Vault 1.15.0 release notes
GA date: 2023-09-27
Release notes provide an at-a-glance summary of key updates to new versions of Vault. For a comprehensive list of product updates, improvements, and bug fixes refer to the changelog included with the Vault code on GitHub.
We encourage you to upgrade to the latest release of Vault to take advantage of continuing improvements, critical fixes, and new features.
Known issues and breaking changes
Version | Issue |
---|---|
1.15.0+ | Vault no longer reports rollback metrics by mountpoint |
1.15.0 | Panic in AWS auth method during IAM-based login |
1.15 | Vault file audit devices do not honor SIGHUP signal to reload |
Vault companion updates
Companion updates are Vault updates that live outside the main Vault binary.
Release | Update | Description |
---|---|---|
Vault Secrets Operator | GA | Run the Vault Secrets Operator (v0.3.0) on Red Hat OpenShift. Learn more: Vault Secrets Operator |
Core updates
Follow the learn more links for more information, or browse the list of Vault tutorials updated to highlight changes for the most recent GA release.
Release | Update | Description |
---|---|---|
Vault Agent | ENHANCED | Updated to use the latest Azure SDK version and Workload Identity Federation (WIF). Learn more:Â What is Vault Agent? |
GA | Fetch secrets directly into your application as environment variables. Learn more: Process Supervisor Mode | |
External plugins | BETA | Run external plugins in their own container with native container platform controls. Learn more: Containerize Vault plugins |
Eventing | BETA | Subscribe to notifications for various events in Vault. Includes support for filtering, permissions, and cluster configurations with K-V secrets. Learn more: Events |
Vault GUI | GA | New LDAP secrets engine GUI. Learn more: Vault UI guide |
ENHANCED | • New landing page dashboard. • View secrets you have read access to under your directory. • View diffs between previous and new secret versions. • Copy and paste secret paths from the GUI to the Vault CLI or API. Learn more: Vault UI guide | |
Secrets management | GA | Connect to Google Cloud Platform (GCP) Cloud SQL instances using native IAM credentials. Learn more:Â Google Cloud Platform Secret Manager |
ENHANCED | Improved TTL management for database credentials with configurable credential rotation. Learn more: Secrets engines |
Enterprise updates
Release | Update | Description |
---|---|---|
Secrets syncing | BETA | Sync Key/Value (KV) v2 data between Vault and secrets managers from AWS, Azure, Google Cloud Platform (GCP), GitHub, and Vercel. Learn more: Secrets Sync |
Public Key Infrastructure (PKI) | GA | Control Vault PKI issued certificates with the Certificate Issuance External Policy Service (CIEPS) to ensure consistency and compliance to enterprise standards. Learn more: Certificate Issuance External Policy Service (CIEPS) |
Replication | ENHANCED | Holistic improvements to cluster replication including problem detection and remediation. Learn more: Vault Enterprise replication |
Seal High Availability | BETA | Enables Vault administrators to configure multiple KMS for seal keys to ensure Vault availability in the event a single KMS becomes unavailable. Learn more: Seal wrap |
Authentication | GA | Authenticate to Vault with your SAML identity provider. Learn more: SAML auth method |
Feature deprecations and EOL
Deprecated in 1.15 | Retired in 1.15 |
---|---|
None | None |
Please refer to the Deprecation Plans and Notice page for up-to-date information on feature deprecations and plans or the Feature Deprecation FAQ for general questions about our deprecation process.