From e1e01fcf1cca241eb5bb74960db7ce24d48dc6a1 Mon Sep 17 00:00:00 2001 From: yhyakuna Date: Thu, 5 Dec 2024 16:12:17 -0800 Subject: [PATCH 1/4] Update the title & description for SEO improvement --- website/content/docs/secrets/alicloud.mdx | 7 +-- website/content/docs/secrets/aws.mdx | 7 ++- website/content/docs/secrets/azure.mdx | 7 ++- website/content/docs/secrets/consul.mdx | 4 +- website/content/docs/secrets/cubbyhole.mdx | 5 +-- website/content/docs/secrets/gcp.mdx | 7 ++- website/content/docs/secrets/gcpkms.mdx | 6 +-- website/content/docs/secrets/index.mdx | 4 +- .../content/docs/secrets/kmip-profiles.mdx | 4 +- website/content/docs/secrets/kmip.mdx | 4 +- website/content/docs/secrets/kubernetes.mdx | 5 +-- website/content/docs/secrets/ldap.mdx | 4 +- website/content/docs/secrets/mongodbatlas.mdx | 7 ++- website/content/docs/secrets/nomad.mdx | 5 ++- website/content/docs/secrets/rabbitmq.mdx | 5 +-- website/content/docs/secrets/terraform.mdx | 45 +++++++++---------- website/content/docs/secrets/totp.mdx | 5 ++- website/content/docs/secrets/venafi.mdx | 7 +-- website/data/docs-nav-data.json | 2 +- 19 files changed, 66 insertions(+), 74 deletions(-) diff --git a/website/content/docs/secrets/alicloud.mdx b/website/content/docs/secrets/alicloud.mdx index 17ff7cb7c76d..070838ef2bb0 100644 --- a/website/content/docs/secrets/alicloud.mdx +++ b/website/content/docs/secrets/alicloud.mdx @@ -1,11 +1,8 @@ --- layout: docs -page_title: AliCloud - Secrets Engines +page_title: AliCloud secrets engine description: >- - The AliCloud secrets engine for Vault generates access tokens or STS - credentials - - dynamically based on RAM policies or roles. + Dynamically generate access tokens or STS credentials based on RAM policies or roles with the AliCloud secrets engine plugin. --- # AliCloud secrets engine diff --git a/website/content/docs/secrets/aws.mdx b/website/content/docs/secrets/aws.mdx index 6e0b74957d06..928dc3388080 100644 --- a/website/content/docs/secrets/aws.mdx +++ b/website/content/docs/secrets/aws.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: AWS - Secrets Engines -description: |- - The AWS secrets engine for Vault generates access keys dynamically based on - IAM policies. +page_title: AWS secrets engine +description: >- + Dynamically generate access keys dynamically based on IAM policies with the AWS secrets engine plugin. --- # AWS secrets engine diff --git a/website/content/docs/secrets/azure.mdx b/website/content/docs/secrets/azure.mdx index 9a0454b28195..edd9dd3e3550 100644 --- a/website/content/docs/secrets/azure.mdx +++ b/website/content/docs/secrets/azure.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: Azure - Secrets Engine -description: |- - The Azure Vault secrets engine dynamically generates Azure - service principals and role assignments. +page_title: Azure secrets engine +description: >- + Dynamically generate Azure service principals and role assignments with the Azure secrets engine plugin. --- # Azure secrets engine diff --git a/website/content/docs/secrets/consul.mdx b/website/content/docs/secrets/consul.mdx index 5dd3ea9e2687..6dcb8b23d406 100644 --- a/website/content/docs/secrets/consul.mdx +++ b/website/content/docs/secrets/consul.mdx @@ -1,7 +1,7 @@ --- layout: docs -page_title: Consul - Secrets Engines -description: The Consul secrets engine for Vault generates tokens for Consul dynamically. +page_title: Consul secrets engine +description: Dynamically generate Consul tokens with the Consul secrets engine plugin. --- # Consul secrets engine diff --git a/website/content/docs/secrets/cubbyhole.mdx b/website/content/docs/secrets/cubbyhole.mdx index 841ced4c2e44..03dfba21b478 100644 --- a/website/content/docs/secrets/cubbyhole.mdx +++ b/website/content/docs/secrets/cubbyhole.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: Cubbyhole - Secrets Engines +page_title: Cubbyhole secrets engine description: >- - The cubbyhole secrets engine can store arbitrary secrets scoped to a single - token. + Store arbitrary secrets scoped to a single client token with the Cubbyhole secrets engine plugin. --- # Cubbyhole secrets engine diff --git a/website/content/docs/secrets/gcp.mdx b/website/content/docs/secrets/gcp.mdx index 8d7c4333a9f9..cc422bb232c7 100644 --- a/website/content/docs/secrets/gcp.mdx +++ b/website/content/docs/secrets/gcp.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: Google Cloud - Secrets Engines -description: |- - The Google Cloud secrets engine for Vault dynamically generates Google Cloud - service account keys and OAuth tokens based on IAM policies. +page_title: Google Cloud secrets engine +description: >- + Dynamically generate Google Cloud service account keys and OAuth tokens based on IAM policies with the Google Cloud secrets engine plugin. --- # Google Cloud secrets engine diff --git a/website/content/docs/secrets/gcpkms.mdx b/website/content/docs/secrets/gcpkms.mdx index 6d8a3342b402..ebaa23dd8c7c 100644 --- a/website/content/docs/secrets/gcpkms.mdx +++ b/website/content/docs/secrets/gcpkms.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: Google Cloud KMS - Secrets Engines -description: |- - The Google Cloud KMS secrets engine for Vault interfaces with Google Cloud +page_title: Google Cloud KMS secrets engine +description: >- + The Google Cloud KMS secrets engine plugin interfaces with Google Cloud KMS for encryption/decryption of data and KMS key management through Vault. --- diff --git a/website/content/docs/secrets/index.mdx b/website/content/docs/secrets/index.mdx index 14f218365f59..b38626262ec7 100644 --- a/website/content/docs/secrets/index.mdx +++ b/website/content/docs/secrets/index.mdx @@ -1,7 +1,7 @@ --- layout: docs -page_title: Secrets Engines -description: Secrets engines are mountable engines that store or generate secrets in Vault. +page_title: Secrets engines +description: Secrets engines are mountable plugins that store or generate secrets in Vault. --- # Secrets engines diff --git a/website/content/docs/secrets/kmip-profiles.mdx b/website/content/docs/secrets/kmip-profiles.mdx index 8be5555e5b89..3f3f57f358f1 100644 --- a/website/content/docs/secrets/kmip-profiles.mdx +++ b/website/content/docs/secrets/kmip-profiles.mdx @@ -1,7 +1,7 @@ --- layout: docs -page_title: KMIP - Profiles Support -description: |- +page_title: KMIP profiles version 1.4 +description: >- The KMIP profiles define the use of KMIP objects, attributes, operations, message elements and authentication methods within specific contexts of KMIP server and client interaction. These profiles define a set of normative constraints for employing KMIP within a particular diff --git a/website/content/docs/secrets/kmip.mdx b/website/content/docs/secrets/kmip.mdx index 642bf9f3c089..7cc2a2b157ba 100644 --- a/website/content/docs/secrets/kmip.mdx +++ b/website/content/docs/secrets/kmip.mdx @@ -1,7 +1,7 @@ --- layout: docs -page_title: KMIP - Secrets Engines -description: |- +page_title: KMIP secrets engine +description: >- The KMIP secrets engine allows Vault to act as a KMIP server provider and handle the lifecycle of its KMIP managed objects. --- diff --git a/website/content/docs/secrets/kubernetes.mdx b/website/content/docs/secrets/kubernetes.mdx index 63d7680eeeef..dc462f7027a3 100644 --- a/website/content/docs/secrets/kubernetes.mdx +++ b/website/content/docs/secrets/kubernetes.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: Kubernetes - Secrets Engines +page_title: Kubernetes secrets engine description: >- - The Kubernetes secrets engine for Vault generates Kubernetes service account - tokens, service accounts, role bindings, and roles dynamically. + Dynamically generate Kubernetes service account tokens, service accounts, role bindings, and roles with the Kubernetes secrets engine plugin. --- # Kubernetes secrets engine diff --git a/website/content/docs/secrets/ldap.mdx b/website/content/docs/secrets/ldap.mdx index 114d513fdb9e..15883465665f 100644 --- a/website/content/docs/secrets/ldap.mdx +++ b/website/content/docs/secrets/ldap.mdx @@ -1,8 +1,8 @@ --- layout: docs -page_title: LDAP - Secrets Engine +page_title: LDAP secrets engine description: >- - The LDAP secret engine manages LDAP entry passwords. + Dynamically create and manage LDAP entry passwords with the LDAP secret engine plugin. --- # LDAP secrets engine diff --git a/website/content/docs/secrets/mongodbatlas.mdx b/website/content/docs/secrets/mongodbatlas.mdx index ffb3ab474e70..ff9d2837f348 100644 --- a/website/content/docs/secrets/mongodbatlas.mdx +++ b/website/content/docs/secrets/mongodbatlas.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: MongoDB Atlas - Secrets Engines -description: |- - The MongoDB Atlas secrets engine for Vault generates MongoDB Atlas - Programmatic API Keys dynamically. +page_title: MongoDB atlas secrets engine +description: >- + Dynamically generate MongoDB Atlas Programmatic API Keys with the MongoDB Atlas secrets engine plugin. --- # MongoDB atlas secrets engine diff --git a/website/content/docs/secrets/nomad.mdx b/website/content/docs/secrets/nomad.mdx index e5bf452bcb98..72e24873e72e 100644 --- a/website/content/docs/secrets/nomad.mdx +++ b/website/content/docs/secrets/nomad.mdx @@ -1,7 +1,8 @@ --- layout: docs -page_title: Nomad Secrets Engine -description: The Nomad secrets engine for Vault generates tokens for Nomad dynamically. +page_title: Nomad secrets engine +description: >- + Dynamically generate Nomad tokens with the Nomad secrets engine plugin. --- # Nomad secrets engine diff --git a/website/content/docs/secrets/rabbitmq.mdx b/website/content/docs/secrets/rabbitmq.mdx index 65d7418621fd..46b824504a84 100644 --- a/website/content/docs/secrets/rabbitmq.mdx +++ b/website/content/docs/secrets/rabbitmq.mdx @@ -1,9 +1,8 @@ --- layout: docs -page_title: RabbitMQ - Secrets Engines +page_title: RabbitMQ secrets engine description: >- - The RabbitMQ secrets engine for Vault generates user credentials to access - RabbitMQ. + Generate user credentials to access RabbitMQ with the RabbitMQ secrets engine plugin. --- # RabbitMQ secrets engine diff --git a/website/content/docs/secrets/terraform.mdx b/website/content/docs/secrets/terraform.mdx index a61af98cc02d..c2a3d93492ba 100644 --- a/website/content/docs/secrets/terraform.mdx +++ b/website/content/docs/secrets/terraform.mdx @@ -1,15 +1,14 @@ --- layout: docs -page_title: Terraform Cloud Secret Backend -description: The Terraform Cloud secret backend for Vault generates tokens for Terraform Cloud dynamically. +page_title: HCP Terraform secrets engine +description: >- + Dynamically generate HCP Terraform API tokens with the HCP Terraform secrets engine plugin. --- -# Terraform Cloud secret backend +# HCP Terraform secrets engine -Name: `Terraform Cloud` - -The Terraform Cloud secret backend for Vault generates -[Terraform Cloud](https://cloud.hashicorp.com/products/terraform) +The HCP Terraform secrets engine for Vault generates +[HCP Terraform](https://cloud.hashicorp.com/products/terraform) API tokens dynamically for Organizations, Teams, and Users. This page will show a quick start for this backend. For detailed documentation @@ -26,17 +25,17 @@ Most secrets engines must be configured in advance before they can perform their functions. These steps are usually completed by an operator or configuration management tool. -1. Enable the Terraform Cloud secrets engine: +1. Enable the HCP Terraform secrets engine: ```shell-session $ vault secrets enable terraform - Success! Enabled the terraform cloud secrets engine at: terraform/ + Success! Enabled the terraform secrets engine at: terraform/ ``` By default, the secrets engine will mount at the name of the engine. To enable the secrets engine at a different path, use the `-path` argument. -2. Configure Vault to connect and authenticate to Terraform Cloud: +2. Configure Vault to connect and authenticate to HCP Terraform: ```shell-session $ vault write terraform/config \ @@ -44,17 +43,17 @@ management tool. Success! Data written to: terraform/config ``` - See [Terraform Cloud's documentation on API + See [HCP Terraform's documentation on API tokens](/terraform/cloud-docs/users-teams-organizations/api-tokens) to determine the appropriate API token for use with the secret engine. In order to perform all operations, a User API token is recommended. -3. Configure a role that maps a name in Vault to a Terraform Cloud User. At - this time the Terraform Cloud API does not allow dynamic user generation. As +3. Configure a role that maps a name in Vault to a HCP Terraform user. At + this time the HCP Terraform API does not allow dynamic user generation. As a result this secret engine creates dynamic API tokens for an existing user, and manages the lifecycle of that API token. You will need to know the User ID in order to generate User API tokens for that user. You can use the - Terraform Cloud [Account + HCP Terraform [Account API](/terraform/cloud-docs/api-docs/account) to find the desired User ID. @@ -84,14 +83,14 @@ token_id at-123acbdfask ## Organization, team, and user roles -Terraform Cloud supports three distinct types of API tokens; Organizations, +HCP Terraform supports three distinct types of API tokens; Organizations, Teams, and Users. Each token type has distinct access levels and generation workflows. A given Vault role can manage any one of the three types at a time, however there are important differences to be aware of. ### Organization and team roles -The Terraform Cloud API limits both Organization and Team roles to **one active +The HCP Terraform API limits both Organization and Team roles to **one active token at any given time**. Generating a new Organization or Team API token by reading the credentials in Vault or otherwise generating them on [app.terraform.io](https://app.terraform.io/session) will effectively revoke **any** @@ -128,10 +127,10 @@ token_id at-fqvtdTQ5kQWcjUfG ### User roles Traditionally, Vault secret engines create dynamic users and dynamic credentials -along with them. At the time of writing, the Terraform Cloud API does not allow -for creating dynamic users. Instead, the Terraform Cloud secret engine creates +along with them. At the time of writing, the HCP Terraform API does not allow +for creating dynamic users. Instead, the HCP Terraform secret engine creates dynamic User API tokens by configuring a Vault role to manage an existing -Terraform Cloud user. The lifecycle of these tokens is managed by Vault and +HCP Terraform user. The lifecycle of these tokens is managed by Vault and will auto expire according to the configured TTL and max TTL of the Vault role. @@ -154,18 +153,18 @@ token token_id at-fqvtdTQ5kQWcjUfG ``` -Please see the [Terraform Cloud API +Please see the [HCP Terraform API Token documentation for more information](/terraform/cloud-docs/users-teams-organizations/api-tokens). ## Tutorial -Refer to [Terraform Cloud Secrets +Refer to [HCP Terraform Secrets Engine](/vault/tutorials/secrets-management/terraform-secrets-engine) for a step-by-step tutorial. ## API -The Terraform Cloud secrets engine has a full HTTP API. Please see the -[Terraform Cloud secrets engine API](/vault/api-docs/secret/terraform) for more +The HCP Terraform secrets engine has a full HTTP API. Please see the +[HCP Terraform secrets engine API](/vault/api-docs/secret/terraform) for more details. diff --git a/website/content/docs/secrets/totp.mdx b/website/content/docs/secrets/totp.mdx index 4bec57a1d355..4863d2bda010 100644 --- a/website/content/docs/secrets/totp.mdx +++ b/website/content/docs/secrets/totp.mdx @@ -1,7 +1,8 @@ --- layout: docs -page_title: TOTP - Secrets Engines -description: The TOTP secrets engine for Vault generates time-based one-time use passwords. +page_title: TOTP secrets engine +description: >- + Generate time-based one-time use passwords with the TOTP secrets engine plugin. --- # TOTP secrets engine diff --git a/website/content/docs/secrets/venafi.mdx b/website/content/docs/secrets/venafi.mdx index 61d29741dfce..a82bbd4d2e8f 100644 --- a/website/content/docs/secrets/venafi.mdx +++ b/website/content/docs/secrets/venafi.mdx @@ -1,10 +1,11 @@ --- layout: docs -page_title: Venafi - Secrets Engines -description: The Venafi integrated secrets engine for Vault. +page_title: Venafi secrets engine +description: >- + Dynamically generate short-lived SSL/TLS certificates using Venafi secrets engine. --- -# Venafi secrets engine for HashiCorp Vault +# Venafi secrets engine The Venafi Machine Identity Secrets Engine provides applications with the ability to dynamically generate SSL/TLS certificates that serve as machine diff --git a/website/data/docs-nav-data.json b/website/data/docs-nav-data.json index fb4f85704a34..788104cbef25 100644 --- a/website/data/docs-nav-data.json +++ b/website/data/docs-nav-data.json @@ -1756,7 +1756,7 @@ ] }, { - "title": "Terraform Cloud", + "title": "HCP Terraform", "path": "secrets/terraform" }, { From 6f35075036a47fe2cad12ce811c4c6cfe41cd364 Mon Sep 17 00:00:00 2001 From: yhyakuna Date: Thu, 5 Dec 2024 16:21:18 -0800 Subject: [PATCH 2/4] Minor updates for style consistency --- website/content/docs/secrets/nomad.mdx | 2 -- website/content/docs/secrets/rabbitmq.mdx | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/website/content/docs/secrets/nomad.mdx b/website/content/docs/secrets/nomad.mdx index 72e24873e72e..a3d76b23ab74 100644 --- a/website/content/docs/secrets/nomad.mdx +++ b/website/content/docs/secrets/nomad.mdx @@ -9,8 +9,6 @@ description: >- @include 'x509-sha1-deprecation.mdx' -Name: `Nomad` - Nomad is a simple, flexible scheduler and workload orchestrator. The Nomad secrets engine for Vault generates [Nomad](https://www.nomadproject.io/) ACL tokens dynamically based on pre-existing Nomad ACL policies. diff --git a/website/content/docs/secrets/rabbitmq.mdx b/website/content/docs/secrets/rabbitmq.mdx index 46b824504a84..5407119d4e3f 100644 --- a/website/content/docs/secrets/rabbitmq.mdx +++ b/website/content/docs/secrets/rabbitmq.mdx @@ -2,7 +2,7 @@ layout: docs page_title: RabbitMQ secrets engine description: >- - Generate user credentials to access RabbitMQ with the RabbitMQ secrets engine plugin. + Dynamically generate user credentials to access RabbitMQ with the RabbitMQ secrets engine plugin. --- # RabbitMQ secrets engine From a85c1a832e2f54c178a070d5cc3736f542dea6c1 Mon Sep 17 00:00:00 2001 From: Yoko Hyakuna Date: Fri, 6 Dec 2024 12:17:29 -0800 Subject: [PATCH 3/4] Revert back the change --- website/content/docs/secrets/kmip-profiles.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/secrets/kmip-profiles.mdx b/website/content/docs/secrets/kmip-profiles.mdx index 3f3f57f358f1..cbf2f1ca4ffb 100644 --- a/website/content/docs/secrets/kmip-profiles.mdx +++ b/website/content/docs/secrets/kmip-profiles.mdx @@ -1,6 +1,6 @@ --- layout: docs -page_title: KMIP profiles version 1.4 +page_title: KMIP - Profiles Support description: >- The KMIP profiles define the use of KMIP objects, attributes, operations, message elements and authentication methods within specific contexts of KMIP server and client interaction. From afc538a88a61641ee8e0fa90bf6d0c020097aaea Mon Sep 17 00:00:00 2001 From: Yoko Hyakuna Date: Fri, 6 Dec 2024 15:40:11 -0800 Subject: [PATCH 4/4] Update website/content/docs/secrets/aws.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --- website/content/docs/secrets/aws.mdx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/website/content/docs/secrets/aws.mdx b/website/content/docs/secrets/aws.mdx index 928dc3388080..23702c2d329a 100644 --- a/website/content/docs/secrets/aws.mdx +++ b/website/content/docs/secrets/aws.mdx @@ -2,7 +2,7 @@ layout: docs page_title: AWS secrets engine description: >- - Dynamically generate access keys dynamically based on IAM policies with the AWS secrets engine plugin. + Dynamically generate access keys based on IAM policies with the AWS secrets engine plugin. --- # AWS secrets engine