From 1aeddcabc0d6329dd72dfeed0baac9f739f5d33b Mon Sep 17 00:00:00 2001 From: Jonathan Ballet Date: Wed, 18 Aug 2021 15:25:54 +0200 Subject: [PATCH] Improve databases documentation Fixed a bunch of formatting issues and broken JSON outputs. --- changelog/12344.txt | 3 +++ .../api-docs/secret/databases/cassandra.mdx | 23 +++++++++++-------- .../api-docs/secret/databases/elasticdb.mdx | 14 ++++++----- .../api-docs/secret/databases/hanadb.mdx | 10 ++++---- .../api-docs/secret/databases/index.mdx | 16 ++++++------- .../api-docs/secret/databases/influxdb.mdx | 8 +++---- .../api-docs/secret/databases/mongodb.mdx | 10 ++++---- .../secret/databases/mongodbatlas.mdx | 2 +- .../api-docs/secret/databases/mssql.mdx | 6 ++--- .../api-docs/secret/databases/mysql-maria.mdx | 8 +++---- .../api-docs/secret/databases/oracle.mdx | 6 ++--- .../api-docs/secret/databases/postgresql.mdx | 16 ++++++------- .../api-docs/secret/databases/redshift.mdx | 16 ++++++------- .../api-docs/secret/databases/snowflake.mdx | 16 ++++++------- 14 files changed, 82 insertions(+), 72 deletions(-) create mode 100644 changelog/12344.txt diff --git a/changelog/12344.txt b/changelog/12344.txt new file mode 100644 index 000000000000..1dcc570af861 --- /dev/null +++ b/changelog/12344.txt @@ -0,0 +1,3 @@ +```release-note:improvement +Improved rendering of the api-docs/secret/databases/ documentation pages +``` diff --git a/website/content/api-docs/secret/databases/cassandra.mdx b/website/content/api-docs/secret/databases/cassandra.mdx index 2bc0cb84d2fe..039fce43554e 100644 --- a/website/content/api-docs/secret/databases/cassandra.mdx +++ b/website/content/api-docs/secret/databases/cassandra.mdx @@ -56,7 +56,7 @@ has a number of parameters to further configure a connection. [the pki documentation](/docs/secrets/pki). Only one of `pem_bundle` or `pem_json` can be specified.
-`pem_json` example +pem_json example ```json { @@ -65,7 +65,9 @@ has a number of parameters to further configure a connection. "ca_chain": ["", " pem_json=@/path/to/file.json ``` @@ -82,7 +84,7 @@ vault write database/config/cassandra-example <...other fields> pem_json=@/path/ - `local_datacenter` `(string: "")` – If set, enables host selection policy which will prioritize and use hosts which are in the local datacenter before - hosts in all other datacenters (for example "dc-01"). + hosts in all other datacenters (for example `dc-01`). - `socket_keep_alive` `(string: "0s")` – the keep-alive period for an active network connection. If zero, keep-alives are not enabled. @@ -179,32 +181,35 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{username}}' and '{{password}}' values will be substituted. If not + array. The `{{username}}` and `{{password}}` values will be substituted. If not provided, defaults to a generic create user statements that creates a non-superuser. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{username}}' value will be + a base64-encoded serialized JSON string array. The `{{username}}` value will be substituted. If not provided defaults to a generic drop user statement. - `rollback_statements` `(list: [])` – Specifies the database statements to be executed to rollback a create operation in the event of an error. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{username}}' value will be substituted. If not provided, defaults to + array. The `{{username}}` value will be substituted. If not provided, defaults to a generic drop user statement - `root_rotation_statements` `(list: [])` - Specifies the database statements to be executed when rotating the root user's password. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{username}}' value will be substituted. If not provided, defaults to + array. The `{{username}}` value will be substituted. If not provided, defaults to a reasonable default alter user statement. ~> Prior to Vault 1.7.1 and 1.6.4 the default `root_rotation_statements` does not allow for usernames with special characters in them due to missing quotes around the username. To fix this issue in versions prior to Vault 1.7.1/1.6.4, - specify the following `root_rotation_statements`:
- `ALTER USER '{{username}}' WITH PASSWORD '{{password}}';` + specify the following `root_rotation_statements`: + + ```sql + ALTER USER '{{username}}' WITH PASSWORD '{{password}}'; + ``` diff --git a/website/content/api-docs/secret/databases/elasticdb.mdx b/website/content/api-docs/secret/databases/elasticdb.mdx index c5fd53c475fa..0164ffb51bca 100644 --- a/website/content/api-docs/secret/databases/elasticdb.mdx +++ b/website/content/api-docs/secret/databases/elasticdb.mdx @@ -24,15 +24,15 @@ has a number of parameters to further configure a connection. ### Parameters -- `url` `(string: )` - The URL for Elasticsearch's API ("http://localhost:9200"). -- `username` `(string: )` - The username to be used in the connection URL ("vault"). -- `password` `(string: )` - The password to be used in the connection URL ("pa55w0rd"). +- `url` `(string: )` - The URL for Elasticsearch's API (`http://localhost:9200`). +- `username` `(string: )` - The username to be used in the connection URL (`vault`). +- `password` `(string: )` - The password to be used in the connection URL (`pa55w0rd`). - `ca_cert` `(string: "")` - The path to a PEM-encoded CA cert file to use to verify the Elasticsearch server's identity. - `ca_path` `(string: "")` - The path to a directory of PEM-encoded CA cert files to use to verify the Elasticsearch server's identity. - `client_cert` `(string: "")` - The path to the certificate for the Elasticsearch client to present for communication. - `client_key` `(string: "")` - The path to the key for the Elasticsearch client to use for communication. -- `tls_server_name` `(string: "")` - This, if set, is used to set the SNI host when connecting via 1TLS. -- `insecure` `(bool: false)` - Not recommended. Default to false. Can be set to true to disable SSL verification. +- `tls_server_name` `(string: "")` - This, if set, is used to set the SNI host when connecting via TLS. +- `insecure` `(bool: false)` - Not recommended. Default to `false`. Can be set to `true` to disable certificate verification. - `username_template` `(string)` - [Template](/docs/concepts/username-templating) describing how dynamic usernames are generated. ### Sample Payload @@ -74,11 +74,13 @@ list the plugin does not support that statement type. - `creation_statements` `(string: )` – Using JSON, either defines an `elasticsearch_role_definition` or a group of pre-existing `elasticsearch_roles`. + The object specified by the `elasticsearch_role_definition` is the JSON directly passed through to the Elasticsearch API, so you can pass through anything shown [here](https://www.elastic.co/guide/en/elasticsearch/reference/6.6/security-api-put-role.html). + For `elasticsearch_roles`, add the names of the roles only. They must pre-exist - in Elasticsearch. Defining roles in Vault is more secure than using pre-existing + in Elasticsearch. Defining roles in Vault is more secure than using pre-existing roles because a privilege escalation could be performed by editing the roles used out-of-band in Elasticsearch. diff --git a/website/content/api-docs/secret/databases/hanadb.mdx b/website/content/api-docs/secret/databases/hanadb.mdx index d719680113f7..2e4705e0d964 100644 --- a/website/content/api-docs/secret/databases/hanadb.mdx +++ b/website/content/api-docs/secret/databases/hanadb.mdx @@ -26,7 +26,7 @@ has a number of parameters to further configure a connection. - `connection_url` `(string: )` - Specifies the HANA DSN. This field can be templated and supports passing the username and password - parameters in the following format {{field_name}}. A templated connection URL is + parameters in the following format `{{field_name}}`. A templated connection URL is required when using root credential rotation. - `max_open_connections` `(int: 4)` - Specifies the maximum number of open @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s`, connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -54,7 +54,7 @@ has a number of parameters to further configure a connection. "max_open_connections": 5, "max_connection_lifetime": "5s", "username": "username", - "password": "password + "password": "password" } ``` @@ -84,7 +84,7 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}', '{{password}}', and '{{expiration}}' values will be + array. The `{{name}}`, `{{password}}`, and `{{expiration}}` values will be substituted. - The expiration time will be HANA server time plus the role's `default_ttl`. @@ -93,6 +93,6 @@ list the plugin does not support that statement type. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided, defaults to dropping the user only if they have no dependent objects. diff --git a/website/content/api-docs/secret/databases/index.mdx b/website/content/api-docs/secret/databases/index.mdx index 3af687850219..abcfb1599f44 100644 --- a/website/content/api-docs/secret/databases/index.mdx +++ b/website/content/api-docs/secret/databases/index.mdx @@ -41,7 +41,7 @@ list of additional parameters. during initial configuration. Defaults to true. - `allowed_roles` `(list: [])` - List of the roles allowed to use this connection. - Defaults to empty (no roles), if contains a "\*" any role can use this connection. + Defaults to empty (no roles), if contains a `*` any role can use this connection. - `root_rotation_statements` `(list: [])` - Specifies the database statements to be executed to rotate the root user's credentials. See the plugin's API page for more @@ -273,12 +273,12 @@ This endpoint creates or updates a role definition. for this role. - `default_ttl` `(string/int: 0)` - Specifies the TTL for the leases - associated with this role. Accepts time suffixed strings ("1h") or an integer + associated with this role. Accepts time suffixed strings (`1h`) or an integer number of seconds. Defaults to system/engine default TTL time. - `max_ttl` `(string/int: 0)` - Specifies the maximum TTL for the leases - associated with this role. Accepts time suffixed strings ("1h") or an integer - number of seconds. Defaults to system/mount default TTL time; this value is allowed to be less than the mount max TTL (or, if not set, the system max TTL), but it is not allowed to be longer. See also [The TTL General Case](/docs/concepts/tokens#the-general-case). + associated with this role. Accepts time suffixed strings (`1h`) or an integer + number of seconds. Defaults to `sys/mounts`'s default TTL time; this value is allowed to be less than the mount max TTL (or, if not set, the system max TTL), but it is not allowed to be longer. See also [The TTL General Case](/docs/concepts/tokens#the-general-case). - `creation_statements` `(list: )` – Specifies the database statements executed to create and configure a user. See the plugin's API page @@ -490,7 +490,7 @@ this in order to know the password. { "db_name": "mysql", "username": "static-database-user", - "rotation_statements": ["ALTER USER "{{name}}" WITH PASSWORD '{{password}}';"], + "rotation_statements": ["ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';"], "rotation_period": "1h" } ``` @@ -533,9 +533,9 @@ $ curl \ "data": { "db_name": "mysql", "username":"static-user", - "rotation_statements": ["ALTER USER "{{name}}" WITH PASSWORD '{{password}}';"], - "rotation_period":"1h", - }, + "rotation_statements": ["ALTER USER \"{{name}}\" WITH PASSWORD '{{password}}';"], + "rotation_period":"1h" + } } ``` diff --git a/website/content/api-docs/secret/databases/influxdb.mdx b/website/content/api-docs/secret/databases/influxdb.mdx index fd000c7b6879..9a24c93e8a96 100644 --- a/website/content/api-docs/secret/databases/influxdb.mdx +++ b/website/content/api-docs/secret/databases/influxdb.mdx @@ -116,19 +116,19 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{username}}' and '{{password}}' values will be substituted. If not + array. The `{{username}}` and `{{password}}` values will be substituted. If not provided, defaults to a generic create user statements that creates a non-superuser. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{username}}' value will be + a base64-encoded serialized JSON string array. The `{{username}}` value will be substituted. If not provided defaults to a generic drop user statement. - `rollback_statements` `(list: [])` – Specifies the database statements to be executed to rollback a create operation in the event of an error. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{username}}' value will be substituted. If not provided, defaults to - a generic drop user statement + array. The `{{username}}` value will be substituted. If not provided, defaults to + a generic drop user statement. diff --git a/website/content/api-docs/secret/databases/mongodb.mdx b/website/content/api-docs/secret/databases/mongodb.mdx index 2985608ffe21..11ad01626802 100644 --- a/website/content/api-docs/secret/databases/mongodb.mdx +++ b/website/content/api-docs/secret/databases/mongodb.mdx @@ -111,17 +111,17 @@ list the plugin does not support that statement type. - `creation_statements` `(string: )` – Specifies the database statements executed to create and configure a user. Must be a serialized JSON object, or a base64-encoded serialized JSON object. - The object can optionally contain a "db" string for session connection, - and must contain a "roles" array. This array contains objects that holds - a "role", and an optional "db" value, and is similar to the BSON document that + The object can optionally contain a `db` string for session connection, + and must contain a `roles` array. This array contains objects that holds + a `role`, and an optional `db` value, and is similar to the BSON document that is accepted by MongoDB's `roles` field. Vault will transform this array into such format. For more information regarding the `roles` field, refer to [MongoDB's documentation](https://docs.mongodb.com/manual/reference/method/db.createUser/). - `revocation_statements` `(string: "")` – Specifies the database statements to be executed to revoke a user. Must be a serialized JSON object, or a base64-encoded - serialized JSON object. The object can optionally contain a "db" string. If no - "db" value is provided, it defaults to the "admin" database. + serialized JSON object. The object can optionally contain a `db` string. If no + `db` value is provided, it defaults to the `admin` database. ### Sample Creation Statement diff --git a/website/content/api-docs/secret/databases/mongodbatlas.mdx b/website/content/api-docs/secret/databases/mongodbatlas.mdx index 009f311a1f0a..74aaa3295f1b 100644 --- a/website/content/api-docs/secret/databases/mongodbatlas.mdx +++ b/website/content/api-docs/secret/databases/mongodbatlas.mdx @@ -77,7 +77,7 @@ list the plugin does not support that statement type. - `default_ttl` `(string/int): 0` - Specifies the TTL for the leases associated with this role. Accepts time suffixed strings (`1h`) or an integer number of seconds. Defaults to system/engine default TTL time. - `max_ttl` `(string/int): 0` - Specifies the maximum TTL for the leases associated with this role. Accepts time - suffixed strings (`1h`) or an integer number of seconds. Defaults to system/mount default TTL time; this value + suffixed strings (`1h`) or an integer number of seconds. Defaults to `sys/mounts` default TTL time; this value is allowed to be less than the mount max TTL (or, if not set, the system max TTL), but it is not allowed to be longer. See also [The TTL General Case](/docs/concepts/tokens#the-general-case). diff --git a/website/content/api-docs/secret/databases/mssql.mdx b/website/content/api-docs/secret/databases/mssql.mdx index 482f091291a5..88b554a6b04c 100644 --- a/website/content/api-docs/secret/databases/mssql.mdx +++ b/website/content/api-docs/secret/databases/mssql.mdx @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s` connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -112,10 +112,10 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. + array. The `{{name}}` and `{{password}}` values will be substituted. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. diff --git a/website/content/api-docs/secret/databases/mysql-maria.mdx b/website/content/api-docs/secret/databases/mysql-maria.mdx index 6f0bceaaac75..92df8f508af6 100644 --- a/website/content/api-docs/secret/databases/mysql-maria.mdx +++ b/website/content/api-docs/secret/databases/mysql-maria.mdx @@ -26,7 +26,7 @@ has a number of parameters to further configure a connection. - `connection_url` `(string: )` - Specifies the MySQL DSN. This field can be templated and supports passing the username and password - parameters in the following format {{field_name}}. A templated connection URL is + parameters in the following format `{{field_name}}`. A templated connection URL is required when using root credential rotation. - `max_open_connections` `(int: 4)` - Specifies the maximum number of open @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ 0s connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -149,11 +149,11 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. The + array. The `{{name}}` and `{{password}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. diff --git a/website/content/api-docs/secret/databases/oracle.mdx b/website/content/api-docs/secret/databases/oracle.mdx index 23d8d6ba004e..db7f8e095663 100644 --- a/website/content/api-docs/secret/databases/oracle.mdx +++ b/website/content/api-docs/secret/databases/oracle.mdx @@ -35,7 +35,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s` connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -109,10 +109,10 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. + array. The `{{name}}` and `{{password}}` values will be substituted. - `revocation_statements` `(string: "")` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. diff --git a/website/content/api-docs/secret/databases/postgresql.mdx b/website/content/api-docs/secret/databases/postgresql.mdx index 7adbdb13956d..ad2bf6e1b271 100644 --- a/website/content/api-docs/secret/databases/postgresql.mdx +++ b/website/content/api-docs/secret/databases/postgresql.mdx @@ -26,7 +26,7 @@ has a number of parameters to further configure a connection. - `connection_url` `(string: )` - Specifies the PostgreSQL DSN. This field can be templated and supports passing the username and password - parameters in the following format {{field_name}}. A templated connection URL is + parameters in the following format `{{field_name}}`. A templated connection URL is required when using root credential rotation. - `max_open_connections` `(int: 4)` - Specifies the maximum number of open @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s`, connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -112,33 +112,33 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}', '{{password}}' and '{{expiration}}' values will be + array. The `{{name}}`, `{{password}}` and `{{expiration}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. - `rollback_statements` `(list: [])` – Specifies the database statements to be executed rollback a create operation in the event of an error. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string - array, or a base64-encoded serialized JSON string array. The '{{name}}' value + array, or a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. - `renew_statements` `(list: [])` – Specifies the database statements to be executed to renew a user. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a - base64-encoded serialized JSON string array. The '{{name}}' and - '{{expiration}}' values will be substituted. + base64-encoded serialized JSON string array. The `{{name}}` and + `{{expiration}}` values will be substituted. - `rotation_statements` `(list: [])` – Specifies the database statements to be executed to rotate the password for a given username. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. The + array. The `{{name}}` and `{{password}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. diff --git a/website/content/api-docs/secret/databases/redshift.mdx b/website/content/api-docs/secret/databases/redshift.mdx index 868676740a57..437a9ce88411 100644 --- a/website/content/api-docs/secret/databases/redshift.mdx +++ b/website/content/api-docs/secret/databases/redshift.mdx @@ -26,7 +26,7 @@ has a number of parameters to further configure a connection. - `connection_url` `(string: )` - Specifies the Redshift DSN. This field can be templated and supports passing the username and password - parameters in the following format {{field_name}}. A templated connection URL is + parameters in the following format `{{field_name}}`. A templated connection URL is required when using root credential rotation. - `max_open_connections` `(int: 4)` - Specifies the maximum number of open @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s` connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -86,33 +86,33 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}', '{{password}}' and '{{expiration}}' values will be + array. The `{{name}}`, `{{password}}` and `{{expiration}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. - `rollback_statements` `(list: [])` – Specifies the database statements to be executed rollback a create operation in the event of an error. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string - array, or a base64-encoded serialized JSON string array. The '{{name}}' value + array, or a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. - `renew_statements` `(list: [])` – Specifies the database statements to be executed to renew a user. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a - base64-encoded serialized JSON string array. The '{{name}}' and - '{{expiration}}' values will be substituted. + base64-encoded serialized JSON string array. The `{{name}}` and + `{{expiration}}` values will be substituted. - `rotation_statements` `(list: [])` – Specifies the database statements to be executed to rotate the password for a given username. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. The + array. The `{{name}}` and `{{password}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. diff --git a/website/content/api-docs/secret/databases/snowflake.mdx b/website/content/api-docs/secret/databases/snowflake.mdx index 3319116a0247..3d0fa6107efc 100644 --- a/website/content/api-docs/secret/databases/snowflake.mdx +++ b/website/content/api-docs/secret/databases/snowflake.mdx @@ -26,7 +26,7 @@ has a number of parameters to further configure a connection. - `connection_url` `(string: )` - Specifies the Snowflake DSN. This field can be templated and supports passing the username and password - parameters in the following format {{field_name}}. A templated connection URL is + parameters in the following format `{{field_name}}`. A templated connection URL is required when using root credential rotation. - `max_open_connections` `(int: 4)` - Specifies the maximum number of open @@ -38,7 +38,7 @@ has a number of parameters to further configure a connection. `max_open_connections` it will be reduced to be equal. - `max_connection_lifetime` `(string: "0s")` - Specifies the maximum amount of - time a connection may be reused. If <= 0s connections are reused forever. + time a connection may be reused. If ≤ `0s` connections are reused forever. - `username` `(string: "")` - The root credential username used in the connection URL. @@ -86,33 +86,33 @@ list the plugin does not support that statement type. statements executed to create and configure a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}', '{{password}}' and '{{expiration}}' values will be + array. The `{{name}}`, `{{password}}` and `{{expiration}}` values will be substituted. The generated password will be a random alphanumeric 20 character string. - `revocation_statements` `(list: [])` – Specifies the database statements to be executed to revoke a user. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or - a base64-encoded serialized JSON string array. The '{{name}}' value will be + a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. If not provided defaults to a generic drop user statement. - `rollback_statements` `(list: [])` – Specifies the database statements to be executed rollback a create operation in the event of an error. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string - array, or a base64-encoded serialized JSON string array. The '{{name}}' value + array, or a base64-encoded serialized JSON string array. The `{{name}}` value will be substituted. - `renew_statements` `(list: [])` – Specifies the database statements to be executed to renew a user. Not every plugin type will support this functionality. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a - base64-encoded serialized JSON string array. The '{{name}}' and - '{{expiration}}' values will be substituted. + base64-encoded serialized JSON string array. The `{{name}}` and + `{{expiration}}` values will be substituted. - `rotation_statements` `(list: [])` – Specifies the database statements to be executed to rotate the password for a given username. Must be a semicolon-separated string, a base64-encoded semicolon-separated string, a serialized JSON string array, or a base64-encoded serialized JSON string - array. The '{{name}}' and '{{password}}' values will be substituted. The + array. The `{{name}}` and `{{password}}` values will be substituted. The generated password will be a random alphanumeric 20 character string.