scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-11-01 19:17:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

[DOCS] SEO updates for config docs (#29242)

Browse Source 
* seo updates for config docs

* fix content errors

* Make KMS title consistent with other stanza titles
This commit is contained in:
Sarah Chavis
2024-12-19 16:21:33 -08:00
committed by GitHub
parent f7ab5ca73d
commit 8f6e95f1a3
55 changed files with 283 additions and 328 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
website/content/docs/configuration/adaptive-overload-protection.mdx
View File

@@ -1,12 +1,12 @@
---
layout: docs
page_title: Adaptive overload protection - Configuration
description: |-
Use adaptive overload protection with Vault Enterprise to automatically
prevent workloads from overloading different resources of your Vault servers.
page_title: adaptive_overload_protection - Configuration
description: >-
Configure the adaptive_overload_protection stanza to customize automatic
prevention for resource overloads in Vault Enterprise servers.
---
# `adaptive_overload_protection`
# `adaptive_overload_protection` stanza
@include 'alerts/enterprise-only.mdx'

8
website/content/docs/configuration/entropy-augmentation.mdx
View File

@@ -1,12 +1,12 @@
---
layout: docs
page_title: Entropy Augmentation - Configuration
page_title: Configure entropy augmentation
description: >-
Entropy augmentation enables Vault to sample entropy from external
cryptographic modules.
Configure entropy augmentation to sample entropy from external cryptographic
modules when sealing Vault.
---
# `Entropy augmentation` seal
# Configure entropy augmentation
Entropy augmentation enables Vault to sample entropy from external cryptographic modules.
Sourcing external entropy is done by configuring a supported [Seal](/vault/docs/configuration/seal) type which

7
website/content/docs/configuration/index.mdx
View File

@@ -1,10 +1,11 @@
---
layout: docs
page_title: Server Configuration
description: Vault server configuration reference.
page_title: Vault configuration parameters
description: >-
Example Vault configuration file and high-level parameter reference.
---
# Vault configuration
# Vault configuration parameters
Outside of development mode, Vault servers are configured using a file.
The format of this file is [HCL](https://github.com/hashicorp/hcl) or JSON.

6
website/content/docs/configuration/kms-library.mdx
View File

@@ -1,9 +1,9 @@
---
layout: docs
page_title: Kms Library - Configuration
page_title: kms_library - Configuration
description: >-
The kms_library stanza allows node specific configuration for access to
KMS access libraries
Configure the kms_library stanza to customize node-specific access to KMS
access libraries
---
# `kms_library` stanza

8
website/content/docs/configuration/listener/index.mdx
View File

@@ -1,9 +1,9 @@
---
layout: docs
page_title: Listeners - Configuration
description: |-
The listener stanza configures the addresses and ports on which Vault will
respond to requests.
page_title: listener - Configuration
description: >-
Configure the listener stanza to customize the addresses and ports where Vault
listens for, and responds to, requests.
---
# `listener` stanza

7
website/content/docs/configuration/listener/tcp/index.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: TCP - Listeners - Configuration
page_title: TCP listener configuration
description: >-
The TCP listener configures Vault to listen on the specified TCP address and
port.
Configure Vault to listen on a TCP address and port.
---
# `tcp` listener
# TCP listener configuration
@include 'alerts/ipv6-compliance.mdx'

8
website/content/docs/configuration/listener/unix.mdx
View File

@@ -1,11 +1,11 @@
---
layout: docs
page_title: Unix - Listeners - Configuration
description: |-
The Unix listener configures Vault to listen on the specified Unix domain socket.
page_title: Unix listener configuration
description: >-
Configure Vault to listen on a Unix domain socket.
---
# `unix` listener
# Unix listener configuration
The Unix listener configures Vault to listen on the specified Unix domain socket.

8
website/content/docs/configuration/log-requests-level.mdx
View File

@@ -1,11 +1,11 @@
---
layout: docs
page_title: Log Completed Requests - Configuration
description: |-
Vault can be configured to log completed requests.
page_title: Configure completed request logging
description: >-
Configure the logging level for completed requests in Vault.
---
# Log completed requests
# Configure completed request logging
Vault can be configured to log completed requests using the `log_requests_level` configuration parameter.

2
website/content/docs/configuration/prevent-lease-explosions.mdx
View File

@@ -2,7 +2,7 @@
layout: docs
page_title: Prevent lease explosions
description: >-
Learn how to prevent lease explosions in Vault.
Best practices for avoiding, and dealing with, lease explosions in Vault.
---
# Prevent lease explosions

2
website/content/docs/configuration/programmatic-management.mdx
View File

@@ -1,6 +1,6 @@
---
layout: docs
page_title: Manage Vault resources programmatically
page_title: Manage Vault programmatically with Terraform
description: >-
Step-by-step instructions for managing Vault resources programmatically with
Terraform

2
website/content/docs/configuration/replication.mdx
View File

@@ -2,7 +2,7 @@
layout: docs
page_title: Replication - Configuration
description: |-
The replication stanza specifies various parameters for tuning replication related values.
Configure the replication stanza to tune replication behavior in Vault.
---
# `replication` stanza

7
website/content/docs/configuration/reporting.mdx
View File

@@ -1,11 +1,12 @@
---
layout: docs
page_title: Reporting - Configuration
description: |-
The reporting stanza specifies various parameters for tuning reporting and licensing related values.
description: >-
Configure the reporting stanza to customize the reporting behavior for tuning
and licensing in Vault.
---
# `replication` stanza
# `reporting` stanza
@include 'alerts/enterprise-only.mdx'

9
website/content/docs/configuration/seal/alicloudkms.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: AliCloud KMS - Seals - Configuration
page_title: AliCloud KMS seal configuration
description: >-
The AliCloud KMS seal configures Vault to use AliCloud KMS as the seal
wrapping
mechanism.
Configure Vault sealing to use AliCloud KMS.
---
# `alicloudkms` seal
# AliCloud KMS seal configuration
<Note title="Seal wrapping requires Vault Enterprise">

9
website/content/docs/configuration/seal/awskms.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: AWS KMS - Seals - Configuration
description: |-
The AWS KMS seal configures Vault to use AWS KMS as the seal wrapping
mechanism.
page_title: AWS KMS seal configuration
description: >-
Configure Vault sealing to use AWS KMS.
---
# `awskms` seal
# AWS KMS seal configuration
<Note title="Seal wrapping requires Vault Enterprise">

9
website/content/docs/configuration/seal/azurekeyvault.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: Azure Key Vault - Seals - Configuration
page_title: Azure Key Vault seal configuration
description: >-
The Azure Key Vault seal configures Vault to use Azure Key Vault as the seal
wrapping
mechanism.
Configure Vault sealing to use Azure Key Vault.
---
# `azurekeyvault` seal
# Azure Key Vault seal configuration
<Note title="Seal wrapping requires Vault Enterprise">

9
website/content/docs/configuration/seal/gcpckms.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: GCP Cloud KMS - Seals - Configuration
page_title: GCP Cloud KMS seal configuration
description: >-
The GCP Cloud KMS seal configures Vault to use GCP Cloud KMS as the seal
wrapping
mechanism.
Configure Vault sealing to use GCP Cloud KMS.
---
# `gcpckms` seal
# GCP Cloud KMS seal configuration
<Note title="Seal wrapping requires Vault Enterprise">

5
website/content/docs/configuration/seal/index.mdx
View File

@@ -1,9 +1,8 @@
---
layout: docs
page_title: Seals - Configuration
page_title: seal - Configuration
description: >-
The seal stanza configures the seal type to use for additional data
protection.
Configure the seal stanza to customize the sealing behavior for Vault.
---
# `seal` stanza

9
website/content/docs/configuration/seal/ocikms.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: OCI KMS - Seals - Configuration
description: |-
The OCI KMS seal configures Vault to use OCI KMS as the seal wrapping
mechanism.
page_title: OCI KM seal configuration
description: >-
Configure Vault sealing to use OCI KMS.
---
# `ocikms` seal
# OCI KMS seal configuration
<Note title="Seal wrapping requires Vault Enterprise">

9
website/content/docs/configuration/seal/pkcs11.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: PKCS11 - Seals - Configuration
description: |-
The PKCS11 seal configures Vault to use an HSM with PKCS11 as the seal
wrapping mechanism.
page_title: HSM PKCS11 seal configuration
description: >-
Configure Vault sealing to use PKCS11.
---
# `pkcs11` seal
# HSM PKCS11 seal configuration
<Note title="Auto-unseal and seal wrapping requires Vault Enterprise">

6
website/content/docs/configuration/seal/seal-best-practices.mdx
View File

@@ -1,11 +1,11 @@
---
layout: docs
page_title: Seal best practices
page_title: Sealing best practices
description: >-
The recommended pattern and best practices for unsealing a production Vault cluster.
Best practices for configuring seal and unseal behavior in Vault.
---
# Seal best practices
# Sealing best practices
This documentation explains the concepts, options, and considerations for unsealing a production Vault cluster. It builds on the [Reference Architecture](/vault/tutorials/raft/raft-reference-architecture) and [Deployment Guide](/vault/tutorials/day-one-raft/raft-deployment-guide) for Vault to deliver a pattern for a common Vault use case.

9
website/content/docs/configuration/seal/seal-ha.mdx
View File

@@ -1,11 +1,12 @@
---
layout: docs
page_title: Seal High Availability - Seals - Configuration
description: |-
How to configure multiple Seals for high availability.
page_title: Configure HA for Vault seals
description: >-
Customize the seal stanza to support multiple seals in high availability
deployments.
---
# Seal High Availability
# Configure high availability for Vault seals
@include 'alerts/enterprise-only.mdx'

5
website/content/docs/configuration/seal/transit-best-practices.mdx
View File

@@ -2,10 +2,11 @@
layout: docs
page_title: Transit auto-unseal best practices
description: >-
Recommendations and best practices for using Vault's transit secrets engine to auto-unseal your production Vault clusters.
Best practices for using the Transit plugin for auto-unsealing production
Vault clusters.
---
# Transit auto-unseal best practices
# Auto-unseal best practices for the Transit plugin
This document provides a framework for creating a usable solution for auto-unseal using Vault when HSM or cloud-based KMS auto-unseal mechanism is not available for your environment, such as in an internal data center deployment.

9
website/content/docs/configuration/seal/transit.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Vault Transit - Seals - Configuration
description: |-
The Transit seal configures Vault to use Vault's Transit Secret Engine as the
autoseal mechanism.
page_title: Transit seal configuration
description: >-
Configure Vault sealing to use the Transit secrets plugin.
---
# `transit` seal
# Transit seal configuration
<Note title="Seal wrap functionality requires Vault Enterprise">

4
website/content/docs/configuration/sentinel.mdx
View File

@@ -1,8 +1,8 @@
---
layout: docs
page_title: Sentinel - Configuration
description: |-
The sentinel stanza specifies configurations for Vault's Sentinel integration.
description: >-
Configure the sentinel stanza to customize your Sentinel integration.
---
# `sentinel` stanza

9
website/content/docs/configuration/service-registration/consul.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: Consul - Service Registration - Configuration
page_title: Consul service registration
description: >-
Consul Service Registration registers Vault as a service in Consul with a
default
health check.
Configure Vault to use Consul to manage service registration.
---
# Consul service registration
# Configure Consul service registration
Consul Service Registration registers Vault as a service in [Consul][consul] with
a default health check. When Consul is configured as the storage backend, the stanza

8
website/content/docs/configuration/service-registration/index.mdx
View File

@@ -1,9 +1,9 @@
---
layout: docs
page_title: Service Registration - Configuration
description: |-
The optional `service_registration` stanza configures Vault's mechanism for
service registration.
page_title: service_registration - Configuration
description: >-
Configure the `service_registration` stanza to customize the service
registration mechanism for Vault.
---
# `service_registration` stanza

7
website/content/docs/configuration/service-registration/kubernetes.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Kubernetes - Service Registration - Configuration
page_title: Kubernetes service registration
description: >-
Kubernetes Service Registration labels Vault pods with their current status
for use with selectors.
Configure Vault to use Kubernetes to manage service registration.
---
# Kubernetes service registration
# Configure Kubernetes service registration
Kubernetes Service Registration tags Vault pods with their current status for
use with selectors. Service registration is only available when Vault is running in

9
website/content/docs/configuration/storage/aerospike.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Aerospike - Storage Backends - Configuration
description: |-
The Aerospike storage backend is used to persist Vault's data in an Aerospike
cluster.
page_title: Aerospike configuration
description: >-
Configure Vault backend storage to use Aerospike clusters.
---
# Aerospike storage backend
# Aerospike configuration for Vault backend storage
The Aerospike storage backend is used to persist Vault's data in an
[Aerospike][aerospike] cluster.

9
website/content/docs/configuration/storage/alicloudoss.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Alicloud OSS - Storage Backends - Configuration
description: |-
The Alicloud OSS storage backend is used to persist Vault's data in
an Alicloud OSS bucket.
page_title: Alicloud OSS configuration
description: >-
Configure Vault backend storage to use Alicloud OSS buckets.
---
# Alicloud OSS storage backend
# Alicloud OSS configuration for Vault backend storage
The Alicloud OSS storage backend is used to persist Vault's data in
an [Alicloud OSS][alicloudoss] bucket.

10
website/content/docs/configuration/storage/azure.mdx
View File

@@ -1,13 +1,11 @@
---
layout: docs
page_title: Azure - Storage Backends - Configuration
description: |-
The Azure storage backend is used to persist Vault's data in an Azure Storage
Container. The storage container must already exist and the provided account
credentials must have read and write permissions to the storage container.
page_title: Azure configuration
description: >-
Configure Vault backend storage to use Azure storage containers.
---
# Azure storage backend
# Azure configuration for Vault backend storage
The Azure storage backend is used to persist Vault's data in an
[Azure Storage Container][azure-storage]. The storage container must already

9
website/content/docs/configuration/storage/cassandra.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Cassandra - Storage Backends - Configuration
description: |-
The Cassandra storage backend is used to persist Vault's data in an Apache
Cassandra cluster.
page_title: Cassandra configuration
description: >-
Configure Vault backend storage to use an Apache Cassandra cluster.
---
# Cassandra storage backend
# Cassandra configuration for Vault backend storage
The Cassandra storage backend is used to persist Vault's data in an [Apache
Cassandra][cassandra] cluster.

7
website/content/docs/configuration/storage/cockroachdb.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: CockroachDB - Storage Backends - Configuration
page_title: CockroachDB configuration
description: >-
The CockroachDB storage backend is used to persist Vault's data in a
CockroachDB server or cluster.
Configure Vault backend storage to use CockroachDB servers or clusters.
---
# CockroachDB storage backend
# CockroachDB configuration for Vault backend storage
The CockroachDB storage backend is used to persist Vault's data in a
[CockroachDB][cockroachdb] server or cluster.

11
website/content/docs/configuration/storage/consul.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: Consul - Storage Backends - Configuration
description: |-
The Consul storage backend is used to persist Vault's data in Consul's
key-value store. In addition to providing durable storage, inclusion of this
backend will also register Vault as a service in Consul with a default health
check.
page_title: Consul configuration
description: >-
Configure Vault backend storage to use a Consul key-value store.
---
# Consul storage backend
# Consul configuration for Vault backend storage
The Consul storage backend is used to persist Vault's data in [Consul's][consul]
key-value store. In addition to providing durable storage, inclusion of this

9
website/content/docs/configuration/storage/couchdb.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: CouchDB - Storage Backends - Configuration
description: |-
The CouchDB storage backend is used to persist Vault's data in a CouchDB
database.
page_title: CouchDB configuration
description: >-
Configure Vault backend storage to use CouchDB.
---
# CouchDB storage backend
# CouchDB configuration for Vault backend storage
The CouchDB storage backend is used to persist Vault's data in
[CouchDB][couchdb] table.

9
website/content/docs/configuration/storage/dynamodb.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: DynamoDB - Storage Backends - Configuration
description: |-
The DynamoDB storage backend is used to persist Vault's data in DynamoDB
table.
page_title: DynamoDB configuration
description: >-
Configure Vault backend storage to use DynamoDB tables.
---
# DynamoDB storage backend
# DynamoDB configuration for Vault backend storage
The DynamoDB storage backend is used to persist Vault's data in
[DynamoDB][dynamodb] table.

10
website/content/docs/configuration/storage/etcd.mdx
View File

@@ -1,13 +1,11 @@
---
layout: docs
page_title: Etcd - Storage Backends - Configuration
description: |-
The Etcd storage backend is used to persist Vault's data in Etcd. It supports
both the v2 and v3 Etcd APIs, and the version is automatically detected based
on the version of the Etcd cluster.
page_title: Etcd configuration
description: >-
Configure Vault backend storage to use Etcd clusters.
---
# Etcd storage backend
# Etcd configuration for Vault backend storage
The Etcd storage backend is used to persist Vault's data in [Etcd][etcd]. It
supports both the v2 and v3 Etcd APIs, and the version is automatically detected

11
website/content/docs/configuration/storage/filesystem.mdx
View File

@@ -1,13 +1,12 @@
---
layout: docs
page_title: Filesystem - Storage Backends - Configuration
description: |-
The Filesystem storage backend stores Vault's data on the filesystem using a
standard directory structure. It can be used for durable single server
situations, or to develop locally where durability is not critical.
page_title: File system configuration
description: >-
Configure Vault backend storage to use a standard directory structure on the
local filesystem.
---
# Filesystem storage backend
# File system configuration for Vault backend storage
The Filesystem storage backend stores Vault's data on the filesystem using a
standard directory structure. It can be used for durable single server

9
website/content/docs/configuration/storage/foundationdb.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: FoundationDB - Storage Backends - Configuration
description: |-
The FoundationDB storage backend is used to persist Vault's data in the
FoundationDB KV store.
page_title: FoundationDB configuration
description: >-
Configure Vault backend storage to use the FoundationDB KV store.
---
# FoundationDB storage backend
# FoundationDB configuration for Vault backend storage
The FoundationDB storage backend is used to persist Vault's data in
[FoundationDB][foundationdb].

10
website/content/docs/configuration/storage/google-cloud-spanner.mdx
View File

@@ -1,13 +1,11 @@
---
layout: docs
page_title: Google Cloud Spanner - Storage Backends - Configuration
description: |-
The Google Cloud Spanner storage backend is used to persist Vault's data in
Spanner, a fully managed, mission-critical, relational database service that
offers transactional consistency at global scale.
page_title: Google Cloud Spanner configuration
description: >-
Configure Vault backend storage to use Google Cloud Spanner.
---
# Google Cloud spanner storage backend
# Google Cloud Spanner configuration for Vault backend storage
The Google Cloud Spanner storage backend is used to persist Vault's data in
[Spanner][spanner-docs], a fully managed, mission-critical, relational database

9
website/content/docs/configuration/storage/google-cloud-storage.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Google Cloud Storage - Storage Backends - Configuration
description: |-
The Google Cloud Storage storage backend is used to persist Vault's data in
Google Cloud Storage.
page_title: Google Cloud Storage configuration
description: >-
Configure Vault backend storage to use Google Cloud Storage.
---
# Google Cloud storage storage backend
# Google Cloud Storage configuration for Vault backend storage
The Google Cloud Storage storage backend is used to persist Vault's data in
[Google Cloud Storage][gcs-docs].

11
website/content/docs/configuration/storage/in-memory.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: In-Memory - Storage Backends - Configuration
description: |-
The In-Memory storage backend is used to persist Vault's data entirely
in-memory on the same machine in which Vault is running. This is useful for
development and experimentation, but use of this backend is highly discouraged
in production except in very specific use-cases.
page_title: In-memory storage configuration
description: >-
Configure Vault backend storage to use in-memory storage.
---
# In-Memory storage backend
# In-memory storage configuration for Vault backend storage
The In-Memory storage backend is used to persist Vault's data entirely in-memory
on the same machine in which Vault is running. This is useful for development

11
website/content/docs/configuration/storage/index.mdx
View File

@@ -1,12 +1,9 @@
---
layout: docs
page_title: Storage Backends - Configuration
description: |-
The storage stanza configures the storage backend, which represents the
location for the durable storage of Vault's information. Each backend has
pros, cons, advantages, and trade-offs. For example, some backends support
high availability while others provide a more robust backup and restoration
process.
page_title: storage - Configuration
description: >-
Configure the storage stanza to customize persistent, backend storage for
Vault.
---
# `storage` stanza

9
website/content/docs/configuration/storage/manta.mdx
View File

@@ -1,14 +1,11 @@
---
layout: docs
page_title: Manta - Storage Backends - Configuration
page_title: Manta configuration
description: >-
The Manta storage backend is used to persist Vault's data in Triton's Manta
Object
Storage. The storage folder must already exist.
Configure Vault backend storage to use Manta Object Storage from Triton.
---
# Manta storage backend
# Manta Object Storage configuration for Vault backend storage
The Manta storage backend is used to persist Vault's data in [Triton's Manta Object
Storage][manta-object-store]. The storage folder must already exist.

9
website/content/docs/configuration/storage/mssql.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: MSSQL - Storage Backends - Configuration
description: >-
The MSSQL storage backend is used to persist Vault's data in a Microsoft SQL
Server.
page_title: MSSQL configuration
description: >-
Configure Vault backend storage to use Microsoft SQL Server.
---
# MSSQL storage backend
# Microsoft SQL Server configuration for Vault backend storage
The MSSQL storage backend is used to persist Vault's data in a Microsoft SQL Server.

9
website/content/docs/configuration/storage/mysql.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: MySQL - Storage Backends - Configuration
description: |-
The MySQL storage backend is used to persist Vault's data in a MySQL server or
cluster.
page_title: MySQL configuration
description: >-
Configure Vault backend storage to use a MySQL server or cluster.
---
# MySQL storage backend
# MySQL configuration for Vault backend storage
The MySQL storage backend is used to persist Vault's data in a [MySQL][mysql]
server or cluster.

4
website/content/docs/configuration/storage/oci-object-storage.mdx
View File

@@ -1,12 +1,12 @@
---
layout: docs
page_title: OCI Object Storage - Storage Backends - Configuration
page_title: OCI Object Storage configuration
description: >-
The OCI Object Storage backend is used to persist Vault's data in OCI Object
Storage.
---
# OCI object storage storage backend
# OCI Object Storage configuration for Vault backend storage
The OCI Object Storage backend is used to persist Vault's data in OCI Object Storage.

9
website/content/docs/configuration/storage/postgresql.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: PostgreSQL - Storage Backends - Configuration
description: |-
The PostgreSQL storage backend is used to persist Vault's data in a PostgreSQL
server or cluster.
page_title: PostgreSQL configuration
description: >-
Configure Vault backend storage to use a PostgreSQL server or cluster.
---
# PostgreSQL storage backend
# PostgreSQL configuration for Vault backend storage
The PostgreSQL storage backend is used to persist Vault's data in a
[PostgreSQL][postgresql] server or cluster.

10
website/content/docs/configuration/storage/raft.mdx
View File

@@ -1,13 +1,11 @@
---
layout: docs
page_title: Integrated Storage - Storage Backends - Configuration
page_title: Integrated storage configuration
description: >-
The Integrated Storage (Raft) backend is used to persist Vault's data. Unlike all the other
storage backends, this backend does not operate from a single source for the
data. Instead all the nodes in a Vault cluster will have a replicated copy of
the entire data. The data is replicated across the nodes using the Raft
Consensus Algorithm.
Configure Vault backend storage to use the integrated storage backend so that
all the nodes in a Vault cluster have a replicated copy of persistent storage
managed by the Raft consensus algorithm.
---
# Integrated storage (Raft) backend

9
website/content/docs/configuration/storage/s3.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: S3 - Storage Backends - Configuration
description: |-
The S3 storage backend is used to persist Vault's data in an Amazon S3
bucket.
page_title: S3 configuration
description: >-
Configure Vault backend storage to use Amazon S3 buckets.
---
# S3 storage backend
# S3 configuration for Vault backend storage
The S3 storage backend is used to persist Vault's data in an [Amazon S3][s3]
bucket.

9
website/content/docs/configuration/storage/swift.mdx
View File

@@ -1,12 +1,11 @@
---
layout: docs
page_title: Swift - Storage Backends - Configuration
description: |-
The Swift storage backend is used to persist Vault's data in an OpenStack
Swift Container.
page_title: Swift configuration
description: >-
Configure Vault backend storage to use OpenStack Swift containers.
---
# Swift storage backend
# Swift configuration for Vault backend storage
The Swift storage backend is used to persist Vault's data in an
[OpenStack Swift Container][swift].

7
website/content/docs/configuration/storage/zookeeper.mdx
View File

@@ -1,10 +1,11 @@
---
layout: docs
page_title: Zookeeper - Storage Backends - Configuration
description: The Zookeeper storage backend is used to persist Vault's data in Zookeeper.
page_title: Zookeeper configuration
description: >-
Configure Vault backend storage to use Zookeeper.
---
# Zookeeper storage backend
# Zookeeper configuration for Vault backend storage
The Zookeeper storage backend is used to persist Vault's data in
[Zookeeper][zk].

6
website/content/docs/configuration/telemetry.mdx
View File

@@ -1,9 +1,9 @@
---
layout: docs
page_title: Telemetry - Configuration
description: |-
The telemetry stanza specifies various configurations for Vault to publish
metrics to upstream systems.
description: >-
Configure the telemetry stanza to publish Vault usage metrics to upstream
systems.
---
# `telemetry` stanza

32
website/content/docs/configuration/ui.mdx
View File

@@ -1,23 +1,19 @@
---
layout: docs
page_title: UI - Configuration
description: |-
Vault features a user interface (web interface) for interacting with Vault.
Easily create, read, update, and delete secrets, authenticate, unseal, and
more with the Vault UI.
page_title: GUI - Configuration
description: >-
Configure the web interface (GUI) for Vault.
---
# Vault UI
# Vault GUI configuration
Vault features a user interface (web interface) for interacting with Vault.
Easily create, read, update, and delete secrets, authenticate, unseal, and
more with the Vault UI.
more with the Vault GUI.
-> The UI requires **Vault 0.10 or higher** or Vault Enterprise.
## Activating the Vault GUI
## Activating the Vault UI
The Vault UI is not activated by default. To activate the UI, set the `ui`
The Vault GUI is not activated by default. To activate the UI, set the `ui`
configuration option in the Vault server configuration. Vault clients do not
need to set this option, since they will not be serving the UI.
@@ -32,7 +28,7 @@ listener "tcp" {
For more information, please see the
[Vault configuration options](/vault/docs/configuration).
## Accessing the Vault UI
## Accessing the Vault GUI
The UI runs on the same port as the Vault listener. As such, you must configure
at least one `listener` stanza in order to access the UI.
@@ -41,7 +37,7 @@ at least one `listener` stanza in order to access the UI.
listener "tcp" {
address = "10.0.1.35:8200"
# If bound to localhost, the Vault UI is only
# If bound to localhost, the Vault GUI is only
# accessible from the local machine!
# address = "127.0.0.1:8200"
}
@@ -64,16 +60,16 @@ https://vault.service.consul:8200/ui/
### Note on TLS
When using TLS (recommended), the certificate must be valid for all DNS entries
you will be accessing the Vault UI on, and any IP addresses on the SAN. If you
you will be accessing the Vault GUI on, and any IP addresses on the SAN. If you
are running Vault with a self-signed certificate, any browsers that access the
Vault UI will need to have the root CA installed. Failure to do so may result in
Vault GUI will need to have the root CA installed. Failure to do so may result in
the browser displaying a warning that the site is "untrusted". It is highly
recommended that client browsers accessing the Vault UI install the proper CA
recommended that client browsers accessing the Vault GUI install the proper CA
root for validation to reduce the chance of a MITM attack.
## Vault UI Web REPL
## CLI emulation in the Vault GUI
The Vault UI includes an interactive Web REPL to interact with Vault's API much
The Vault GUI includes an interactive Web REPL to interact with Vault's API much
like the Vault CLI. For more on that, see the
[Web REPL documentation](/vault/docs/commands/web).

9
website/content/docs/configuration/user-lockout.mdx
View File

@@ -1,10 +1,11 @@
---
layout: docs
page_title: User Lockout - Configuration
description: |-
The user_lockout stanza specifies various configurations for user lockout behaviour for
failed logins in vault.
page_title: User lockout - Configuration
description: >-
Configure the user_lockout stanza to customize lockout behavior for failed
logins in vault.
---
# User lockout
@include 'user-lockout.mdx'

154
website/data/docs-nav-data.json
View File

@@ -320,14 +320,14 @@
"path": "concepts/duration-format"
},
{
"title": "User Lockout",
"title": "User lockout",
"path": "concepts/user-lockout"
},
{
"title": "Events",
"path": "concepts/events",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -336,7 +336,7 @@
"title": "Filtering",
"path": "concepts/filtering",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -344,7 +344,7 @@
{
"title": "Adaptive overload protection",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -365,9 +365,13 @@
"title": "Configuration",
"routes": [
{
"title": "Overview",
"title": "Parameter overview ",
"path": "configuration"
},
{
"title": "GUI configuration",
"path": "configuration/ui"
},
{
"title": "Programmatic best practices",
"path": "configuration/programmatic-best-practices"
@@ -384,6 +388,40 @@
"title": "Create a lease count quota",
"path": "configuration/create-lease-count-quota"
},
{
"title": "Configure completed request logging",
"path": "configuration/log-requests-level"
},
{
"title": "Configure entropy augmentation",
"badge": {
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/entropy-augmentation"
},
{ "heading": "Configuration stanzas" },
{
"title": "<code>adaptive_overload_protection</code>",
"badge": {
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/adaptive-overload-protection"
},
{
"title": "<code>kms_library</code>",
"badge": {
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/kms-library"
},
{
"title": "<code>listener</code>",
"routes": [
@@ -392,10 +430,10 @@
"path": "configuration/listener"
},
{
"title": "TCP",
"title": "TCP listener configuration",
"routes": [
{
"title": "Overview",
"title": "Basic configuration",
"path": "configuration/listener/tcp"
},
{
@@ -405,7 +443,7 @@
]
},
{
"title": "Unix",
"title": "Unix listener configuration",
"path": "configuration/listener/unix"
}
]
@@ -413,7 +451,7 @@
{
"title": "<code>replication</code>",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -422,7 +460,7 @@
{
"title": "<code>reporting</code>",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -436,18 +474,19 @@
"path": "configuration/seal"
},
{
"title": "Seal best practices",
"title": "Sealing best practices",
"path": "configuration/seal/seal-best-practices"
},
{
"title": "High Availability",
"title": "Configure HA for seals",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/seal/seal-ha"
},
{ "heading": "Seal wrapper options" },
{
"title": "AliCloud KMS",
"path": "configuration/seal/alicloudkms"
@@ -471,18 +510,18 @@
{
"title": "HSM PKCS11",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/seal/pkcs11"
},
{
"title": "Vault Transit",
"title": "Transit plugin",
"path": "configuration/seal/transit"
},
{
"title": "Transit best practices",
"title": "Auto-unseal best practices for Transit",
"path": "configuration/seal/transit-best-practices"
}
]
@@ -490,7 +529,7 @@
{
"title": "<code>sentinel</code>",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -503,6 +542,7 @@
"title": "Overview",
"path": "configuration/service-registration"
},
{ "heading": "Service registration options" },
{
"title": "Consul",
"path": "configuration/service-registration/consul"
@@ -517,9 +557,10 @@
"title": "<code>storage</code>",
"routes": [
{
"title": "Overview",
"title": "Backend storage for Vault",
"path": "configuration/storage"
},
{ "heading": "Storage options" },
{
"title": "Aerospike",
"path": "configuration/storage/aerospike"
@@ -557,7 +598,7 @@
"path": "configuration/storage/etcd"
},
{
"title": "Filesystem",
"title": "File system",
"path": "configuration/storage/filesystem"
},
{
@@ -573,9 +614,13 @@
"path": "configuration/storage/google-cloud-storage"
},
{
"title": "In-Memory",
"title": "In-memory storage",
"path": "configuration/storage/in-memory"
},
{
"title": "Integrated storage (Raft)",
"path": "configuration/storage/raft"
},
{
"title": "Manta",
"path": "configuration/storage/manta"
@@ -596,10 +641,6 @@
"title": "PostgreSQL",
"path": "configuration/storage/postgresql"
},
{
"title": "Integrated Storage (Raft)",
"path": "configuration/storage/raft"
},
{
"title": "S3",
"path": "configuration/storage/s3"
@@ -618,44 +659,9 @@
"title": "<code>telemetry</code>",
"path": "configuration/telemetry"
},
{
"title": "Adaptive overload protection",
"badge": {
"text": "ENTERPRISE",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/adaptive-overload-protection"
},
{
"title": "<code>ui</code>",
"path": "configuration/ui"
},
{
"title": "<code>user_lockout</code>",
"path": "configuration/user-lockout"
},
{
"title": "<code>Log Completed Requests</code>",
"path": "configuration/log-requests-level"
},
{
"title": "<code>Entropy Augmentation</code>",
"badge": {
"text": "ENTERPRISE",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/entropy-augmentation"
},
{
"title": "<code>kms_library</code>",
"badge": {
"text": "ENTERPRISE",
"type": "outlined",
"color": "neutral"
},
"path": "configuration/kms-library"
}
]
},
@@ -1193,7 +1199,7 @@
"title": "Custom Messages",
"path": "ui/custom-messages",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -1308,7 +1314,7 @@
"title": "Improve Vault traffic resiliency",
"path": "agent-and-proxy/proxy/caching/static-secret-caching",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -1539,7 +1545,7 @@
{
"title": "Key Management",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1658,7 +1664,7 @@
{
"title": "KMIP",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1715,7 +1721,7 @@
{
"title": "Certificate Issuance External Policy Service (CIEPS)",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1725,7 +1731,7 @@
"title": "Enrollment over Secure Transport (EST)",
"path": "secrets/pki/est",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1734,7 +1740,7 @@
{
"title": "Certificate Management Protocol (CMPv2)",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1778,7 +1784,7 @@
{
"title": "Transform",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1794,7 +1800,7 @@
{
"title": "Tokenization Transform",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1824,7 +1830,7 @@
{
"title": "Secrets Sync",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -1858,7 +1864,7 @@
{
"title": "Secrets Import",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -2028,7 +2034,7 @@
{
"title": "Use SAML authentication",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
},
@@ -2125,7 +2131,7 @@
"title": "Plugin Development — Event Notifications",
"path": "plugins/plugin-development-event-notifications",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -3055,7 +3061,7 @@
"title": "Run Vault with many namespaces",
"path": "enterprise/namespaces/namespace-limits",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}
@@ -3064,7 +3070,7 @@
"title": "Configure cross namespace access",
"path": "enterprise/namespaces/configure-cross-namespace-access",
"badge": {
"text": "ENTERPRISE",
"text": "ENT",
"type": "outlined",
"color": "neutral"
}