Docs/secrets sync ssrf private endpoints #28746
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…e guide The Secrets Sync feature in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. This adds documentation about the change and available options.
github-actions
bot
added
the
hashicorp-contributed-pr
|
|
|
Thank you for your submission! We require that all contributors sign our Contributor License Agreement ("CLA") before we can accept the contribution. Read and sign the agreement Learn more about why HashiCorp requires a CLA and what the CLA includes Have you signed the CLA already but the status is still pending? Recheck it. |
|
CI Results: |
|
Build Results: |
yhyakuna
reviewed
Nov 9, 2024
website/content/partials/known-issues/1_17_secrets-sync-ssrf-private-endpoints.mdx
Show resolved
Hide resolved
website/content/partials/known-issues/1_17_secrets-sync-ssrf-private-endpoints.mdx
Outdated
Show resolved
Hide resolved
yhyakuna
approved these changes
Dec 12, 2024
jonathanfrappier
approved these changes
Dec 13, 2024
6 tasks
yhyakuna
added a commit
that referenced
this pull request
Dec 13, 2024
* docs: add Secrets Sync SSRF protection breaking change to 1.17 upgrade guide The Secrets Sync feature in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. This adds documentation about the change and available options. * renamed issue * referenced secret sync ssrf known issue * re-ordered secret sync known issue in page * Hide copy-to-clipboard button on the output example codeblock --------- Co-authored-by: yhyakuna <[email protected]>
yhyakuna
added a commit
that referenced
this pull request
Dec 13, 2024
* docs: add Secrets Sync SSRF protection breaking change to 1.17 upgrade guide The Secrets Sync feature in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. This adds documentation about the change and available options. * renamed issue * referenced secret sync ssrf known issue * re-ordered secret sync known issue in page * Hide copy-to-clipboard button on the output example codeblock --------- Co-authored-by: yhyakuna <[email protected]>
This was referenced Dec 13, 2024
yhyakuna
added a commit
that referenced
this pull request
Dec 13, 2024
* Docs/secrets sync ssrf private endpoints (#28746) * docs: add Secrets Sync SSRF protection breaking change to 1.17 upgrade guide The Secrets Sync feature in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. This adds documentation about the change and available options. * renamed issue * referenced secret sync ssrf known issue * re-ordered secret sync known issue in page * Hide copy-to-clipboard button on the output example codeblock --------- Co-authored-by: yhyakuna <[email protected]> * Remove extra include --------- Co-authored-by: James <[email protected]>
yhyakuna
added a commit
that referenced
this pull request
Dec 13, 2024
* Docs/secrets sync ssrf private endpoints (#28746) * docs: add Secrets Sync SSRF protection breaking change to 1.17 upgrade guide The Secrets Sync feature in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. This adds documentation about the change and available options. * renamed issue * referenced secret sync ssrf known issue * re-ordered secret sync known issue in page * Hide copy-to-clipboard button on the output example codeblock --------- Co-authored-by: yhyakuna <[email protected]> * Fix build issue --------- Co-authored-by: James <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
🔍 Deploy preview
The Secrets Sync update in 1.17.3 introduced SSRF protection that blocks private IP ranges, affecting users accessing secret stores through private endpoints. Adding documentation about the change
Description
This PR adds documentation to the 1.17.x upgrade guide about a breaking change in Secrets Sync introduced in version 1.17.3. The documentation:
This change helps users understand why their Secrets Sync operations might fail after upgrading to 1.17.3 and what options are available to them.
TODO only if you're a HashiCorp employee
to N, N-1, and N-2, using the
backport/ent/x.x.x+entlabels. If this PR is in the CE repo, you should only backport to N, using thebackport/x.x.xlabel, not the enterprise labels.of a public function, even if that change is in a CE file, double check that
applying the patch for this PR to the ENT repo and running tests doesn't
break any tests. Sometimes ENT only tests rely on public functions in CE
files.
in the PR description, commit message, or branch name.
description. Also, make sure the changelog is in this PR, not in your ENT PR.