Skip to content

Commit

Permalink
Merge 974bd0e into backport/zs.patch-permalink-issues/lively-integral…
Browse files Browse the repository at this point in the history
…-seagull
  • Loading branch information
hc-github-team-secure-vault-core authored Nov 22, 2024
2 parents 4f6b512 + 974bd0e commit 6ee53f5
Show file tree
Hide file tree
Showing 65 changed files with 76 additions and 466 deletions.
10 changes: 2 additions & 8 deletions website/content/partials/cli/agent/args/file_path.mdx
Original file line number Diff line number Diff line change
@@ -1,11 +1,5 @@
<a id="agent-arg-file_path" />

<a href="#agent-arg-file_path" style={{textDecorationLine:'none'}}>

**`file_path (string : "./agent.hcl")`**

</a>
- `file_path (string : "./agent.hcl")` ((#agent-arg-file_path))

The path where Vault should save the generated configuration file.

**Example**: `"./agent/custom-config.hcl"`
**Example**: `"./agent/custom-config.hcl"`
10 changes: 2 additions & 8 deletions website/content/partials/cli/agent/flags/config.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="agent-flag-config" />

<a href="#agent-flag-config" style={{textDecorationLine:'none'}}>

**`-config (string : <required>)`**

</a>
- `-config (string : <required>)` ((#agent-flag-config))


Path to a single
Expand All @@ -14,4 +8,4 @@ flag as needed to specify more than one discrete configuration file. If you
specify more than one configuration file, Agent composes the source files into
a single configuration file at runtime.

**Example**: `-config /path/to/file.hcl`
**Example**: `-config /path/to/file.hcl`
8 changes: 1 addition & 7 deletions website/content/partials/cli/agent/flags/exec.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="agent-flag-exec" />

<a href="#agent-flag-exec" style={{textDecorationLine:'none'}}>

**`-exec (string : "")`**

</a>
- `-exec (string : "")` ((#agent-flag-exec))

Path to the command for child processes with optional arguments. Relative paths
start from the current working directory when executed. Corresponds to
Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/agent/flags/exit-after-auth.mdx
Original file line number Diff line number Diff line change
@@ -1,12 +1,6 @@
<a id="agent-flag-exit-after-auth" />

<a href="#agent-flag-exit-after-auth" style={{textDecorationLine:'none'}}>

**`-exit-after-auth (bool : false)`**

</a>
- `-exit-after-auth (bool : false)` ((#agent-flag-exit-after-auth))

Exit with code `0` after a single successful auth. Success indicates successful
token retrieval and write to sink.

**Example**: `-exit-after-auth`
**Example**: `-exit-after-auth`
8 changes: 1 addition & 7 deletions website/content/partials/cli/agent/flags/path.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="agent-flag-path" />

<a href="#agent-flag-path" style={{textDecorationLine:'none'}}>

**`-path (string : "")`**

</a>
- `-path (string : "")` ((#agent-flag-path))

Path to one or more `kv` secrets store. Paths that end with a wildcard (`*`)
include all secrets under that path.
Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/agent/flags/type.mdx
Original file line number Diff line number Diff line change
@@ -1,15 +1,9 @@
<a id="agent-flag-type" />

<a href="#agent-flag-type" style={{textDecorationLine:'none'}}>

**`-type (enum : <required>)`**

</a>
- `-type (enum : <required>)` ((#agent-flag-type))

The configuration file entry to create.

Enum | Description
-------------- | -----------
`env-template` | Create environment variable templates from JSON keys in `kv` plugins

**Example**: `-type env-template`
**Example**: `-type env-template`
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/args/device_path.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-device_path" />

<a href="#audit-arg-device_path" style={{textDecorationLine:'none'}}>

**`device_path (string : <required>)`**

</a>
- `device_path (string : <required>)` ((#audit-arg-device_path))

The internal path where Vault accesses the audit device. Audit device paths are
unique across all audit devices.
Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/audit/args/device_type.mdx
Original file line number Diff line number Diff line change
@@ -1,15 +1,9 @@
<a id="audit-arg-device_type" />

<a href="#ANCHOR_ID" style={{textDecorationLine:'none'}}>

**`audit-arg-device_type (enum : <required>)`**

</a>
- `audit-arg-device_type (enum : <required>)` ((#audit-arg-device_type))

The audit device type to create.

Enum | Description
-------- | -----------
`file` | Write log entries to a file on the Vault server.
`socket` | Write log entries to an existing TCP, UDP, or UNIX socket.
`syslog` | Write log entries using the existing system logging protocol.
`syslog` | Write log entries using the existing system logging protocol.
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/args/file/file_path.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-file-file_path" />

<a href="#audit-arg-file-file_path" style={{textDecorationLine:'none'}}>

**`file_path (string : <required>)`**

</a>
- `file_path (string : <required>)` ((#audit-arg-file-file_path))

Location on the audit log on the Vault server. Must be one of the following:

Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/audit/args/file/mode.mdx
Original file line number Diff line number Diff line change
@@ -1,13 +1,7 @@
<a id="audit-arg-file-mode" />

<a href="#audit-arg-file-mode" style={{textDecorationLine:'none'}}>

**`mode (string : "0600")`**

</a>
- `mode (string : "0600")` ((#audit-arg-file-mode))

The `chmod`-style octal permissions for the audit file. Set `mode` to "0000" to
prevent Vault from modifying the file mode.
prevent Vault from modifying the file mode.

**Example**: `mode="0755"`

8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/args/socket/address.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-socket-address" />

<a href="#audit-arg-socket-address" style={{textDecorationLine:'none'}}>

**`address (string : "")`**

</a>
- `address (string : "")` ((#audit-arg-socket-address))

Location of the socket as a server IP and port or a local path.

Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-socket-socket_type" />

<a href="#audit-arg-socket-socket_type" style={{textDecorationLine:'none'}}>

**`socket_type (string : "tcp")`**

</a>
- `socket_type (string : "tcp")` ((#audit-arg-socket-socket_type))

Communication protocol expected by the socket. Vault can write to any
[net.Dialer](https://pkg.go.dev/net#Dialer)-compatible socket. If a TCP socket
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-socket-write_timeout" />

<a href="#audit-arg-socket-write_timeout" style={{textDecorationLine:'none'}}>

**`write_timeout (string : "2s")`**

</a>
- `write_timeout (string : "2s")` ((#audit-arg-socket-write_timeout))

Duration in seconds that Vault will wait for a write to complete over the
socket. Setting `write_timeout` to `0` disables time outs and forces Vault to
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/args/syslog/facility.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-syslog-facility" />

<a href="#audit-arg-syslog-facility" style={{textDecorationLine:'none'}}>

**`facility (string : "AUTH")`**

</a>
- `facility (string : "AUTH")` ((#audit-arg-syslog-facility))

The process that generated the syslog entry (the syslog facility).

Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/args/syslog/tag.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-arg-syslog-tag" />

<a href="#audit-arg-syslog-tag" style={{textDecorationLine:'none'}}>

**`tag (string : "vault")`**

</a>
- `tag (string : "vault")` ((#audit-arg-syslog-tag))

The program that generated the syslog entry.

Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/flags/description.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-flag-description" />

<a href="#audit-flag-description" style={{textDecorationLine:'none'}}>

**`-description (string : "")`**

</a>
- `-description (string : "")` ((#audit-flag-description))

A human-friendly string that explains the purpose of the audit device.

Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/audit/flags/detailed.mdx
Original file line number Diff line number Diff line change
@@ -1,12 +1,6 @@
<a id="audit-flag-detailed" />

<a href="#audit-flag-detailed" style={{textDecorationLine:'none'}}>

**`-detailed (bool : false)`**

</a>
- `-detailed (bool : false)` ((#audit-flag-detailed))

Print detailed information such as options and replication status about each
audit device.

**Example**: `-detailed`
**Example**: `-detailed`
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/flags/local.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-flag-local" />

<a href="#audit-flag-local" style={{textDecorationLine:'none'}}>

**`-local (bool : false)`**

</a>
- `-local (bool : false)` ((#audit-flag-local))

Indicates that the audit device is local to the Vault server and ignored by
replication.
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/flags/path.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-flag-path" />

<a href="#audit-flag-path" style={{textDecorationLine:'none'}}>

**`-path (string : "/<device_type>")`**

</a>
- `-path (string : "/<device_type>")` ((#audit-flag-path))

The internal path where Vault will access the audit device. Audit device paths
must be unique across all audit devices.
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-elide_list_responses" />

<a href="#audit-option-elide_list_responses" style={{textDecorationLine:'none'}}>

**`elide_list_responses (bool : false)`**

</a>
- `elide_list_responses (bool : false)` ((#audit-option-elide_list_responses))

Replace the details for `response.data.keys` and `response.data.key_info` with
the number of entries to reduce the size of audit records. See
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/exclude.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-exclude" />

<a href="#audit-option-exclude" style={{textDecorationLine:'none'}}>

**`exclude (string : "")`**

</a><EnterpriseAlert inline="true" />
- `exclude (string : "")` ((#audit-option-exclude)) <EnterpriseAlert inline="true" />


Remove any fields matching the provided
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/fallback.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-fallback" />

<a href="#audit-option-fallback" style={{textDecorationLine:'none'}}>

**`fallback (bool : false)`** <EnterpriseAlert inline="true" />

</a>
- `fallback (bool : false)` ((#audit-option-fallback)) <EnterpriseAlert inline="true" />

The audit device is the fallback for filtering purposes.
**Vault only supports one fallback audit device at a time**.
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/filter.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-filter" />

<a href="#audit-option-filter" style={{textDecorationLine:'none'}}>

**`filter (string : "")`** <EnterpriseAlert inline="true" />

</a>
- `filter (string : "")` ((#audit-option-filter)) <EnterpriseAlert inline="true" />

Only write audit log entries matching the provided
[filtering expression](/vault/docs/enterprise/audit/filtering) to the audit
Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/format.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-format" />

<a href="#audit-option-format" style={{textDecorationLine:'none'}}>

**`format (enum : json)`**

</a>
- `format (enum : json)` ((#audit-option-format))

Write audit log entries in the provided format.

Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/hmac_accessor.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-hmac_accessor" />

<a href="#audit-option-hmac_accessor" style={{textDecorationLine:'none'}}>

**`hmac_accessor (bool : true)`**

</a>
- `hmac_accessor (bool : true)` ((#audit-option-hmac_accessor))

Hash all token accessor data before writing to the audit device.

Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/log_raw.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-log_raw" />

<a href="#audit-option-log_raw" style={{textDecorationLine:'none'}}>

**`log_raw (bool : false)`**

</a>
- `log_raw (bool : false)` ((#audit-option-log_raw))

Hash all sensitive security information before writing to the audit device.

Expand Down
8 changes: 1 addition & 7 deletions website/content/partials/cli/audit/options/prefix.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="audit-option-prefix" />

<a href="#audit-option-prefix" style={{textDecorationLine:'none'}}>

**`prefix (string : "")`**

</a>
- `prefix (string : "")` ((#audit-option-prefix))

Prepend the provided string to each log entry when writing to the audit device.

Expand Down
10 changes: 2 additions & 8 deletions website/content/partials/cli/shared/flags/log-file.mdx
Original file line number Diff line number Diff line change
@@ -1,10 +1,4 @@
<a id="shared-flag-log-file" />

<a href="#shared-flag-log-file" style={{textDecorationLine:'none'}}>

**`-log-file (string : "./<service>.log")`**

</a>
- `-log-file (string : "./<service>.log")` ((#shared-flag-log-file))

Absolute path where Vault Agent saves logging data.

Expand All @@ -13,4 +7,4 @@ Absolute path where Vault Agent saves logging data.
- Paths ending with a name but not an extension use the `.log` extension.
- Paths ending with a name and extension use the provided file name.

**Example**: `-log-file "/var/log/vault-logs/"`
**Example**: `-log-file "/var/log/vault-logs/"`
10 changes: 2 additions & 8 deletions website/content/partials/cli/shared/flags/log-rotate-bytes.mdx
Original file line number Diff line number Diff line change
@@ -1,12 +1,6 @@
<a id="shared-flag-log-rotate-bytes" />

<a href="#shared-flag-log-rotate-bytes" style={{textDecorationLine:'none'}}>

**`-log-rotate-bytes (int : <unset>)`**

</a>
- `-log-rotate-bytes (int : <unset>)` ((#shared-flag-log-rotate-bytes))

File size, in bytes, after which log files must rotate. Leave `log-rotate-bytes`
unset if you prefer not to limit log file size.

**Example**: `-log-rotate-bytes 1000000`
**Example**: `-log-rotate-bytes 1000000`
Loading

0 comments on commit 6ee53f5

Please sign in to comment.