The Vault team is happy to announce the release of Vault 1.5!
Open-source binaries can be downloaded at . Enterprise binaries are available to customers as well. Release notes are available at .
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing firstname.lastname@example.org and do not use the public issue tracker. Our security policy and our PGP key can be found at .
The key features and improvements in this release are:
- Monitoring : We have released a Splunk App  for Enterprise customers. The app is accompanied by an updated monitoring guide and a few new metrics to enable OSS users to effectively monitor Vault.
- Password Policies: Allows operators to customize how passwords are generated for select secret engines (OpenLDAP, Active Directory, Azure, and RabbitMQ).
- Replication UI Improvements : We have redesigned the replication UI to highlight the state and relationship between primaries and secondaries and improved management workflows, enabling a more holistic understanding of multiple Vault clusters.
- Resource Quotas : As of 1.5, Vault supports specifying a quota to rate limit requests on OSS and Enterprise. Enterprise customers also have access to set quotas on the number of leases that can be generated on a path.
- OpenShift Support : We have updated the Helm charts to allow users to install Vault onto their OpenShift clusters.
- Seal Migration : We have made updates to allow migrations from auto unseal to Shamir unseal on Enterprise.
- AWS Auth Web Identity Support : We’ve added support for AWS Web Identities, which will be used in the credentials chain if present.
- Vault Monitor : Similar to the monitor command for Consul and Nomad, we have added the ability for Vault to stream logs from other Vault servers at varying log levels.
- AWS Secrets Groups Support : IAM users generated by Vault may now be added to IAM Groups.
- Integrated Storage as HA Storage : In Vault 1.5, it is possible to use Integrated Storage as HA Storage with a different storage backend as regular storage.
- OIDC Auth Provider Extensions : We’ve added support to OIDC Auth to incorporate IdP-specific extensions. Currently this includes expanded Azure AD groups support.
- GCP Secrets : Support BigQuery dataset ACLs in absence of IAM endpoints.
See the Changelog at  for the full list of improvements and bug fixes.
OSS  and Enterprise  Docker images will be available soon.
See  for general upgrade instructions.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at .
We hope you enjoy Vault 1.5!
Sincerely, The Vault Team