VAULT-5095 Update docs to reflect that child namespaces do not inherit parent quotas (#15906)

* VAULT-5095 Update docs to reflect current behaviour * Update website/content/api-docs/system/lease-count-quotas.mdx Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> * Update website/content/api-docs/system/rate-limit-quotas.mdx Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com>
2025-11-02 03:27:54 +00:00 · 2022-06-10 11:53:01 -04:00
parent c97cfa8807
commit cc3de02e18
3 changed files with 6 additions and 6 deletions
--- a/website/content/api-docs/system/lease-count-quotas.mdx
+++ b/website/content/api-docs/system/lease-count-quotas.mdx
@@ -29,7 +29,8 @@ that can either be a namespace or mount.
  `userpass` in `namespace1`. Updating this field on an existing quota can have
  "moving" effects. For example, updating `auth/userpass` to
  `namespace1/auth/userpass` moves this quota from being a global mount quota to a
-  namespace specific mount quota.
+  namespace specific mount quota. Quotas on a non-root namespace are not inherited by child
+  namespaces.
 - `max_leases` `(int: 0)` - Maximum number of leases allowed by the quota rule.

 ### Sample Payload
--- a/website/content/api-docs/system/rate-limit-quotas.mdx
+++ b/website/content/api-docs/system/rate-limit-quotas.mdx
@@ -27,7 +27,8 @@ either be a namespace or mount.
  `userpass` in `namespace1`. Updating this field on an existing quota can have
  "moving" effects. For example, updating `auth/userpass` to
  `namespace1/auth/userpass` moves this quota from being a global mount quota to a
-  namespace specific mount quota. **Note, namespaces are supported in Enterprise only**.
+  namespace specific mount quota. Quotas on a non-root namespace are not inherited by child
+  namespaces. **Note, namespaces are supported in Enterprise only**.
 - `rate` `(float: 0.0)` - The maximum number of requests in a given interval to
  be allowed by the quota rule. The `rate` must be positive.
 - `interval` `(string: "")` - The duration to enforce rate limiting for (default `"1s"`).
--- a/website/content/docs/enterprise/lease-count-quotas.mdx
+++ b/website/content/docs/enterprise/lease-count-quotas.mdx
@@ -25,10 +25,8 @@ the lease counters will be shared, regardless of which node in the Vault cluster
 receives lease generation requests. Lease quotas can be imposed across Vault's API,
 or scoped down to API pertaining to specific namespaces or specific mounts.

-Lease count quotas defined in a namespace will be inherited by all the child
-namespaces. By extension, this means that a quota that is defined in the `root`
-namespace is inherited by all namespaces and mounts, essentially to the entire
-Vault API.
+A quota that is defined in the `root` namespace is inherited by all namespaces
+and mounts, essentially to the entire Vault API.

 Lease count quotas defined on a namespace will take precedence over the inherited
 quotas. Lease count quotas defined for a mount will take precedence over inherited