boundary

Commit Graph

Author	SHA1	Message	Date
Irena Rindos	e588623ebd	docs(vault): add Vault worker filter documentation (#2404 ) * docs(vault): add Vault worker filter documentation	4 years ago
Jeff Mitchell	53b5e532d5	Remove deprecated methods/fields on targets (#2393 )	4 years ago
Yoko Hyakuna	fa619b0910	Address reported bugs (#2449 )	4 years ago
Jeff Mitchell	01fb949d0b	Add controller-led worker auth flow (#2413 ) This adds an action to the API that allows pulling out an activation token that can be given to a worker in its config (directly or via env or file). The worker can pass this along with its normal request in place of its normal nonce and the server will automatically accept it. Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com>	4 years ago
Jeff Mitchell	30ede3b137	Fix various website issues (#2344 ) I found some invalid links and some missing KMS information; this fixes those.	4 years ago
Loann Le	3fb09dd247	Boundary documentation: updated domain model page (#2259 ) * updated domain model * updated image ext * resized images * updated content * updated images * resizing images * fixed one image * modified text * removed image	4 years ago
Loann Le	24cf580045	Boundary documentation: modified Boundary's overview page (#2264 ) * modified overview page * updated text and image * fixed spelling errors * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com> * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * cleaned up content * Update website/content/docs/what-is-boundary.mdx Co-authored-by: XingLu Wang <95828202+xingluw@users.noreply.github.com> * incorporate feedback * updated image * updated background color * modified font * Update website/content/docs/what-is-boundary.mdx Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com> Co-authored-by: Yoko Hyakuna <yoko@hashicorp.com> Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> Co-authored-by: XingLu Wang <95828202+xingluw@users.noreply.github.com>	4 years ago
Louis Ruch	5c80942453	docs(credentials): Update website domain docs (#2287 )	4 years ago
Loann Le	d5633952db	Boundary documentation: content cleanup in prep for devdot migration (#2249 ) * cleaning up docs * Update website/content/docs/concepts/domain-model/groups.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/concepts/domain-model/managed-groups.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/concepts/domain-model/roles.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/concepts/domain-model/scopes.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/concepts/domain-model/sessions.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/configuration/worker/pki-worker.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> * Update website/content/docs/getting-started/deploy-and-login.mdx Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com>	4 years ago
Jeff Malnick	1f66685864	feat: set default connection limit to unlimited (-1) instead of 1 (#2234 ) This avoids the confusion behavior of a session terminating as soon as a single connection using that session is closed.	4 years ago
Jeff Mitchell	79440c5d82	Add worker resource to perms table (#2241 )	4 years ago
Robin Beck	0ff4be119e	updates learn links (#2230 )	4 years ago
Robin Beck	c05fa66096	Hashiconf docs changes (#2178 ) Co-authored-by: Robin Beck <stellarsquall@users.noreply.github.com> Co-authored-by: XingLu Wang <95828202+xingluw@users.noreply.github.com> Co-authored-by: Loann Le <84412881+taoism4504@users.noreply.github.com> Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com> Co-authored-by: irenarindos <irena.rindos@gmail.com> Co-authored-by: Irena Rindos <irenarindos@users.noreply.github.com> Co-authored-by: Louis Ruch <louisruch@gmail.com> Co-authored-by: XingLu Wang <xinglu.wang@hashicorp.com> Co-authored-by: XingLu Wang <95828202+xingluw@users.noreply.github.com>	4 years ago
Jeff Mitchell	7c139d28b2	Have hclog payloads use `json` tags (#2171 ) * Have hclog payloads use `json` tags Previously a global setting for the `structs` lib was causing the `json` tag to be used, but this could have side effects from other packages, or could be affected by other packages' behavior. This behavior was removed earlier but it means this format call no longer uses `json` tags; this behavior reverts it. It also normalizes using mapstructure in a few other places. * Update some tests * Fix incorrect op const * Fix more tests * refactor (events): tell filter to use json tags (fix related tests) Explicitly tell the filter to use the "json" tags so we don't have to re-tag everything with a mapstructure tag via bexpr.WithTagName("json") Update docs Co-authored-by: Jim <jlambert@hashicorp.com>	4 years ago
Jeff Mitchell	d6362f9e5e	Restrict anonymous user capabilities (#2156 )	4 years ago
PPacent	ce7292d9c8	Docs: Adding service discovery concept page (#1886 ) * Adding service discovery concept page	4 years ago
irenarindos	32dd594029	docs(connections): Update domain model for session connections	4 years ago
Irena Rindos	bc6689fb16	docs(permissions): break permissions into sections (#1893 ) * docs(permissions): break permissions into sections * fixup! docs(permissions): break permissions into sections	4 years ago
Irena Rindos	718e746480	docs(targets): remove default port option (#1883 )	4 years ago
Hugo Vieira	1576af70cc	feat(config): Add env and file support to Worker Tags This feature allows the user to set the `tags` field to a string that points to either an environment variable or file. We then dynamically pull out the value and parse it into the config. This can also be done at the keys level, where you set your keys directly in Boundary's config file, but point the values to env/file.	4 years ago
Todd	1c36b1e4d7	Add plugin details to host catalog, host set, and host domain model pages (#1715 ) * Add plugin information to host catalogs, host sets, and hosts.	4 years ago
Jeff Mitchell	7174a91f32	Update data-encryption documentation to clarify what is encrypted (#1722 )	4 years ago
Jeff Mitchell	1782f6a4e4	Enhance worker connection security (#1641 ) This stores worker connection nonces within the database to ensure uniqueness of connections. Prior the connection required any attacker to be able to decrypt the incoming encrypted authentication message in order to replay (and if the attacker has access to the KMS you have bigger problems), but with this change even if an attacker does have access to the KMS key, they cannot reuse the same message. (If they're able to encrypt against the KMS key, they can still act as a worker with a new message, so this only really helps if they only have decryption capabilities.)	5 years ago
Jim	b3d8b50307	Sink documentation (#1449 )	5 years ago
Todd Knight	39cc245966	Make gen after make tools. Includes make fmt of existing non generated files. (#1438 )	5 years ago
Michael Gaffney	28f48df026	Add documentation for credentials to website (#1356 )	5 years ago
Robin Beck	e69ca4f0cb	fixed roles and accounts link references (#1323 )	5 years ago
Carlos Alcaide Corvo	aea1da77b6	Bump @types/node to latest release of v15 (#1296 ) * Bump @types/node to latest release of v14 * Bump major version to v15	5 years ago
Jeff Mitchell	f50ed866ef	Add resource/filtering docs for OIDC managed groups (#1297 )	5 years ago
Jim Lambert	aa41676dc9	make gen changes prior to staging release	5 years ago
Jeff Mitchell	179a49657e	Managed Groups service (#1262 )	5 years ago
Jeff Mitchell	22d5c88a0b	Add Output Fields support (#1192 )	5 years ago
Jeff Mitchell	727d1c7085	Add "no-op" action and use it as default for scope permissions (#1138 ) Because of listing visibility, if no actions are assigned to a user for an individual resource, it's excluded from the list. This is fine and good. However, when we made a change in 0.2.0 to restrict the information returned from listing for the anonymous user for scopes and auth methods, it exposed the fact that because of the way this visibility works we had to add `read` to scopes by default -- thereby rather defeating the purpose of restricting what goes back to `u_anon` requests. The purpose of "no-op" is to never be used for real actions within the API, but as something that can be granted to specifically enable visibility for the targeted user. This makes the controls over list visibility much more granular.	5 years ago
Jeff Mitchell	344880dafc	Fix indentation in tags example	5 years ago
Jim	24dd92f3f9	update fmt formatting. (#1113 )	5 years ago
Jeff Mitchell	941e74388a	Fix curl string building (#1106 ) I'm not sure why it was doing it the other way with assuming the string being built would always have a space at the end, but, this way is easier to understand and fixes a bug where there wasn't a space being left between some fields.	5 years ago
Todd Knight	14c222709c	Make oidc auth callback redirect on most errors (#1105 )	5 years ago
Jeff Mitchell	90b30bad25	Use 202 for token polling endpoint instead of 204 (#1103 )	5 years ago
Jim	dd0f34bc35	Add new OIDC auth method. (#1090 ) Co-authored-by: Todd Knight <T.Alan.Knight@gmail.com> Co-authored-by: Jeff Mitchell <jeffrey.mitchell@gmail.com> Co-authored-by: Michael Gaffney <mgaffney@users.noreply.github.com>	5 years ago
John Reese	c096157cf9	Fix spelling errors found in the documentation (#1073 )	5 years ago
Bryce Kalow	bd8cc5464e	feat(website): migrates nav data format and updates docs pages (#1049 ) * migrates nav data format and updates docs pages * removes sidebar_title from content files * updates api docs to work with new format	5 years ago
Jeff Mitchell	6605b4c9f8	Revamp authenticate (#1025 )	5 years ago
Jeff Mitchell	888e0c88a9	Slight website wordsmithing	5 years ago
Jeff Mitchell	519efa6dd1	Add -filter to CLI listing and website docs (#967 ) * Add -filter to CLI listing. This doesn't include docs/Changelog yet, that will come shortly. * Add changelog * Add website docs and fix a curl output bug	5 years ago
Jeff Mitchell	341e7aff0d	CLI Generation (#953 )	5 years ago
Jeff Mitchell	b40fb8bd07	Minor update to TLS doc	5 years ago
Jeff Mitchell	505eed246d	Minor update to data encryption bang box	5 years ago
Jeff Mitchell	e426fcf20e	Gofumpt	5 years ago
Jeff Mitchell	22462cdd84	Add read:self and cancel:self to sessions; add dev unpriv user (#923 ) * Sessions support for read:self and cancel:self permissions. This is automatic with fallback; no API change is needed. * Strips out values from listing if only self actions are allowed on the resource and the user ID is different. This prevents a default ACL of id=;type=session;actions=read:self,cancel:self from causing all values to be visible when listing. Adds an unprivileged user to development/testing instances. This user has only default permissions plus the ability to authorize sessions in the default target.	5 years ago
Jeff Mitchell	5266eb3269	Don't error worker filters if a key isn't found, treat it as a non-match (#900 )	5 years ago

1 2

99 Commits (441ca59ea3c6416c86e39c5fda7ebbba453def45)