The Vault team is happy to announce the release of Vault 1.4.1!
Open-source binaries can be downloaded at . Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing email@example.com and do not use the public issue tracker. Our security policy and our PGP key can be found at .
The key fixes and improvements in this release are enumerated below. We recommend that users of integrated storage upgrade to 1.4.1.
AWS Auth Method Fix : An issue was introduced in 1.3.2 and is described at . We have changed the default set of metadata fields to reduce the storage writes as identity metadata changes, and made the metadata configurable
GCP Auth Method Metadata : We have made the GCP authentication alias naming and metadata fields configurable
Azure Auth Method : Azure VMs may now login using user-assigned identities
MongoDB Secrets Engine : We fixed an issue with MongoDB connection handling that was generating context deadline errors
Batch Deletion of Identities : We have added a batch deletion API for identity entities
Num Entities Metric : We have added a telemetry metric to show the number of entities
Operation Token OTP : The UI can now provide a One Time Password during the Operation Token generation process
Integrated Storage Snapshot Fix : We discovered and addressed an issue with Integrated Storage snapshots, where a node could fail to install a snapshot but write metadata from the snapshot, causing the FSM to become out of sync.
See the Changelog at  for the full list of improvements and bug fixes.
OSS  and Enterprise  Docker images will be available soon.
See  for general upgrade instructions.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum.
We hope you enjoy Vault 1.4.1!
The Vault Team