scottk/vault
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/vault.git synced 2025-10-29 17:52:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update enterprise vs hcp alerts (#23619) (#23627)

Browse Source
This commit is contained in:
Sarah Chavis
2023-10-11 16:27:13 -07:00
committed by GitHub
parent 7914b7dc39
commit cbc0d14a3e
34 changed files with 117 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
website/content/api-docs/system/config-control-group.mdx
View File

@@ -6,7 +6,7 @@ description: The '/sys/config/control-group' endpoint configures control groups.
# `/sys/config/control-group`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
The `/sys/config/control-group` endpoint is used to configure Control Group
settings.

2
website/content/api-docs/system/config-group-policy-application.mdx
View File

@@ -6,7 +6,7 @@ description: The '/sys/config/group-policy-application' endpoint is used to conf
# `/sys/config/group-policy-application`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'

2
website/content/api-docs/system/control-group.mdx
View File

@@ -6,7 +6,7 @@ description: The '/sys/control-group' endpoint handles the Control Group workflo
## Authorize control group request
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
This endpoint authorizes a control group request.

2
website/content/api-docs/system/lease-count-quotas.mdx
View File

@@ -6,7 +6,7 @@ description: The `/sys/quotas/lease-count` endpoint is used to create, edit and
# `/sys/quotas/lease-count`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'

2
website/content/api-docs/system/license.mdx
View File

@@ -8,7 +8,7 @@ description: |-
# `/sys/license/status`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
The `/sys/license/status` endpoint is used to view update the license used in
Vault.

2
website/content/api-docs/system/replication/index.mdx
View File

@@ -8,7 +8,7 @@ description: >-
# `/sys/replication`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'

42
website/content/api-docs/system/replication/replication-dr.mdx
View File

@@ -8,10 +8,10 @@ description: >-
# `/sys/replication/dr`
@include 'alerts/enterprise-only.mdx'
## Check DR status
@include 'alerts/enterprise-and-hcp.mdx'
This endpoint prints information about the status of replication (mode,
sync progress, etc).
@@ -88,6 +88,8 @@ secondary, it will look something like:
@include 'alerts/restricted-root.mdx'
@include 'alerts/enterprise-only.mdx'
This endpoint enables DR replication in primary mode. This is used when DR replication
is currently disabled on the cluster (if the cluster is already a secondary, it
must be promoted).
@@ -121,6 +123,8 @@ $ curl \
## Demote DR primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint demotes a DR primary cluster to a secondary. This DR secondary cluster
@@ -143,6 +147,8 @@ $ curl \
## Disable DR primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint disables DR replication entirely on the cluster. Any secondaries will
@@ -167,6 +173,8 @@ $ curl \
## Generate DR secondary token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint generates a DR secondary activation token for the
@@ -228,6 +236,8 @@ $ curl \
## Revoke DR secondary token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint revokes a DR secondary's ability to connect to the DR primary cluster;
@@ -262,6 +272,8 @@ $ curl \
## Generate DR secondary public key
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint allows generating a public key that is used to encrypt the returned
@@ -283,6 +295,8 @@ $ curl \
## Enable DR secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint enables replication on a DR secondary using a DR secondary activation
@@ -333,6 +347,8 @@ $ curl \
## Promote DR secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint promotes the DR secondary cluster to DR primary. For data safety and
@@ -418,6 +434,8 @@ $ curl \
## Disable DR secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint disables DR replication entirely on the cluster. The cluster will no
@@ -454,6 +472,8 @@ $ curl \
## Update DR secondary's primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
The update endpoint changes the primary cluster assigned to a DR
@@ -552,6 +572,10 @@ $ curl \
## Generate disaster recovery operation token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
The `/sys/replication/dr/secondary/generate-operation-token` endpoint is used to create a new Disaster
Recovery operation token for a DR secondary. These tokens are used to authorize
certain DR Operations. They should be treated like traditional root tokens by
@@ -559,6 +583,8 @@ being generated when needed and deleted soon after.
## Read generation progress
@include 'alerts/enterprise-only.mdx'
This endpoint reads the configuration and process of the current generation
attempt.
@@ -598,6 +624,8 @@ encode the final token, it will never be returned.
## Start token generation
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint initializes a new generation attempt. Only a single
@@ -638,6 +666,8 @@ $ curl \
## Cancel generation
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint cancels any in-progress generation attempt. This clears any
@@ -657,6 +687,8 @@ $ curl \
## Provide key share to generate token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to enter a single root key share to progress the
@@ -712,6 +744,8 @@ status, and the encoded token, if the attempt is complete.
## Delete DR operation token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint revokes the DR Operation Token. This token does not have a TTL
@@ -745,6 +779,8 @@ $ curl \
## Reindex Replication
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint reindexes the local data storage. This can cause a very long delay
@@ -800,6 +836,8 @@ $ curl \
## `/sys/replication/dr/secondary/merkle-check`
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
The Merkle check endpoint prints information about the corruption status of the Merkle tree on a DR

34
website/content/api-docs/system/replication/replication-performance.mdx
View File

@@ -8,10 +8,10 @@ description: >-
# `/sys/replication/performance`
@include 'alerts/enterprise-and-hcp-plus.mdx'
## Check performance status
@include 'alerts/enterprise-and-hcp.mdx'
This endpoint prints information about the status of replication (mode,
sync progress, etc).
@@ -86,6 +86,8 @@ secondary, it will look something like:
## Enable performance primary replication
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint enables replication in primary mode. This is used when replication
@@ -125,6 +127,8 @@ $ curl \
## Demote performance primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint demotes a performance primary cluster to a performance secondary.
@@ -147,6 +151,8 @@ $ curl \
## Disable performance primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint disables Performance Replication entirely on the cluster. Any
@@ -171,6 +177,8 @@ $ curl \
## Generate performance secondary token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint generates a performance secondary activation token for the
@@ -231,6 +239,8 @@ $ curl \
## Revoke performance secondary token
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint revokes a performance secondary's ability to connect to the
@@ -265,6 +275,8 @@ $ curl \
## Create paths filter
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to modify the mounts and namespaces that are filtered to a secondary.
@@ -311,6 +323,8 @@ $ curl \
## Read paths filter
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to read the mode and the mount/namespace paths that are filtered
@@ -343,6 +357,8 @@ $ curl \
## Delete paths filter
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to delete the mount and namespace filters for a secondary.
@@ -366,6 +382,8 @@ $ curl \
## Read dynamically generated filter (PRIMARY)
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to read the namespace and the mount paths that are dynamically
@@ -398,6 +416,8 @@ $ curl \
## Read dynamically generated filter (SECONDARY)
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint is used to read the namespace and the mount paths that are dynamically
@@ -430,6 +450,8 @@ $ curl \
## Fetch performance secondary public key
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint allows fetching a public key that is used to encrypt the returned
@@ -451,6 +473,8 @@ $ curl \
## Enable performance secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint enables Performance Replication on a secondary using a secondary activation
@@ -501,6 +525,8 @@ $ curl \
## Promote performance secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint promotes the performance secondary cluster to performance primary.
@@ -540,6 +566,8 @@ $ curl \
## Disable performance secondary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
This endpoint disables Performance Replication entirely on the cluster. The cluster will no
@@ -566,6 +594,8 @@ $ curl \
## Update performance secondary's primary
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
The update endpoint changes the primary cluster assigned to a

2
website/content/api-docs/system/sealwrap-rewrap.mdx
View File

@@ -8,7 +8,7 @@ description: >-
# `/sys/sealwrap/rewrap`
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'

6
website/content/api-docs/system/storage/raftautosnapshots.mdx
View File

@@ -5,12 +5,12 @@ description: |-
The `/sys/storage/raft/snapshot-auto` endpoints are used to manage automated
snapshots with Vault's Raft storage backend.
This is an Enterprise-only feature.
---
# `/sys/storage/raft/snapshot-auto`
@include 'alerts/enterprise-only.mdx'
@include 'alerts/restricted-root.mdx'
The `/sys/storage/raft/snapshot-auto` endpoints are used to manage automated
@@ -18,8 +18,6 @@ snapshots with Vault's Raft storage backend.
## Create/update an automated snapshots config
@include 'alerts/enterprise-and-hcp-plus.mdx'
**This endpoint requires sudo capability.**
This endpoint creates or updates a named configuration. Each configuration

2
website/content/docs/enterprise/automated-integrated-storage-snapshots.mdx
View File

@@ -9,7 +9,7 @@ description: |-
# Automated integrated storage snapshots
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Any production system should include a provision for taking regular backups.
Vault Enterprise can be configured to take and store snapshots at a specific

2
website/content/docs/enterprise/consistency.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise Consistency Model
# Vault eventual consistency
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
When running in a cluster, Vault has an eventual consistency model.
Only one node (the leader) can write to Vault's storage.

2
website/content/docs/enterprise/control-groups.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise has support for Control Group Authorization.
# Vault Enterprise control groups
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise has support for Control Group Authorization. Control Groups
add additional authorization factors to be required before satisfying a request.

2
website/content/docs/enterprise/license/autoloading.mdx
View File

@@ -6,7 +6,7 @@ description: An overview of license autoloading.
# License autoloading
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Prior to Vault 1.8, Vault Enterprise would be licensed using special binaries
that contained embedded licenses, or via a license written into Vault storage

2
website/content/docs/enterprise/license/index.mdx
View File

@@ -6,7 +6,7 @@ description: An overview of license.
# Vault license
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Licenses and EULA enhancements have been introduced in Vault 1.8 release. Please refer to the [FAQ](/vault/docs/enterprise/license/faq) for common questions concerning these changes.

2
website/content/docs/enterprise/license/utilization-reporting.mdx
View File

@@ -7,7 +7,7 @@ description: >-
# Automated license utilization reporting
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Automated license utilization reporting sends license utilization data to
HashiCorp without requiring you to manually collect and report them. It also

2
website/content/docs/enterprise/managed-keys.mdx
View File

@@ -7,7 +7,7 @@ description: >-
# Managed keys
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Within certain environments, customers want to leverage key management systems
external to Vault, when handling, storing, and interacting with

2
website/content/docs/enterprise/mfa/index.mdx
View File

@@ -8,7 +8,7 @@ description: >-
# Vault enterprise MFA support
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Vault Enterprise has support for Multi-factor Authentication (MFA), using
different authentication types. MFA is built on top of the Identity system of

2
website/content/docs/enterprise/mfa/mfa-duo.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise supports Duo MFA type.
# Duo MFA
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
This page demonstrates the Duo MFA on ACL'd paths of Vault.

2
website/content/docs/enterprise/mfa/mfa-okta.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise supports Okta MFA type.
# Okta MFA
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
This page demonstrates the Okta MFA on ACL'd paths of Vault.

2
website/content/docs/enterprise/mfa/mfa-pingid.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise supports PingID MFA type.
# PingID MFA
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
This page demonstrates PingID MFA on ACL'd paths of Vault.

2
website/content/docs/enterprise/mfa/mfa-totp.mdx
View File

@@ -6,7 +6,7 @@ description: Vault Enterprise supports TOTP MFA type.
# TOTP MFA
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
This page demonstrates the TOTP MFA on ACL'd paths of Vault.

2
website/content/docs/enterprise/performance-standby.mdx
View File

@@ -6,7 +6,7 @@ description: Performance Standby Nodes - Vault Enterprise
# Performance standby nodes
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Vault supports a multi-server mode for high availability. This mode protects
against outages by running multiple Vault servers. High availability mode

2
website/content/docs/enterprise/pkcs11-provider/aws-xks.mdx
View File

@@ -7,7 +7,7 @@ description: |-
# Vault with AWS KMS external key store (XKS) via PKCS#11 and XKS proxy
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
~> **Note**: AWS [`xks-proxy`](https://github.com/aws-samples/aws-kms-xks-proxy) is used in this document as a sample implementation.

2
website/content/docs/enterprise/pkcs11-provider/index.mdx
View File

@@ -9,7 +9,7 @@ description: |-
# PKCS#11 provider
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
-> **Note**: This feature is part of the [KMIP Secret Engine](/vault/docs/secrets/kmip), which requires [Vault Enterprise](https://www.hashicorp.com/products/vault/)
with the Advanced Data Protection Module.

2
website/content/docs/enterprise/pkcs11-provider/oracle-tde.mdx
View File

@@ -7,7 +7,7 @@ description: |-
# Oracle TDE
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
[Oracle Transparent Data Encryption](https://docs.oracle.com/en/database/oracle/oracle-database/19/asoag/introduction-to-transparent-data-encryption.html) (TDE)
is supported with the [Vault PKCS#11 provider](/vault/docs/enterprise/pkcs11-provider).

2
website/content/docs/enterprise/redundancy-zones.mdx
View File

@@ -7,7 +7,7 @@ description: |-
# Redundancy zones
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-only.mdx'
Vault Enterprise Redundancy Zones provide both read scaling and resiliency benefits by enabling
the deployment of non-voting nodes alongside voting nodes on a per availability zone basis.

4
website/content/docs/enterprise/replication.mdx
View File

@@ -9,6 +9,8 @@ description: >-
# Vault Enterprise replication
@include 'alerts/enterprise-and-hcp.mdx'
## Overview
Many organizations have infrastructure that spans multiple datacenters. Vault
@@ -83,7 +85,7 @@ secondaries to have a different configuration than their primary. Tokens and le
## Performance replication
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
In Performance Replication, secondaries keep track of their own tokens and leases
but share the underlying configuration, policies, and supporting secrets (K/V values,

2
website/content/docs/enterprise/sealwrap.mdx
View File

@@ -8,7 +8,7 @@ description: |-
# Seal wrap
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise features a mechanism to wrap values with an extra layer of
encryption for supporting [seals](/vault/docs/configuration/seal). This adds an

2
website/content/docs/enterprise/sentinel/examples.mdx
View File

@@ -6,7 +6,7 @@ description: An overview of how Sentinel interacts with Vault Enterprise.
# Examples
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Following are some examples that help to introduce concepts. If you are
unfamiliar with writing Sentinel policies in Vault, please read through to

2
website/content/docs/enterprise/sentinel/index.mdx
View File

@@ -6,7 +6,7 @@ description: An overview of how Sentinel interacts with Vault Enterprise.
# Vault Enterprise and Sentinel integration
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Vault Enterprise integrates HashiCorp Sentinel to provide a rich set of access
control functionality. Because Vault is a security-focused product trusted with

2
website/content/docs/enterprise/sentinel/properties.mdx
View File

@@ -6,7 +6,7 @@ description: An overview of how Sentinel interacts with Vault Enterprise.
# Properties
@include 'alerts/enterprise-and-hcp-plus.mdx'
@include 'alerts/enterprise-and-hcp.mdx'
Vault injects a rich set of data into the running Sentinel environment,
allowing for very fine-grained controls. The set of available properties are

7
website/content/partials/alerts/enterprise-and-hcp-plus.mdx
View File

@@ -1,7 +0,0 @@
<EnterpriseAlert product="vault">
<a href="https://www.hashicorp.com/products/vault/pricing">
Vault Enterprise
</a> license or <a href="/hcp/docs/vault/tiers-and-features#plus-tier">
HCP Vault Plus
</a> cluster required.
</EnterpriseAlert>

12
website/content/partials/alerts/enterprise-and-hcp-use.mdx Normal file
View File

@@ -0,0 +1,12 @@
<EnterpriseAlert product="vault">
Requires a <a href="https://www.hashicorp.com/products/vault/pricing">
Vault Enterprise
</a> license to <b>configure</b>.
<br /><br />
Requires a <a href="https://www.hashicorp.com/products/vault/pricing">
Vault Enterprise
</a> license or <a href="/hcp/docs/vault/tiers-and-features">
HCP Vault
</a> cluster to <b>use</b>.
</EnterpriseAlert>