From 87e25f4300b0ccaac394bcf864dca36880caa5cd Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Thu, 7 May 2015 13:41:23 -0400 Subject: [PATCH] Add instructions for enabling the auth first --- website/source/docs/auth/app-id.html.md | 15 +++++++++++++ website/source/docs/auth/cert.html.md | 15 +++++++++++++ website/source/docs/auth/github.html.md | 26 +++++++++++++++++++++-- website/source/docs/auth/userpass.html.md | 16 ++++++++++++++ 4 files changed, 70 insertions(+), 2 deletions(-) diff --git a/website/source/docs/auth/app-id.html.md b/website/source/docs/auth/app-id.html.md index cbb10f4a6b..8bf1042209 100644 --- a/website/source/docs/auth/app-id.html.md +++ b/website/source/docs/auth/app-id.html.md @@ -71,6 +71,21 @@ The endpoint for the App ID login is `/login`. ## Configuration +First you must enable the App ID auth backend: + +``` +$ vault auth-enable app-id +Successfully enabled 'app-id' at 'app-id'! +``` + +Now when you run `vault auth -methods`, the App ID backend is available: + +``` +Path Type Description +app-id/ app-id +token/ token token based credentials +``` + To use the App ID auth backend, an operator must configure it with the set of App IDs, user IDs, and the mapping between them. An example is shown below, use `vault help` for more details. diff --git a/website/source/docs/auth/cert.html.md b/website/source/docs/auth/cert.html.md index 2dd02d1bf2..da978fc606 100644 --- a/website/source/docs/auth/cert.html.md +++ b/website/source/docs/auth/cert.html.md @@ -25,6 +25,21 @@ if there is a matching trusted certificate to authenticate the client. ## Configuration +First, you must enable the certificate auth backend: + +``` +$ vault auth-enable cert +Successfully enabled 'cert' at 'cert'! +``` + +Now when you run `vault auth -methods`, the certificate backend is available: + +``` +Path Type Description +cert/ cert +token/ token token based credentials +``` + To use the "cert" auth backend, an operator must configure it with trusted certificates that are allowed to authenticate. An example is shown below. Use `vault help` for more details. diff --git a/website/source/docs/auth/github.html.md b/website/source/docs/auth/github.html.md index b2de4f7030..37d63491d4 100644 --- a/website/source/docs/auth/github.html.md +++ b/website/source/docs/auth/github.html.md @@ -30,19 +30,41 @@ The endpoint for the GitHub login is `/login`. ## Configuration +First, you must enable the GitHub auth backend: + +``` +$ vault auth-enable github +Successfully enabled 'github' at 'github'! +``` + +Now when you run `vault auth -methods`, the GitHub backend is available: + +``` +Path Type Description +github/ github +token/ token token based credentials +``` + Prior to using the GitHub auth backend, it must be configured. To -configure it, use the `/config` endpoint and pass in the following arguments: +configure it, use the `/config` endpoint with the following arguments: * `organization` (string, required) - The organization name a user must be a part of to authenticate. +For example: + +``` +$ vault write auth/github/config organization=hashicorp +Success! Data written to: auth/github/config +``` + After configuring that, you must map the teams of that organization to policies within Vault. Use the `map/teams/` endpoints to do that. Example: ``` $ vault write auth/github/map/teams/owners value=root -... +Success! Data written to: auth/github/map/teams/owners ``` The above would make anyone in the "owners" team a root user in Vault diff --git a/website/source/docs/auth/userpass.html.md b/website/source/docs/auth/userpass.html.md index 9ee3e80e9b..fb6d9bd24c 100644 --- a/website/source/docs/auth/userpass.html.md +++ b/website/source/docs/auth/userpass.html.md @@ -34,6 +34,22 @@ The endpoint for the login is `/login/USERNAME`. ## Configuration +First, you must enable the username/password auth backend: + +``` +$ vault auth-enable userpass +Successfully enabled 'userpass' at 'userpass'! +``` + +Now when you run `vault auth -methods`, the username/password backend is +available: + +``` +Path Type Description +token/ token token based credentials +userpass/ userpass +``` + To use the "userpass" auth backend, an operator must configure it with users that are allowed to authenticate. An example is shown below. Use `vault help` for more details.