* wip
* Initial draft of Seal HA docs
* nav data
* Fix env var name
* title
* Note partially wrapped values and disabled seal participation
* Update website/data/docs-nav-data.json
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* correct initial upgrade limitation
* Add note about shamir seals and migration
* fix nav json
* snapshot note
* availability note
* seal-backend-status
* Add a couple more clarifying statements
* header typo
* correct initial upgrade wording
* Update website/content/docs/configuration/seal/seal-ha.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Update website/content/docs/concepts/seal.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Add api-docs for PKI CIEPS sign-intermediate
- This adds the CIEPS sign-intermediate api-docs and tweaks the existing CIEPS apis to mark the policy url argument as optional.
* Define CIEPS in the first use per section
* Support GET requests for aws-iam
This is required to support presigned requests from aws-sdk-go-v2
* Add GET method tests for aws-iam auth login path
* Update Website Documenation
* Validate GET action even if iam-server header is not set
* Combine URL checks
* Add const amzSignedHeaders to aws credential builtin
* Add test for multiple GET request actions
* Add Changelog Entry
---------
Co-authored-by: Max Coulombe <109547106+maxcoulombe@users.noreply.github.com>
* add description for vaultsharp
calling our features and cross platform capabilities along with Enterprise Vault support for enterprise vault users
* Update libraries.mdx for VaultSharp description
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Add metadata policy requirement for KV-V2 list.mdx
Customer requested change as our API docs page does not state the token policy must have access to metadata in the policy when listing KV-V2 secrets. I let them know it exists here: https://developer.hashicorp.com/vault/docs/secrets/kv/kv-v2#acl-rules, in the ACL section, but they wanted to have it added to the API docs as well.
* Update website/content/api-docs/secret/kv/kv-v2.mdx
---------
Co-authored-by: Violet Hynes <violet.hynes@hashicorp.com>
* Update cert.mdx
Adding the missing parameter `url` for CRL create endpoint.
* Update website/content/api-docs/auth/cert.mdx
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Update cert.mdx
Corrected the duplicate `crl` line.
---------
Co-authored-by: Steven Clark <steven.clark@hashicorp.com>
* Don't allow setting dead server last contact threshold to less than 1 minute
* add changelog
* document the minimum dead server last contact threshold
* Update libraries.mdx
Hello! We now maintain a dotnet client for Vault, updating the docs to include this info.
* Update libraries.mdx
Removed version flag from Install-Package.
Changed formatting slightly of ansible-vault to match as I think the hyphen + capital first letter looks nicer.
* Remove extra '('
---------
Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com>
* imprv: Add a parameter to allow ExtKeyUsage field usage from a role
* chore: Add the changelog entry
* imprv: Reword UI and changelog
* doc: Add allow_role_extkeyusage in parameter list
* imprv: Align variable names with existing fields/codebase
* Add unit test and tweak some labels
---------
Co-authored-by: Steve Clark <steven.clark@hashicorp.com>
* Refactor `identity/mfa/method/*` endpoints to fix bad OpenAPI
There is a problem with how the `identity/mfa/method/*` endpoints are
defined, resulting in incorrect OpenAPI generation.
I raised hashicorp/vault-client-go#180 to track a consequence, and
opened #20873 which explains the problem and adds a log message to
detect it.
This PR is now the fix.
It's actually quite an interesting problem, that has come about through
some particular implementation choices, in Vault's first/only case where
REST API objects are created by writing to the collection URL, and have
their ID allocated by the server, instead of the client.
The triggering cause of the malfunction was trying to have a single
framework.Path struct instance which optionally includes or excludes the
method_id path parameter, and also another framework.Path struct
instance handling list operations.
The fix is to simplify the path regexes, and have one framework.Path
which handles the method_id being present, and one that handles it being
absent.
The diff is somewhat large, because the affected code had been
copy/pasted four times (TOTP, Okta, Duo, PingID) - so I took the
opportunity to fix the duplication, creating appropriate helper methods
so that the quadruplicated code could be re-unified.
* Revise documentation
This update refactors how the documentation presents these endpoints to
users, both for clarity, and to align with the new structure of the
code.
From a user perspective, it clears up some unclear presentation of when
the `method_id` parameter should and should not be present, adds
a missing description of the response to create requests, and changes
the `method_id` parameter name to be used consistently (rather than `id`
in some cases, unlike the actual code/OpenAPI).
* Fix incorrect acronym (review fix)
* Accept suggestion of tweaked grammar in documentation
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
* Add changelog
---------
Co-authored-by: Anton Averchenkov <84287187+averche@users.noreply.github.com>
