Commit Graph

60 Commits (3f894604bbbedb97d81667d85110d43095cf2a77)

Author SHA1 Message Date
Daniel Nephin 8ba760a2fc acl: remove id and revision from Policy constructors
3 years ago
Daniel Nephin 65d48e5042 state: remove support for updating legacy ACL tokens
3 years ago
Daniel Nephin c77e5747b1 acl: remove EmbeddedPolicy
3 years ago
Daniel Nephin 3ac910606c acl: remove reading of serf acl tags
3 years ago
Daniel Nephin 8e9773e20b acl: remove ACL.GetPolicy endpoint and resolve legacy acls
3 years ago
Daniel Nephin 6e1ebd3df7 acl: remove the last of the legacy FSM
3 years ago
Daniel Nephin 05f0cc3993 acl: remove ACLDelete FSM command, and state store function
3 years ago
Daniel Nephin 966e50e00e acl: remove legacy field to ACLBoostrap
3 years ago
Daniel Nephin e7c63004a8 acl: remove a couple legacy ACL operation constants
3 years ago
Daniel Nephin 868bfc7a0a acl: Remove unused ACLPolicyIDType
3 years ago
Daniel Nephin aee8a9511d
Merge pull request #10985 from hashicorp/dnephin/acl-legacy-remove-replication
3 years ago
Freddy fcef19f94b
acl: small resolver changes to account for partitions (#11052)
3 years ago
Daniel Nephin d63cef1219 acl: remove legacy ACL replication
3 years ago
R.B. Boyer ee372a854a acl: adding a new mesh resource
3 years ago
R.B. Boyer a6d22efb49
acl: some acl authz refactors for nodes (#10909)
3 years ago
Daniel Nephin d3325b0253
Merge pull request #10612 from bigmikes/acl-replication-fix
3 years ago
R.B. Boyer 188e8dc51f
agent/structs: add a bunch more EnterpriseMeta helper functions to help with partitioning (#10669)
3 years ago
Evan Culver 0527dcff57
acls: Show `AuthMethodNamespace` when reading/listing ACL token meta (#10598)
3 years ago
Giulio Micheloni 814ef6b103 acl: fix error type into a string type for serialization issue
3 years ago
Giulio Micheloni 529fe737ef acl: acl replication routine to report the last error message
3 years ago
Evan Culver 13bd86527b
Add support for returning ACL secret IDs for accessors with acl:write (#10546)
3 years ago
Matt Keeler bbf5993534
Move static token resolution into the ACLResolver (#10013)
4 years ago
Mark Anderson b9d22f48cd
Add fields to the /acl/auth-methods endpoint. (#9741)
4 years ago
R.B. Boyer d921690bfe
acl: global tokens created by auth methods now correctly replicate to secondary datacenters (#9351)
4 years ago
Kyle Havlovitz 0bfda4481f Add CA server delegate interface for testing
4 years ago
Matt Keeler d3881dd754
ACL Node Identities (#7970)
5 years ago
Hans Hasselberg 242994a016
acl: do not resolve local tokens from remote dcs (#8068)
5 years ago
R.B. Boyer 833211c14c
acl: allow auth methods created in the primary datacenter to optionally create global tokens (#7899)
5 years ago
R.B. Boyer a854e4d9c5
acl: oss plumbing to support auth method namespace rules in enterprise (#7794)
5 years ago
R.B. Boyer 22eb016153
acl: add MaxTokenTTL field to auth methods (#7779)
5 years ago
R.B. Boyer ca52ba7068
acl: add DisplayName field to auth methods (#7769)
5 years ago
Alejandro Baez bafa69bb69
Add PolicyReadByName for API (#6615)
5 years ago
R.B. Boyer 85a08bf8ed
server: strip local ACL tokens from RPCs during forwarding if crossing datacenters (#7419)
5 years ago
Matt Keeler e231d62bc9
Make the config entry and leaf cert cache types ns aware (#7256)
5 years ago
R.B. Boyer 8c596953b0
agent: ensure that we always use the same settings for msgpack (#7245)
5 years ago
Matt Keeler 663cf1e9a8
AuthMethod updates to support alternate namespace logins (#7029)
5 years ago
Matt Keeler 80d13d500b
Miscellaneous acl package cleanup
5 years ago
Matt Keeler 0b346616e9
Rename EnterpriseAuthorizerContext -> AuthorizerContext
5 years ago
Matt Keeler 8f0ab0129e
Miscellaneous Fixes (#6896)
5 years ago
Matt Keeler a704ebe639
Add Namespace support to the API module and the CLI commands (#6874)
5 years ago
Matt Keeler deb91f3d3c
[Feature] API: Add a internal endpoint to query for ACL authori… (#6888)
5 years ago
Sarah Adams 78ad8203a4
Use encoding/json as JSON decoder instead of mapstructure (#6680)
5 years ago
Matt Keeler 79f78632e1
Update the ACL Resolver to allow for Consul Enterprise specific hooks. (#6687)
5 years ago
Matt Keeler e4ea9b0a96
Updates to allow for Namespacing ACL resources in Consul Enterp… (#6675)
5 years ago
Matt Keeler 973341a592
ACL Authorizer overhaul (#6620)
5 years ago
R.B. Boyer 20eefeea11
acl: a role binding rule for a role that does not exist should be ignored (#5778)
6 years ago
R.B. Boyer b4371bcccd
acl: enforce that you cannot persist tokens and roles with missing links except during replication (#5779)
6 years ago
Matt Keeler 4daa1585b0
ACL Token ID Initialization (#5307)
6 years ago
R.B. Boyer e47d7eeddb acl: adding support for kubernetes auth provider login (#5600)
6 years ago
R.B. Boyer cc1aa3f973 acl: adding Roles to Tokens (#5514)
6 years ago