Sean Chittenden
92298e3d02
Speling police
2016-05-15 09:13:52 -07:00
James Phillips
6711662676
Adds a note about template query ACLs.
2016-03-17 08:21:58 -07:00
James Phillips
01ae1e7dfe
Merge pull request #1820 from hashicorp/f-port-docs
...
Adds a reference to the network ports from the security guide.
2016-03-09 21:22:41 -08:00
James Phillips
c1de5b7a13
Adds a reference to the network ports from the security page.
2016-03-09 21:21:49 -08:00
James Phillips
dca480e284
Cleans up the documents.
2016-02-24 18:05:58 -08:00
James Phillips
483898abe5
Renames "prepared_query" ACL policy to "query".
2016-02-24 17:02:06 -08:00
James Phillips
880cd21667
Refactors docs into a more complete state for prepared query ACLs.
2016-02-23 22:27:44 -08:00
James Phillips
67de77482e
Creates new "prepared-query" ACL type and new token capture behavior.
...
Prior to this change, prepared queries had the following behavior for
ACLs, which will need to change to support templates:
1. A management token, or a token with read access to the service being
queried needed to be provided in order to create a prepared query.
2. The token used to create the prepared query was stored with the query
in the state store and used to execute the query.
3. A management token, or the token used to create the query needed to be
supplied to perform and CRUD operations on an existing prepared query.
This was pretty subtle and complicated behavior, and won't work for
templates since the service name is computed at execution time. To solve
this, we introduce a new "prepared-query" ACL type, where the prefix
applies to the query name for static prepared query types and to the
prefix for template prepared query types.
With this change, the new behavior is:
1. A management token, or a token with "prepared-query" write access to
the query name or (soon) the given template prefix is required to do
any CRUD operations on a prepared query, or to list prepared queries
(the list is filtered by this ACL).
2. You will no longer need a management token to list prepared queries,
but you will only be able to see prepared queries that you have access
to (you get an empty list instead of permission denied).
3. When listing or getting a query, because it was easy to capture
management tokens given the past behavior, this will always blank out
the "Token" field (replacing the contents as <hidden>) for all tokens
unless a management token is supplied. Going forward, we should
discourage people from binding tokens for execution unless strictly
necessary.
4. No token will be captured by default when a prepared query is created.
If the user wishes to supply an execution token then can pass it in via
the "Token" field in the prepared query definition. Otherwise, this
field will default to empty.
5. At execution time, we will use the captured token if it exists with the
prepared query definition, otherwise we will use the token that's passed
in with the request, just like we do for other RPCs (or you can use the
agent's configured token for DNS).
6. Prepared queries with no name (accessible only by ID) will not require
ACLs to create or modify (execution time will depend on the service ACL
configuration). Our argument here is that these are designed to be
ephemeral and the IDs are as good as an ACL. Management tokens will be
able to list all of these.
These changes enable templates, but also enable delegation of authority to
manage the prepared query namespace.
2016-02-23 17:12:43 -08:00
csawyerYumaed
5026a40ec1
Update documentation - add Network Ports.
...
Update security.html.markdown add section on Network Port usage.
TODO: add Atlas port usage.
2016-02-23 11:27:15 -08:00
Seth Vargo
cae0ff354a
Use HTTPS + www. where appropriate
2016-01-13 17:44:01 -05:00
James Phillips
800e946bf1
Adds and updates docs for prepared queries.
2015-11-15 17:06:00 -08:00
James Phillips
86f56ee4a1
Adds a note about the new acquire behavior into the sessions internals guide.
2015-11-14 10:28:14 -08:00
James Phillips
cf1b9fe074
Fixes a typo.
2015-10-30 23:50:11 -07:00
James Phillips
cef9402ab9
Updates docs for network coordinates.
2015-10-23 15:23:01 -07:00
James Phillips
2f9ebdb135
Merge pull request #1187 from sfncook/enable_tag_drift_03
...
Enable tag drift 03
2015-09-11 15:35:32 -07:00
Shawn Cook
1f330add02
Doc changes in response to review.
2015-09-11 15:26:30 -07:00
Shawn Cook
598526eba2
Docs - add verbage to anti-entropy page.
2015-09-11 14:27:54 -07:00
Anthony Scalisi
10e028d599
remove various typos
2015-09-11 12:29:54 -07:00
Jack Pearkes
25f0f3cb37
website: fix broken link on acl page
2015-07-31 12:14:28 -07:00
Ryan Uber
38175f450b
website: docs for keyring ACLs
2015-07-07 11:45:49 -06:00
Ryan Uber
84a47947d7
website: fix event acl policy docs
2015-06-19 12:18:09 -07:00
Ryan Uber
1e5a2a8960
website: add docs for user event acls
2015-06-18 18:13:29 -07:00
Ryan Uber
0381e1a253
website: fix mention of read-only policy for service acls
2015-06-18 18:13:01 -07:00
Ryan Uber
9285ec1891
website: add note about anonymous token and discovery ACLs
2015-06-11 17:39:01 -07:00
Ryan Uber
96746fb1c1
website: document service discovery ACLs
2015-06-11 14:45:52 -07:00
Armon Dadgar
9707383021
website: Update ACL description to longest-prefix
2015-05-06 12:04:40 -07:00
Ryan Uber
8d2834fb12
website: document service and check acl options
2015-04-28 14:28:06 -07:00
Ryan Breen
0696a45b43
Website: cleanup for docs/internals/sessions.html.
2015-04-15 14:47:15 -04:00
Ryan Breen
26f03ea30d
Website: cleanup for docs/internals/security.html.
2015-04-13 18:17:29 -04:00
Ryan Breen
8a50c28fc1
Website: minor tweaks for docs/internals/jepsen.html.
2015-04-12 22:44:57 -04:00
Ryan Breen
dd15b47bdf
Website: fix caps issue in docs/internals/consensus.html.
2015-04-11 18:32:15 -04:00
Ryan Breen
218b432446
Website: minor additional tweaks for docs/internals/consensus.html.
2015-04-11 11:41:55 -04:00
Ryan Breen
2b9bb18921
Website: cleanup for docs/internals/consensus.html, including removing LMDB references in favor of BoltDB per GH-857.
2015-04-10 23:06:28 -04:00
Ryan Breen
5e6a4d4f7d
Website: tweaks to docs/internals/architecture.html.
2015-03-30 18:07:58 -04:00
Ryan Breen
efb374e080
Website: very minor tweaks to docs/internals/anti-entropy.html.
2015-03-29 10:53:49 -04:00
Ryan Breen
d90a466f45
Website: more cleanup for docs/internals/acl.html.
2015-03-28 11:54:16 -04:00
Ryan Breen
ba3071c147
Website: GH-781 and cleanup for docs/internals/acl.html.
2015-03-28 11:26:26 -04:00
Ryan Breen
709de1a43b
Website: GH-730 for docs/internals/acl.html.
2015-03-22 11:44:16 -04:00
Ryan Breen
dc764fee91
Website: cleanup for docs/internals/index.html.
2015-03-21 21:52:26 -04:00
Ryan Uber
86a0417fd7
website: fix typo in anti-entropy docs
2015-03-03 16:35:27 -08:00
Ryan Uber
883f19ea08
Merge pull request #751 from hashicorp/f-ae-doc
...
Document anti-entropy internals
2015-03-03 16:34:00 -08:00
Ryan Uber
c459c22327
website: adjustments to anti-entropy docs
2015-03-03 16:32:17 -08:00
Ryan Uber
87bdbdbb98
website: first pass at anti-entropy docs
2015-03-03 14:13:59 -08:00
Ryan Breen
30b7cf7f1f
Website: GH-747 change acl_master token to acl_master_token
2015-03-03 11:46:57 -05:00
Ryan Breen
caf1783366
Website: GH-747 Add docs on acl_master_token installation.
2015-03-03 11:33:49 -05:00
Ryan Breen
aa9a22df9a
Website: rework docs/guides/outage.html to cover cases where recovery might be easier than manual removal of failed nodes from peers.json.
2015-03-01 18:21:33 -05:00
Emil Hessman
880e21837c
website: omit excessive use of the word lastly
...
Simplify wording by removing various uses of the word lastly.
2015-01-09 06:37:26 +01:00
Armon Dadgar
f1bbda3761
website: Document session behavior and TTL
2015-01-07 15:38:16 -08:00
Emil Hessman
bf0e284756
website: fix typo, casing and links
...
Fix typo in Leader Election guide: s/blog/blob/
Also fix various casing issues and prefer HTTPS links
for HashiCorp projects.
2015-01-04 12:58:58 +01:00
Armon Dadgar
cafba93869
consul: Enforce service registration ACLs
2014-11-30 21:05:15 -07:00
Armon Dadgar
4c410cf1f9
website: Update ACL docs
2014-11-30 20:12:44 -07:00
Dan Frost
84ac7fee60
docs: internals/security: minor fixes
2014-11-26 13:05:33 +00:00
Dan Frost
738ade9df8
docs: internals/acl: minor fixes
2014-11-26 12:57:15 +00:00
Dan Frost
169222eb5b
docs: internals/sessions: minor fixes
2014-11-26 12:49:53 +00:00
Dan Frost
e524686d6f
docs: internals/architecture: minor fixes
2014-11-26 12:31:38 +00:00
Laurent Raufaste
6e69b3e40d
Another typo
2014-11-13 17:44:20 -05:00
Laurent Raufaste
7f73e03b0b
extra '
2014-11-13 17:43:25 -05:00
Laurent Raufaste
29aaffdc37
Doc explaining the blacklist mode and consul exec
2014-11-13 17:42:39 -05:00
Danny Berger
3da9291ae1
Fix some typos in website docs
2014-11-04 21:33:42 -07:00
Seth Vargo
d1a0adf6ca
Do not index "Jespen" code block
...
The word "Jespen" is one of our top keywords because it appears so many times
in the Jespen Testing page. This commit adds a comment to disable Google
indexing in that code block so we can better target keywords.
2014-10-26 22:34:14 -04:00
Laurent Raufaste
cba968ad4d
Small typo in the doc
2014-10-23 14:32:11 -04:00
Seth Vargo
869b194127
Use new Markdown syntaxes and add SEO descriptions
2014-10-19 19:42:13 -04:00
Ryan Uber
7e598d8545
website: re-word a few things
2014-10-13 22:59:35 -07:00
Seth Vargo
0771499761
Pre-process sessions docs as ERB for image tags
2014-10-06 19:12:25 -04:00
Seth Vargo
7903a55dd1
Pre-process architecture docs as ERB for image tags
2014-10-06 19:12:17 -04:00
Christian Berg
28fc0fd912
Fix typo
...
Should be whitelist, not whilelist.
2014-09-23 15:24:19 +02:00
Joseph Anthony Pasquale Holsten
d4ca2b0d7c
add link to raft visualization
2014-08-30 23:43:45 +00:00
Armon Dadgar
7cd10c807f
website: rewording
2014-08-18 15:46:59 -07:00
Armon Dadgar
781ff2048d
website: ACL internals
2014-08-18 15:46:59 -07:00
Armon Dadgar
3fc7b208a5
website: Adding guide on leader election
2014-05-20 16:25:30 -07:00
Armon Dadgar
f91b1c3bf4
website: Starting to document sessions
2014-05-20 16:25:30 -07:00
Shayan Pooya
c3ac3f8434
website: fix a couple of typos.
2014-05-03 19:16:55 -04:00
Jack Pearkes
0976a45df7
website: remove some serf stuff, old js files
2014-05-02 14:13:48 -04:00
Armon Dadgar
23dd1a023c
website: Cleanup verbage
2014-04-21 13:50:18 -07:00
Armon Dadgar
832cc90c6b
website: Document the consistency modes
2014-04-21 13:46:57 -07:00
Martin Ringehahn
2a829284ed
fix typo
2014-04-17 21:35:59 -04:00
Caleb Spare
1a6e85320a
Copy fixes: typos, misspellings, grammar, wording
2014-04-17 14:45:53 -07:00
Armon Dadgar
416219f2ff
website: Grammar cleanup
2014-04-16 17:29:37 -07:00
Armon Dadgar
87a7bad335
website: Add note about jepsen testing
2014-04-16 17:03:48 -07:00
Armon Dadgar
cb30951612
website: Adding page on Jepsen testing
2014-04-16 17:03:48 -07:00
Jacques Fuentes
ccddd16821
Round 2: Fix typos, grammar errors, and misspellings
2014-04-16 00:01:12 -04:00
Armon Dadgar
e4b50e2420
website: Multiple warnings about single server deployment
2014-04-11 12:43:06 -07:00
Armon Dadgar
304cb516e1
website: Documentation cleanup
2014-04-09 11:06:27 -07:00
Jacques Fuentes
fa1e176e19
Add raft link and fix some typos
2014-03-28 23:33:50 -04:00
Armon Dadgar
b3087aceb2
website: documenting the internals
2014-02-20 12:26:50 -08:00
Armon Dadgar
bcc533cada
website: fixing typo
2014-02-19 17:05:57 -08:00
Armon Dadgar
262c039425
website: document the high level architecture
2014-02-19 16:58:15 -08:00
Armon Dadgar
1d10b9d6ba
website: bulk copy from serf
2014-02-07 16:41:03 -08:00