa_sign_pss_4096_sha256`<br/>`rsa_sign_pkcs1_2048_sha256`<br/>`rsa_sign_pkcs1_3072_sha256`<br/>`rsa_sign_pkcs1_4096_sha256`<br/>`ec_sign_p256_sha256`<br/>`ec_sign_p384_sha384` |
 
 ### Sample Payload
 

website/content/api-docs/secret/key-management.mdx

@@ -195,9 +195,9 @@ $ curl \
 This endpoint deletes a named key. The key must be removed from all KMS providers that it's
 been distributed to and have `deletion_allowed` set to `true` in order to be deleted.
 
-| Method   | Path                  |
-| :------- | :-------------------- |
-| `DELETE` | `/keymgmt/key/:name`  |
+| Method   | Path                 |
+| :------- | :------------------- |
+| `DELETE` | `/keymgmt/key/:name` |
 
 ### Parameters
 
@@ -252,9 +252,9 @@ This endpoint creates or updates a KMS provider. If a KMS provider with the give
 does not exist, it will be created. If the KMS provider exists, it will be updated with
 the given parameter values.
 
-| Method | Path                  |
-| :----- | :-------------------- |
-| `PUT`  | `/keymgmt/kms/:name`  |
+| Method | Path                 |
+| :----- | :------------------- |
+| `PUT`  | `/keymgmt/kms/:name` |
 
 ### Parameters
 
@@ -270,6 +270,7 @@ the given parameter values.
   depending on the specified provider.
 
   The following values are expected for each provider:
+
   - `azurekeyvault`
     - The name of an existing Azure Key Vault instance.
 
@@ -280,14 +281,15 @@ the given parameter values.
   will differ depending on the specified provider.
 
   The following keys and values are expected for each provider:
-    - `azurekeyvault`
-      - `tenant_id` `(string: <required>)` - The tenant ID for the Azure Active Directory
+
+  - `azurekeyvault`
+    - `tenant_id` `(string: <required>)` - The tenant ID for the Azure Active Directory
       organization. May also be specified by the `AZURE_TENANT_ID` environment variable.
-      - `client_id` `(string: <required or MSI>)` - The client ID for credentials to invoke the
+    - `client_id` `(string: <required or MSI>)` - The client ID for credentials to invoke the
       Azure APIs. May also be specified by the `AZURE_CLIENT_ID` environment variable.
-      - `client_secret` `(string: <required or MSI>)` - The client secret for credentials to invoke
+    - `client_secret` `(string: <required or MSI>)` - The client secret for credentials to invoke
       the Azure APIs. May also be specified by the `AZURE_CLIENT_SECRET` environment variable.
-      - `environment` `(string: "AzurePublicCloud")` - The Azure Cloud environment API endpoints to
+    - `environment` `(string: "AzurePublicCloud")` - The Azure Cloud environment API endpoints to
       use. May also be specified by the `AZURE_ENVIRONMENT` environment variable.
 
 ### Sample Payload
@@ -318,9 +320,9 @@ $ curl \
 
 This endpoint returns information about a KMS provider.
 
-| Method | Path                  |
-| :----- | :-------------------- |
-| `GET`  | `/keymgmt/kms/:name`  |
+| Method | Path                 |
+| :----- | :------------------- |
+| `GET`  | `/keymgmt/kms/:name` |
 
 ### Parameters
 
@@ -379,9 +381,9 @@ $ curl \
 This endpoint deletes a KMS provider. A KMS provider cannot be deleted until all keys
 that have been distributed to it are removed.
 
-| Method   | Path                  |
-| :------- | :-------------------- |
-| `DELETE` | `/keymgmt/kms/:name`  |
+| Method   | Path                 |
+| :------- | :------------------- |
+| `DELETE` | `/keymgmt/kms/:name` |
 
 ### Parameters
 
@@ -428,8 +430,8 @@ provider. The parameters set cannot be changed after the key has been distribute
 
 ```json
 {
-  "protection":"hsm",
-  "purpose":"encrypt,decrypt"
+  "protection": "hsm",
+  "purpose": "encrypt,decrypt"
 }
 ```
 
@@ -474,8 +476,8 @@ $ curl \
 {
   "data": {
     "name": "example-key-<unix_timestamp>",
-    "protection":"hsm",
-    "purpose":"encrypt,decrypt"
+    "protection": "hsm",
+    "purpose": "encrypt,decrypt"
   }
 }
 ```

website/content/api-docs/secret/kmip.mdx

@@ -438,8 +438,8 @@ $ curl \
 
 ## Sign CSR
 
-| Method | Path                                                |
-| :----- | :-------------------------------------------------- |
+| Method | Path                                            |
+| :----- | :---------------------------------------------- |
 | `POST` | `/kmip/scope/:scope/role/:role/credential/sign` |
 
 Create a new client certificate tied to the given role and scope,

website/content/api-docs/secret/openldap.mdx

@@ -34,8 +34,7 @@ to search and change entry passwords in OpenLDAP.
   Example: `cn=vault,ou=Users,dc=hashicorp,dc=com`
 - `bindpass` `(string: <required>)` - Password to use along with `binddn` for managing user entries.
 - `url` `(string: "ldap://127.0.0.1")` - The LDAP server to connect to. Examples: `ldaps://ldap.myorg.com`,
-  `ldaps://ldap.myorg.com:636`. This can also be a comma-delineated list of URLs, e.g. `ldaps://ldap.myorg.com,
-  ldaps://ldap.myorg.com:636`, in which case the servers will be tried in-order if there are errors during the
+  `ldaps://ldap.myorg.com:636`. This can also be a comma-delineated list of URLs, e.g. `ldaps://ldap.myorg.com, ldaps://ldap.myorg.com:636`, in which case the servers will be tried in-order if there are errors during the
   connection process.`.
 - `password_policy` `(string: <optional>)` - The name of the [password policy](/docs/concepts/password-policies)
   to use to generate passwords. Note that this accepts the name of the policy, not the policy itself.
@@ -63,12 +62,12 @@ to search and change entry passwords in OpenLDAP.
 configuration if both are specified.
 
 - If neither are set, this will default to a reasonable default password generation algorithm (the same algorithm as
-prior to the introduction of password policies).
+  prior to the introduction of password policies).
 - If `length` is set, the same algorithm is used, but with the length specified instead of the default length.
 - If `password_policy` is set, the password will be generated from the associated
-[password policy](/docs/concepts/password-policies). The policy is not exercised prior to saving the configuration.
-The policy will need to exist prior to passwords needing to be generated by this engine, but does not need to exist
-prior to saving the configuration.
+  [password policy](/docs/concepts/password-policies). The policy is not exercised prior to saving the configuration.
+  The policy will need to exist prior to passwords needing to be generated by this engine, but does not need to exist
+  prior to saving the configuration.
 
 See [OpenLDAP docs](/docs/secrets/openldap) for additional information.
 

website/content/api-docs/secret/rabbitmq.mdx

@@ -60,6 +60,7 @@ $ curl \
     --data @payload.json \
     http://127.0.0.1:8200/v1/rabbitmq/config/connection
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -70,6 +71,7 @@ $ vault write rabbitmq/config/connection \
     password="password" \
     password_policy="rabbitmq_policy"
 ```
+
 </Tab>
 </Tabs>
 
@@ -108,6 +110,7 @@ $ curl \
     --data @payload.json \
     http://127.0.0.1:8200/v1/rabbitmq/config/lease
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -116,6 +119,7 @@ $ vault write rabbitmq/config/lease \
     ttl=1800 \
     max_ttl=3600
 ```
+
 </Tab>
 </Tabs>
 
@@ -162,6 +166,7 @@ $ curl \
     --data @payload.json \
     http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
 ```
+
 </Tab>
 <Tab heading="CLI">
 
@@ -171,6 +176,7 @@ $ vault write rabbitmq/roles/my-role \
     vhosts="..." \
     vhost_topics="..."
 ```
+
 </Tab>
 </Tabs>
 
@@ -197,12 +203,14 @@ $ curl \
     --header "X-Vault-Token: ..." \
     http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault read rabbitmq/roles/my-role
 ```
+
 </Tab>
 </Tabs>
 
@@ -242,12 +250,14 @@ $ curl \
     --request DELETE \
     http://127.0.0.1:8200/v1/rabbitmq/roles/my-role
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 vault delete rabbitmq/roles/my-role
 ```
+
 </Tab>
 </Tabs>
 
@@ -275,12 +285,14 @@ $ curl \
     --header "X-Vault-Token: ..." \
     http://127.0.0.1:8200/v1/rabbitmq/creds/my-role
 ```
+
 </Tab>
 <Tab heading="CLI">
 
 ```shell-session
 $ vault read rabbitmq/creds/my-role
 ```
+
 </Tab>
 </Tabs>
 

website/content/api-docs/secret/ssh.mdx

@@ -211,8 +211,8 @@ This endpoint creates or updates a named role.
 - `allowed_user_key_lengths` `(map<string|int>: "")` – Specifies a map of ssh key types
   and their expected sizes which are allowed to be signed by the CA type.
 
-- `algorithm_signer` `(string: "")` - Algorithm to sign keys with.  Valid
-  values are `ssh-rsa`, `rsa-sha2-256`, and `rsa-sha2-512`.  Note that `ssh-rsa`
+- `algorithm_signer` `(string: "")` - Algorithm to sign keys with. Valid
+  values are `ssh-rsa`, `rsa-sha2-256`, and `rsa-sha2-512`. Note that `ssh-rsa`
   is now considered insecure and is not supported by current OpenSSH versions.
   If not specified, it will use the signer's default algorithm.
 
@@ -629,7 +629,7 @@ key pair. _If you have already set a certificate and key, they will be
 overridden._
 
 | Method | Path             |
-| :----- | :--------------- |
+| :----- | :--------------- | -------------------------- |
 | `POST` | `/ssh/config/ca` | `200/204 application/json` |
 
 ### Parameters
@@ -703,7 +703,7 @@ This endpoint returns the configured/generated public key. This is an unauthenti
 endpoint.
 
 | Method | Path              |
-| :----- | :---------------- |
+| :----- | :---------------- | ---------------- |
 | `GET`  | `/ssh/public_key` | `200 text/plain` |
 
 ### Sample Request

website/content/api-docs/secret/transform.mdx

@@ -95,7 +95,6 @@ This endpoint lists all existing roles in the secrets engine.
 - `filter` `(string: "*")` –
   If provided, only returns role names that match the given glob.
 
-
 ### Sample Request
 
 ```shell-session
@@ -141,13 +140,13 @@ $ curl \
 
 This endpoint creates or updates a transformation with the given `name`. If a
 transformation with the name does not exist, it will be created. If the
-transformation exists, it will be updated with the new attributes.  This 
-endpoint is deprecated as of version 1.6 in favor of the type specific 
+transformation exists, it will be updated with the new attributes. This
+endpoint is deprecated as of version 1.6 in favor of the type specific
 configuration endpoints, and will be removed in a future release.
 
-* [FPE](#create-update-fpe-transformation)
-* [Masking](#create-update-masking-transformation)
-* [Tokenization](#create-update-tokenization-transformation)
+- [FPE](#create-update-fpe-transformation)
+- [Masking](#create-update-masking-transformation)
+- [Tokenization](#create-update-tokenization-transformation)
 
 | Method | Path                              |
 | :----- | :-------------------------------- |
@@ -161,12 +160,12 @@ configuration endpoints, and will be removed in a future release.
 
 - `type` `(string: <required>)` -
   Specifies the type of transformation to perform. The types currently supported
-  by this backend are `fpe`, `masking`, and `tokenization`. This value cannot be 
+  by this backend are `fpe`, `masking`, and `tokenization`. This value cannot be
   modified by an update operation after creation.
 
 - `template` `(string: <required>)` -
   Specifies the template name to use for matching value on encode and decode
-  operations when using this transformation.  Ignored by the tokenization
+  operations when using this transformation. Ignored by the tokenization
   transformation type.
 
 - `tweak_source` `(string: "supplied")` -
@@ -183,7 +182,7 @@ configuration endpoints, and will be removed in a future release.
   A role using this transformation must exist in this list in order for
   encode and decode operations to properly function.
 
-- 
+-
 
 ### Sample Payload
 
@@ -239,7 +238,6 @@ transformation exists, it will be updated with the new attributes.
 
 ```json
 {
-
   "template": "builtin/creditcardnumber",
   "tweak_source": "internal",
   "allowed_roles": ["example-role"]
@@ -256,7 +254,6 @@ $ curl \
     https://127.0.0.1:8200/v1/transform/transformation/fpe/example-transformation
 ```
 
-
 ## Create/Update Masking Transformation
 
 This endpoint creates or updates a masking transformation with the given `name`. If a
@@ -324,13 +321,13 @@ transformation exists, it will be updated with the new attributes.
   the request URL.
 
 - `mapping_mode` `(string: "default")` -
-  Specifies the mapping mode for stored tokenization values.  `default`
-  is strongly recommended for highest security.  `exportable` allows
+  Specifies the mapping mode for stored tokenization values. `default`
+  is strongly recommended for highest security. `exportable` allows
   for all plaintexts to be decoded via the export-decoded endpoint
-  in an emergency.  
+  in an emergency.
 
 - `max_ttl`: `(duration: "0")
-  The maximum TTL of a token.  If 0 or unspecified, tokens may have no expiration.
+  The maximum TTL of a token. If 0 or unspecified, tokens may have no expiration.
 
 - `allowed_roles` `(list: [])` -
   Specifies a list of allowed roles that this transformation can be assigned to.
@@ -338,7 +335,7 @@ transformation exists, it will be updated with the new attributes.
   encode and decode operations to properly function.
 
 - `stores` `(list: ["builtin/internal"])` -
-  The list of tokenization stores to use for tokenization state.  Vault's 
+  The list of tokenization stores to use for tokenization state. Vault's
   internal storage is used by default.
 
 ### Sample Payload
@@ -695,7 +692,6 @@ This endpoint creates or updates a storage configuration for use with tokenizati
 The database user configured here should only have permission to `SELECT`,
 `INSERT`, and `UPDATE` rows in the tables.
 
-
 | Method | Path                     |
 | :----- | :----------------------- |
 | `POST` | `/transform/store/:name` |
@@ -707,10 +703,9 @@ The database user configured here should only have permission to `SELECT`,
   the request URL.
 
 - `type` `(string: <required>)` -
-  Specifies the type of store.  Currently only `sql` is supported.
+  Specifies the type of store. Currently only `sql` is supported.
 
-- `supported_transformations: `(list: ["tokenization"])` 
-  The types of transformations this store can host.  Currently only `tokenization`
+- `supported_transformations: `(list: ["tokenization"])` The types of transformations this store can host. Currently only`tokenization`
   is supported.
 
 - `connection_string` `(string: <required>)` -
@@ -723,7 +718,6 @@ The database user configured here should only have permission to `SELECT`,
 - `password`: `(string: <required>)` -
   The password value to use when connecting to the database.
 
-
 - `schema`: `(string: "public")` -
   The schema within the database to expect tokenization state tables.
 
@@ -750,7 +744,6 @@ The database user configured here should only have permission to `SELECT`,
 
 ### Sample Request
 
-
 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
@@ -762,13 +755,13 @@ $ curl \
 ## Create/Update Store Schema
 
 This endpoint creates or updates the underlying schema in an SQL type
-tokenization store.  The provided username and password are only used during
-this call.  This is so one may use a user with DDL privileges to create 
+tokenization store. The provided username and password are only used during
+this call. This is so one may use a user with DDL privileges to create
 or update the schema, but still use a much more limited user for ordinary
 operation.
 
-| Method | Path                                           |
-| :----- | :--------------------------------------------- |
+| Method | Path                            |
+| :----- | :------------------------------ |
 | `POST` | `/transform/store/:name/schema` |
 
 ### Parameters
@@ -778,7 +771,7 @@ operation.
   the request URL.
 
 - `transformation_type`: `(string: "tokenization")` -
-  The transformation type.  Currently only tokenization is supported.
+  The transformation type. Currently only tokenization is supported.
 
 - `username`: `(string: <required>)` -
   The username value to use when connecting to the database.
@@ -786,7 +779,6 @@ operation.
 - `password`: `(string: <required>)` -
   The password value to use when connecting to the database.
 
-
 ### Sample Payload
 
 ```json
@@ -798,7 +790,6 @@ operation.
 
 ### Sample Request
 
-
 ```shell-session
 $ curl \
     --header "X-Vault-Token: ..." \
@@ -807,12 +798,12 @@ $ curl \
     https://127.0.0.1:8200/v1/transform/store/example-store/schema
 ```
 
-## Read Store 
+## Read Store
 
 This endpoint queries an existing store by the given name.
 
-| Method | Path                        |
-| :----- | :-------------------------- |
+| Method | Path                     |
+| :----- | :----------------------- |
 | `GET`  | `/transform/store/:name` |
 
 - `name` `(string: <required>)` –
@@ -842,8 +833,8 @@ $ curl \
 
 This endpoint lists all existing stores in the secrets engine.
 
-| Method | Path                  |
-| :----- | :-------------------- |
+| Method | Path               |
+| :----- | :----------------- |
 | `LIST` | `/transform/store` |
 
 ### Sample Request
@@ -865,13 +856,12 @@ $ curl
 }
 ```
 
-
 ## Delete Store
 
 This endpoint deletes an existing store configuration by the given name.
 
-| Method   | Path                        |
-| :------- | :-------------------------- |
+| Method   | Path                     |
+| :------- | :----------------------- |
 | `DELETE` | `/transform/store/:name` |
 
 ### Parameters
@@ -889,7 +879,6 @@ $ curl \
     http://127.0.0.1:8200/v1/transform/store/example-store
 ```
 
-
 ## Encode
 
 This endpoint encodes the provided value using a named role.
@@ -914,13 +903,13 @@ This endpoint encodes the provided value using a named role.
   must be specified.
 
 - `ttl` `(duration "0") -
-  Specifies the TTL of the resulting token.  Only applicable for tokenization
+  Specifies the TTL of the resulting token. Only applicable for tokenization
   transformations.
 
-- `metadata` `(string)` - 
+- `metadata` `(string)` -
   For tokenization transforms, a list of key value pairs of the form
   `key1=value1,key2=value2,`... These optional metadata values will be
-  stored with the value and can be retrieved with the 
+  stored with the value and can be retrieved with the
   [metadata](#retrieve-token-metadata) endpoint.
 
 - `tweak` `(string)` –
@@ -944,7 +933,8 @@ This endpoint encodes the provided value using a named role.
       "value": "2222-2222-2222-2222",
       "transformation": "ccn-masking"
     },
-    { "value": "3333-3333-3333-3333",
+    {
+      "value": "3333-3333-3333-3333",
       "transformation": "ccn-tokenization",
       "ttl": "42d"
     }
@@ -990,14 +980,14 @@ $ curl \
 ```json
 {
   "batch_input": [
-     {
+    {
       "transformation": "ccn-fpe",
       "value": "1111-2222-3333-4444"
-     }, 
-     {
+    },
+    {
       "transformation": "ccn-tokenization",
       "value": "1111-2222-3333-4444"
-     }
+    }
   ]
 }
 ```
@@ -1016,14 +1006,14 @@ $ curl \
 
 ```json
 {
-  data: {
+  "data": {
     "batch_results": [
       {
         "encoded_value": "5682-4613-6822-8064"
       },
       {
         "encoded_value": "Q4tYgFXHxURXf9MLekG82L51vSAQrDnpAiaB37J4VPRxoQEB3fRpwR"
-      },
+      }
     ]
   }
 }
@@ -1105,14 +1095,14 @@ $ curl \
 ```json
 {
   "batch_input": [
-     {
+    {
       "transformation": "ccn-fpe",
       "value": "5682-4613-6822-8064"
-     }, 
-     {
+    },
+    {
       "transformation": "ccn-tokenization",
       "value": "Q4tYgFXHxURXf9MLekG82L51vSAQrDnpAiaB37J4VPRxoQEB3fRpwR"
-     }
+    }
   ]
 }
 ```
@@ -1131,18 +1121,19 @@ $ curl \
 
 ```json
 {
-  data: {
+  "data": {
     "batch_results": [
       {
         "encoded_value": "1111-2222-3333-4444"
       },
       {
         "encoded_value": "1111-2222-3333-4444"
-      },
+      }
     ]
   }
 }
 ```
+
 ## Validate Token
 
 This endpoint determines if a provided tokenized value is valid and unexpired.
@@ -1213,9 +1204,9 @@ $ curl \
 
 ## Check Tokenization
 
-This endpoint determines if a provided plaintext value has an valid, unexpired 
-tokenized value.  Note that this cannot return the token, just confirm that a 
-tokenized value exists.  This endpoint is only valid for tokenization 
+This endpoint determines if a provided plaintext value has an valid, unexpired
+tokenized value. Note that this cannot return the token, just confirm that a
+tokenized value exists. This endpoint is only valid for tokenization
 transformations.
 
 | Method | Path                              |
@@ -1281,7 +1272,6 @@ $ curl \
 }
 ```
 
-
 ## Retrieve Token Metadata
 
 This endpoint retrieves metadata for a tokenized value using a named role.
@@ -1350,4 +1340,3 @@ $ curl \
   }
 }
 ```
-

website/content/api-docs/system/internal-counters.mdx

@@ -157,11 +157,11 @@ This endpoint was added in Vault 1.6.
 ### Parameters
 
 - `start_time` `(string, optional)` - An RFC3339 timestamp or Unix epoch time. Specifies the start of the
-period for which client counts will be reported. If no start time is specified, the `default_report_months`
-prior to the `end_time` will be used.
-- `end_time` `(string, optional)` - An RFC3339 timestamp or Unix epoch time.  Specifies the end of the period
-for which client counts will be reported.  If no end time is specified, the end of the previous calendar
-month will be used.
+  period for which client counts will be reported. If no start time is specified, the `default_report_months`
+  prior to the `end_time` will be used.
+- `end_time` `(string, optional)` - An RFC3339 timestamp or Unix epoch time. Specifies the end of the period
+  for which client counts will be reported. If no end time is specified, the end of the previous calendar
+  month will be used.
 
 ### Sample Request
 
@@ -215,8 +215,8 @@ $ curl \
           "non_entity_tokens": 15,
           "clients": 20
         }
-      },
-    ],
+      }
+    ]
   },
   "wrap_info": null,
   "warnings": null,
@@ -230,23 +230,23 @@ $ curl \
 $ curl \
     --header "X-Vault-Token: ..." \
     --request GET \
-    http://127.0.0.1:8200/v1/sys/internal/counters/activity?end_time=2020-06-30T00%3A00%3A00Z&start_time=2020-06-01T00%3A00%3A00Z 
+    http://127.0.0.1:8200/v1/sys/internal/counters/activity?end_time=2020-06-30T00%3A00%3A00Z&start_time=2020-06-01T00%3A00%3A00Z
 ```
 
 ## Update the Client Count Configuration
 
 The `/sys/internal/counters/config` endpoint is used to configure logging of active clients.
 
-| Method  | Path                              |
-| :------ | :-------------------------------- |
-| `POST`  | `/sys/internal/counters/config`   |
+| Method | Path                            |
+| :----- | :------------------------------ |
+| `POST` | `/sys/internal/counters/config` |
 
 ### Parameters
 
 - `default_report_months` `(integer: 12)` - The number of months to report if no `start_time` is specified in a query.
 - `enabled` `(string: enable, disable, default)` - Enable or disable counting of client activity. When set to `default`, the client
-counts are enabled on Enterprise builds and disabled on OSS builds. Disabling the feature during the middle of a month will
-discard any data recorded for that month, but does not delete previous months.
+  counts are enabled on Enterprise builds and disabled on OSS builds. Disabling the feature during the middle of a month will
+  discard any data recorded for that month, but does not delete previous months.
 - `retention_months` `(integer: 24)` - The number of months of history to retain.
 
 Any missing parameters are left at their existing value.
@@ -255,9 +255,9 @@ Any missing parameters are left at their existing value.
 
 ```json
 {
-  "enabled" : "enable",
-  "default_report_months" : 3,
-  "retention_months" : 12
+  "enabled": "enable",
+  "default_report_months": 3,
+  "retention_months": 12
 }
 ```
 
@@ -273,11 +273,11 @@ $ curl \
 
 ## Read the Client Count Configuration
 
-Reading the configuration shows the current settings, as well as a flag as to whether any data can be queried. 
+Reading the configuration shows the current settings, as well as a flag as to whether any data can be queried.
 
 - `enabled` `(string)` - returns `default-enabled` or `default-disabled` if the configuration is `default`.
-- `queries_available` `(bool)` - indicates whether any usage report is available.  This will initially be
-false until the end of the first calendar month after the feature is enabled.
+- `queries_available` `(bool)` - indicates whether any usage report is available. This will initially be
+  false until the end of the first calendar month after the feature is enabled.
 
 ### Sample Request
 

website/content/api-docs/system/lease-count-quotas.mdx

@@ -38,7 +38,7 @@ that can either be a namespace or mount.
 ```json
 {
   "path": "",
-  "max_leases": 1000,
+  "max_leases": 1000
 }
 ```
 

website/content/api-docs/system/leases.mdx

@@ -226,7 +226,6 @@ Generally, running this is not needed unless upgrade notes or support personnel
 suggest it. This may perform a lot of I/O to the storage method so should be
 used sparingly.
 
-
 | Method | Path               |
 | :----- | :----------------- |
 | `POST` | `/sys/leases/tidy` |