[VAULT-40236] IBM PAO licensing integration docs#2041
Merged
Conversation
Contributor
Vercel Previews Deployed
|
Contributor
Broken Link CheckerThis PR contains broken links, but won't be blocked. Use this report to improve content quality: Quick Actions
Need Help?
Internal LinksExternal Links |
blueberry-pi
commented
Mar 20, 2026
|
|
||
| @include 'alerts/enterprise-only.mdx' | ||
|
|
||
| The `license get` command reports on the license in use. With the `-signed` |
Contributor
Author
There was a problem hiding this comment.
The -signed flag got removed a long time ago, there's also a ticket to remove mention of it in the docs for previous versions: https://hashicorp.atlassian.net/browse/VAULT-42206
blueberry-pi
commented
Mar 20, 2026
Contributor
Author
There was a problem hiding this comment.
Most of these changes are taken from #1915 which is already merged but those changes weren't propagated to the 2.x branch. The new changes are in the IBM PAO license keys section
schavis
requested changes
Mar 20, 2026
Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
gsantos-hc
requested changes
Mar 23, 2026
Contributor
gsantos-hc
left a comment
gsantos-hc
left a comment
There was a problem hiding this comment.
General comment:
- Would prefer that we refer to "license key" instead of "license" (which is a legal concept). Can use "key" for short when there's already a nearby reference to "license key".
akshya96
reviewed
Mar 23, 2026
akshya96
reviewed
Mar 23, 2026
Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com> Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
akshya96
reviewed
Mar 24, 2026
akshya96
reviewed
Mar 24, 2026
Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com>
gsantos-hc
requested changes
Mar 26, 2026
Contributor
gsantos-hc
left a comment
gsantos-hc
left a comment
There was a problem hiding this comment.
Couple more minor fixes requested, but otherwise LGTM! Thanks for the excellent work.
| If the configured parameters match multiple entitlements in the license, Vault | ||
| uses the entitlement with the termination date farthest in the future. | ||
|
|
||
| <CodeBlock> |
Contributor
There was a problem hiding this comment.
Replace with "```hcl" for proper rendering (and do the same with the closing tag).
Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com>
schavis
approved these changes
Mar 26, 2026
schavis
added a commit
that referenced
this pull request
Apr 3, 2026
* Add temporary version folder * Add spiffe secrets engine docs (#1218) * Add spiffe secrets engine docs * Apply suggestions from code review Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com> * Renames * Update content/vault/v1.21.x/content/api-docs/secret/spiffe.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Add spiffe secrets engine docs * Apply suggestions from code review Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com> * Renames * Update content/vault/v1.21.x/content/api-docs/secret/spiffe.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Move to 2.0 folder * Remove old versions of spiffe docs * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @ncabatoff Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> * Apply suggestions from code review Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> --------- Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Change folder name * refresh 2.x docs * add "(rc)" tag to 2.x folder * Reset important changes and release notes doc * Manually apply GA updates * Manully update last run record with UTC date+time * Update Azure secrets docs: (#1730) * Update Azure secrets docs: * update ttl * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/azure.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Add docs for kmip listeners/cas. * Also fix a couple of errors in the docs * Add docs for fetch_groups azuread * Add distributed_claim_access_token field; fix nits * use correct api * Add metadata dates to unpublished api docs (#1861) * Add metadata dates to unplublished docs (#1860) * move to jwt doc * remove from oidc azure doc * add graph api link and specify application * Use consistent terms * added secret-sync wif usage metrics doc (#1870) * Introducing WIF in Secret Sync for Azure Destination (#1816) * update documentation for introducing WIF for Secret Sync for Azure Destination * replace plugin references with secret sync references and add secret sync identity token issuer references to the instructions. * docs: revise headers to avoid possessive phrasing based on style feedback Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: reword key retrieval description to avoid pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update service principal description to use meaningful anchor text and remove pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite client_secret description in active voice and clarify fallback authentication behavior Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite identity_token_key description in active voice and remove pronoun usage Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: rewrite managed identity description in active voice for clarity Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify subject identifier requirement by combining statements for conciseness Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: revise WIF description to use active voice and clearer link text Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify WIF explanation for readability while preserving original meaning Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: fix broken markdown link in azurekv.mdx * docs: updating secrets sync docs for GCP WIF support --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Murali <murali.parthasarathy@hashicorp.com> Co-authored-by: Yoko Hyakuna <yoko.hyakuna1@ibm.com> * ga to rc sync - 20260213-1714 (#1930) * Manual GA to RC sync - 202602-1909 (#1931) * VAULT-42745: KMSE usage metrics documentation (#1906) * Introducing WIF in Secret Sync for GCP Destination (#1881) * update documentation for introducing WIF for Secret Sync for Azure Destination * replace plugin references with secret sync references and add secret sync identity token issuer references to the instructions. * docs: revise headers to avoid possessive phrasing based on style feedback Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: reword key retrieval description to avoid pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update service principal description to use meaningful anchor text and remove pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite client_secret description in active voice and clarify fallback authentication behavior Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite identity_token_key description in active voice and remove pronoun usage Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: rewrite managed identity description in active voice for clarity Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify subject identifier requirement by combining statements for conciseness Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: revise WIF description to use active voice and clearer link text Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify WIF explanation for readability while preserving original meaning Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: fix broken markdown link in azurekv.mdx * docs: updating secrets sync docs for GCP WIF support * docs: updating secrets sync docs for GCP WIF support --------- Co-authored-by: Arjun K S <Arjun.KS@ibm.com> Co-authored-by: Arjun K S <arjun.ks@hashicorp.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Document the new DRBG option to random number generation APIs (#1782) * Document the new DRBG parameter to sys/tools/random and transit's random * Update content/vault/v2.x (rc)/content/api-docs/secret/transit.mdx Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/transit.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/system/tools.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * more detail around algo and auto --------- Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Introducing WIF in Secret Sync for AWS Destination (#1876) * update documentation for introducing WIF for Secret Sync for Azure Destination * replace plugin references with secret sync references and add secret sync identity token issuer references to the instructions. * docs: revise headers to avoid possessive phrasing based on style feedback Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: reword key retrieval description to avoid pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update service principal description to use meaningful anchor text and remove pronoun 'this' Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite client_secret description in active voice and clarify fallback authentication behavior Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: rewrite identity_token_key description in active voice and remove pronoun usage Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update curl example to use VAULT_ADDR for endpoint * docs: rewrite managed identity description in active voice for clarity Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify subject identifier requirement by combining statements for conciseness Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: revise WIF description to use active voice and clearer link text Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: clarify WIF explanation for readability while preserving original meaning Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: fix broken markdown link in azurekv.mdx * update documentation for introducing WIF for Secret Sync for AWS Destination * update documentation for introducing WIF for Secret Sync for AWS Destination * docs: updating secrets sync docs for GCP WIF support * update documentation for introducing WIF for Secret Sync for AWS Destination * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Arjun K S <Arjun.KS@ibm.com> Co-authored-by: Arjun K S <arjun.ks@hashicorp.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Murali <murali.parthasarathy@hashicorp.com> * Fix the documentation for POST /sys/managed-keys/:type/:name. (#1948) Change key usage values from `random` to `generate_random`. Update the sample output of GET /sys/managed-keys/:type/:name to include key usages. * Deprecation docs for pki role `allow_token_displayname` parameter (#1965) * add dep partial * fewer words * add partial to deprecations list * Revise deprecation dates Updated the support timeline for the allow_token_displayname parameter. * Vault: PKI External ca docs (#1901) * Add initial PKI external ca docs * additional updates * Update allowed_domains_options to allowed_domain_options * Tweaks to docs page * Remove workflow section * Fix table * Fix table attempt 2 * Allow table content to wrap * PR feedback * Missed PR feedback * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/api-docs/secret/pki-external-ca.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * PR feedback * Minor tweaks * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * PR feedback split individual steps into different session blocks * Attempt to address page breakage * Tweaks to csr workflow section blocks * Attempt to fix by indenting tab contents * Another attempt at the tab fix * Try 4 space instead of 2 * add line breaks between <li> elements and code blocks * Add header --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: claire bontempo <cbontempo@hashicorp.com> * Add new PKI External CA metrics and SPIFFE mount count metrics (#1992) * Vault UI Visual Policy Editor docs (#1917) * first pass at policy docs * add to nav * clarify steps * address feedback * reorganize sections to clearly define differ features * Update title Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * update title Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Document acme_account_name cannot be changed on a role (#1998) * Document acme_account_name cannot be changed on a role * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * vault: The missed events bug will be fixed in the next release (#2015) For 1.19, 1.20, and 1.21, and will not be present in 2.0 * add aws kms multi-region docs (#1982) * add aws kms multi-region docs * Apply suggestion from @schavis Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * PR comments * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @schavis * Apply suggestion from @schavis --------- Co-authored-by: Vivek Pandey <vivekpandey@Viveks-MacBook-Pro.local> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Document context parameter to datakeys and derivedkeys endpoints (#1976) * Specify url base64 encoding for EAB key within External CA (#2050) * vault: events now forwarded to secondary clusters for 1.21 and 2.0 (#2046) * vault: events now forwarded to secondary clusters for 1.21 and 2.0 * Apply suggestions from code review Applying punctuation change Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Sync GA changes to RC docs (#2075) * Add docs for alias_metadata (#2081) * Prep release notes summary * Prep important changes * [VAULT-40236] IBM PAO licensing integration docs (#2041) * docs * fixes * separate edition and add_ons fields * add more details * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestions from code review Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com> Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> * use PAO full name, remove billing start date caveat * Apply suggestion from @akshya96 Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> * remove mention of billing start date * Apply suggestions from code review Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com> * address comments --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com> Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> * Add change tracker summary table * Finalize release notes format * Fix version change (missed during RC sync) * Document new Transit Envelope Encryption (#1809) * Document new Transit Envelope Encryption commands * examples in the parent * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Steven Clark <steven.clark@hashicorp.com> * Document new Transit Envelope Encryption commands * examples in the parent * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Steven Clark <steven.clark@hashicorp.com> * separate into individual command files * Envelope encryption concept docs * nav data * Fix CLI links * fix acls * Fix nav link * fix command options * more nav * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * nav for subcommands * Update content/vault/v2.x (rc)/data/docs-nav-data.json Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/envelope_decrypt.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Rework the env encryption paragraph * try fixing enterprise only alert * Add the enterprise note to the specific commands, and remove the unreachable summary page * respond to more feedback * Update content/vault/v2.x (rc)/content/docs/commands/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/commands/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * more feedback * Update content/vault/v2.x (rc)/content/docs/secrets/transit/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/secrets/transit/envelope-encryption.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @schavis --------- Co-authored-by: Steven Clark <steven.clark@hashicorp.com> Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * add rotation policies concepts to 2.x (#2090) * add rotation policies concepts to 2.x * refactor orphaning section and add details on backoff mechanism * add rotation policy api docs * add api docs for policies and orphans * Apply suggestion from @schavis Applying suggestion to (hopefully) fix the current build error * respond to feedback --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * backport hardening updates to vault v2 docs (#2100) * GA sync 2026-03-20 (#2045) * added documentation for vault agent pki support (#2105) Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Add metrics redirect for GUI (#2122) * LDAP Secrets self-managed roles and static roles on rotation manager documentation (#2057) * Start API docs * Apply suggestion from @schavis * Apply suggestions from code review Apply pending feedback Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * [VAULT] Remove GUI snapshots and make basic instruction updates (#2120) * Remove gui snapshots and make basic instruction updates * Remove stray include statement * VAULT-40172 add docs for SCIM support (#2089) * add docs for SCIM support * add usage metrics * some improvements * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @bosouza Co-authored-by: Bruno Oliveira de Souza <bruno.souza@hashicorp.com> --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Add bug fix for entity alias integrity from customer engineering (#2135) Added a bug fix for repairing duplicate and dangling entity aliases. * Vault: update 2.0 preview release notes (#2137) * Vault: update 2.0 preview release notes * Update content/vault/v2.x (rc)/content/docs/updates/important-changes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * docs: update Vault 2.0 release notes * Apply suggestions from code review Remove text from unresolved conflict Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @schavis Missed the "HEAD" tag * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Not sure how I missed this line in resolving the conflict * Apply suggestion from @schavis Resolve embedded conflict text * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/important-changes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v2.x (rc)/content/docs/updates/release-notes.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Apply suggestion from @schavis * Apply suggestion from @schavis --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Adds new ldap fixed API changes and ldap general docs updates (#2133) * Adds new API fixes and general static-migration docs * Add rotation policies and orphans to navbar * Update rotation-policies.mdx * Update index.mdx * Apply suggestions from code review Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Remove linebreak tags * Update content/vault/v2.x (rc)/content/api-docs/secret/ldap.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Remove duplicate rotation_period, add rotation_policy, add enterprise on stop migration * Move rotation-policies to vautl-enterprise section instead of key concepts * Move rotation policies in the navbar * Fix rotation policies referencess * Update plugin table and move upgrade notice into a note * Change note to warning --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update 2xx.mdx Remove known issues placeholder * Vault: update upgrade and snapshot documentation (#2129) * Vault: update upgrade and snapshot documentation - Update upgrade index and rollback pages to prefer systemctl for stopping Vault process for v1.19.x, v1.20.x, v1.21x, and v2.x(rc). - Update manage snapshots documentation and add links to snapshot CLI and API documentation to augment existing link for 1.20x, 1.21x, and v2.x(rc). - Update upgrade index and restore pages to add clear and actionable steps to properly isolate the Vault server under snapshot restoration or upgrade testing for 1.20x, 1.21x, and v2.x(rc). - Update upgrade index page to add clear and actionable steps to properly test the upgrade for 1.20x, 1.21x, and v2.x(rc). - Update tip partial for Backup and restore data for 1.20x, 1.21x, and v2.x(rc). * Update content/vault/v1.19.x/content/docs/upgrade/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v1.19.x/content/docs/upgrade/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v1.19.x/content/docs/upgrade/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v1.19.x/content/docs/upgrade/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update content/vault/v1.19.x/content/docs/upgrade/index.mdx Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * roll updates from v1.19 to other versions * Apply edits across all versions and update page format for how-to guides * Add missing partial --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> * Update note to reflect older version of Vault * I don't know how the robot file got deleted * Reset last run time to avoid needed devdot review * Fix duplication in important changes * elevate summary to h2 --------- Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com> Co-authored-by: Nick Cabatoff <ncabatoff@hashicorp.com> Co-authored-by: Victor Rodriguez <vrizo@hashicorp.com> Co-authored-by: Zlaticanin <60530402+Zlaticanin@users.noreply.github.com> Co-authored-by: Abhinav Krishna C K <abhinav.krishnack@hashicorp.com> Co-authored-by: Abhinav Krishna C K <abbyck@users.noreply.github.com> Co-authored-by: Ken Keller <104874953+mister-ken@users.noreply.github.com> Co-authored-by: Brian Shumate <brianshumate@users.noreply.github.com> Co-authored-by: suraj-simha <suraj.s@hashicorp.com> Co-authored-by: Arjun K S <arjun.ks@hashicorp.com> Co-authored-by: Murali <murali.parthasarathy@hashicorp.com> Co-authored-by: Yoko Hyakuna <yoko.hyakuna1@ibm.com> Co-authored-by: ankitsutharhashicorp <ankitkumar.suthar@hashicorp.com> Co-authored-by: Murali <137029787+murali-partha@users.noreply.github.com> Co-authored-by: Arjun K S <Arjun.KS@ibm.com> Co-authored-by: Scott Miller <sgmiller@gmail.com> Co-authored-by: Rohit Agrawal <rohit.agrawal@hashicorp.com> Co-authored-by: claire bontempo <68122737+hellobontempo@users.noreply.github.com> Co-authored-by: Steven Clark <steven.clark@hashicorp.com> Co-authored-by: claire bontempo <cbontempo@hashicorp.com> Co-authored-by: Theron Voran <tvoran@users.noreply.github.com> Co-authored-by: Vivek Pandey <vivek.pandey@hashicorp.com> Co-authored-by: Vivek Pandey <vivekpandey@Viveks-MacBook-Pro.local> Co-authored-by: Jenny Deng <jenny.deng@hashicorp.com> Co-authored-by: Guilherme Santos <157053549+gsantos-hc@users.noreply.github.com> Co-authored-by: akshya96 <87045294+akshya96@users.noreply.github.com> Co-authored-by: vinay-gopalan <86625824+vinay-gopalan@users.noreply.github.com> Co-authored-by: mickael-hc <86245626+mickael-hc@users.noreply.github.com> Co-authored-by: Jaired Jawed <jaired.jawed@hashicorp.com> Co-authored-by: Robert <17119716+robmonte@users.noreply.github.com> Co-authored-by: Bruno Oliveira de Souza <bruno.souza@hashicorp.com> Co-authored-by: Angel Garbarino <Monkeychip@users.noreply.github.com> Co-authored-by: Kartik Lunkad <kartiklunkad@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes for the new IBM PAO licensing integration we're introducing in 2.0.0. This allows Vault Enterprise to start up using an IBM PAO license key. Notable changes:
license_entitlementstanza in the HCL config that's required when using an IBM licensebilling_start_timestampwill always be the IBM license entitlement start date, ignoring any other configurationvault license inspectCLI command adds new fieldsvault license getCLI command adds new fields/sys/license/statusAPI adds new fieldsPlease go to the
Previewtab and select the appropriate template:Terraform