From 7336cf70ad1c83c3981a906694a118f482908f97 Mon Sep 17 00:00:00 2001 From: Sungyoon Jeong Date: Thu, 14 Dec 2023 05:37:13 +0900 Subject: [PATCH 1/4] docs: fix typo in aws.mdx (#24435) --- website/content/api-docs/auth/aws.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/api-docs/auth/aws.mdx b/website/content/api-docs/auth/aws.mdx index 12bc598d3623..cb81a37e24ba 100644 --- a/website/content/api-docs/auth/aws.mdx +++ b/website/content/api-docs/auth/aws.mdx @@ -1057,7 +1057,7 @@ for more information on the signature types. when using the ec2 auth method. - `signature` `(string: )` - Base64-encoded SHA256 RSA signature of the instance identity document, which can usually be obtained from the - `http://169.254.169.254/latest/dynamic/instance-identity/document` endpoint. + `http://169.254.169.254/latest/dynamic/instance-identity/signature` endpoint. Either both this _AND_ `identity` must be set _OR_ `pkcs7` must be set when using the ec2 auth method. - `pkcs7` `(string: )` - PKCS#7 signature of the identity document From a58c3a9850b777523411d88c5117d4c77c1f3259 Mon Sep 17 00:00:00 2001 From: Sokren Date: Wed, 13 Dec 2023 21:42:09 +0100 Subject: [PATCH 2/4] Update azurekv.mdx change line 37 stores to destinations (#24374) --- website/content/docs/sync/azurekv.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/sync/azurekv.mdx b/website/content/docs/sync/azurekv.mdx index d86ec901388c..329efc50a505 100644 --- a/website/content/docs/sync/azurekv.mdx +++ b/website/content/docs/sync/azurekv.mdx @@ -34,7 +34,7 @@ Prerequisites: 1. Configure a sync destination with the service principal credentials and Key Vault URI created in the previous steps. ```shell-session - $ vault write sys/sync/stores/azure-kv/my-azure-1 \ + $ vault write sys/sync/destinations/azure-kv/my-azure-1 \ key_vault_uri="$KEY_VAULT_URI" \ client_id="$CLIENT_ID" \ client_secret="$CLIENT_SECRET" \ From c7a7b0a2d2907d0730d3eae0d3a5fb60bb29bdd9 Mon Sep 17 00:00:00 2001 From: Sean Ellefson Date: Wed, 13 Dec 2023 13:14:42 -0800 Subject: [PATCH 3/4] Added `vault operator raft snapshot inspect` usage (#24083) * Added `vault operator raft snapshot inspect` usage * Update website/content/docs/commands/operator/raft.mdx Forcing suggestion commit so we can merge and publish the changes. --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --- website/content/docs/commands/operator/raft.mdx | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/website/content/docs/commands/operator/raft.mdx b/website/content/docs/commands/operator/raft.mdx index dd2a63f738a0..9b7f91da94ef 100644 --- a/website/content/docs/commands/operator/raft.mdx +++ b/website/content/docs/commands/operator/raft.mdx @@ -192,6 +192,20 @@ Usage: vault operator raft snapshot restore $ vault operator raft snapshot restore raft.snap ``` +### snapshot inspect + +Inspects a snapshot file taken from a Vault Raft cluster and prints a table showing the number of keys and the amount of space used. + +```text +Usage: vault operator raft snapshot inspect +``` + +For example: + +```shell-session +$ vault operator raft snapshot inspect raft.snap +``` + ## autopilot This command groups subcommands for operators interacting with the autopilot From 98d0125960216d504931e16b2c0f0c69495d4492 Mon Sep 17 00:00:00 2001 From: Sean Ellefson Date: Wed, 13 Dec 2023 13:15:57 -0800 Subject: [PATCH 4/4] Adding note about `node-id` being generated when unset (#24101) * Adding note about `node-id` being generated when unset * Update website/content/docs/configuration/storage/raft.mdx * Correct linter error --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --- website/content/docs/configuration/storage/raft.mdx | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/website/content/docs/configuration/storage/raft.mdx b/website/content/docs/configuration/storage/raft.mdx index 433f7e495371..dacd527690e0 100644 --- a/website/content/docs/configuration/storage/raft.mdx +++ b/website/content/docs/configuration/storage/raft.mdx @@ -49,7 +49,10 @@ set [`disable_mlock`](/vault/docs/configuration#disable_mlock) to `true`, and to This value can be overridden by setting the `VAULT_RAFT_PATH` environment variable. - `node_id` `(string: "")` - The identifier for the node in the Raft cluster. - This value can be overridden by setting the `VAULT_RAFT_NODE_ID` environment variable. + You can override `node_id` with the `VAULT_RAFT_NODE_ID` environment + variable. When `VAULT_RAFT_NODE_ID` is unset, Vault assigns a random + GUID during initialization and writes the value to `data/node-id` in the + directory specified by the `path` parameter. - `performance_multiplier` `(integer: 0)` - An integer multiplier used by servers to scale key Raft timing parameters, where each increment translates to approximately 1 – 2 seconds of delay. For example, setting the multiplier to "3" translates to 3 – 6 seconds of total delay. Tuning the multiplier affects the time it @@ -124,7 +127,7 @@ delay) mode. The maximum allowed value is 10. breaking a large value into chunks. By default, the chunk size is the same as Raft's max size log entry. The default value for this configuration is 1048576 -- two times the chunking size. - - **Note:** This option corresponds to [Consul's `kv_max_value_size` parameter](https://developer.hashicorp.com/consul/docs/agent/config/config-files#kv_max_value_size) for + - **Note:** This option corresponds to [Consul's `kv_max_value_size` parameter](/consul/docs/agent/config/config-files#kv_max_value_size) for Vault clusters using a Consul storage backend. If you are migrating from Consul storage to Raft Integrated Storage, and have changed this value in Consul from its default to a value larger than the Integrated Storage default of 1MB, then you will