upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-03-29 22:03:37 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
vault/website/source/api
History
joe miller f2b685e0f8 add allowed_organiztaional_units parameter to cert credential backend (#5252) 
Specifying the `allowed_organiztaional_units` parameter to a cert auth
backend role will require client certificates to contain at least one of
a list of one or more "organizational units" (OU).

Example use cases:

Certificates are issued to entities in an organization arrangement by
organizational unit (OU). The OU may be a department, team, or any other logical
grouping of resources with similar roles. The entities within the OU
should be granted the same policies.

```
$ vault write auth/cert/certs/ou-engineering \
    certificate=@ca.pem \
    policies=engineering \
    allowed_organiztaional_units=engineering

$ vault write auth/cert/certs/ou-engineering \
    certificate=@ca.pem \
    policies=engineering \
    allowed_organiztaional_units=engineering,support
```
2018-09-27 19:04:55 -05:00
..
auth add allowed_organiztaional_units parameter to cert credential backend (#5252) 2018-09-27 19:04:55 -05:00
secret Add AWS Secret Engine Root Credential Rotation (#5140) 2018-09-26 07:10:00 -07:00
system Docs: update policy read API output to address #5298 (#5299) 2018-09-21 10:52:46 -04:00
index.html.md adding namespaces example 2018-08-29 11:26:23 -04:00
libraries.html.md vaultsharp - multi platform capabilities (#5127) 2018-08-17 08:47:16 -04:00
relatedtools.html.md Update relatedtools.html.md (#5287) 2018-09-06 08:37:03 -07:00