[ANN] Vault 1.8.0-rc2 Released

Hi folks,

The Vault team has released the second release candidate of Vault 1.8!

Open-source binaries can be downloaded at [1]. Enterprise binaries are available to customers as well.

As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].

The key fixes and improvements in this release are:

  • Apple M1 Support: Add a darwin/arm64 binary release supporting the Apple M1 CPU
  • Control Groups (Enterprise): We have added functionality to Vault Control Groups to trigger Control Group approval on a subset of operations, instead of all operations on a path where a Control Group is configured.
  • Diagnose: In Vault 1.8 we are introducing Vault Diagnose. This feature is intended to allow more user-friendly diagnostics in situations when Vault is not starting.
  • GCP Secrets: The GCP Secrets engine can now manage access tokens or keys for an existing service account.
  • Key Management Secrets Engine for AWS (Enterprise): Key Management Secrets Engine support for AWS KMS, released as beta in Vault 1.7, is now Generally Available.
  • Database Secrets Engine: Support for customizable usernames has been added to several additional database secrets engines.
  • Licensing Updates (Enterprise): License/EULA changes that ensure the presence of a valid HashiCorp license to start Vault. More information is available in the Vault License FAQ [8], and License Installation tutorial[9]
  • Secret Engine Descriptions (UI): Vault’s UI now shows descriptions set on a secret engine on the secret engines list page.
  • OIDC Auth in Safari Fix (UI): Vault’s UI now works as expected when attempting to log in via OIDC method in Safari browser.
  • MSSQL and MySQL Database Support (UI): Vault UI Database Secret Engine now supports configuring MSSQL and MySQL type databases and associated roles.
  • Validation on KV Secret Engine (UI): Vault’s UI now as client-side validation for KV secrets.

See the Changelog at [3] for the full list of improvements and bug fixes.

OSS [5] and Enterprise [6] Docker images will be available soon.


See [4] for general upgrade instructions.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [7].

We hope you enjoy the Vault 1.8 release candidate!

Sincerely, The Vault Team

[1] Vault v1.8.0-rc2 Binaries | HashiCorp Releases
[2] Security at HashiCorp
[3] vault/CHANGELOG.md at master · hashicorp/vault · GitHub
[4] Upgrading Vault - Guides | Vault by HashiCorp
[5] Docker Hub
[6] Docker Hub
[7] Vault - HashiCorp Discuss
[8] https://vaultproject.io/docs/enterprise/license/faqs
[9] Install a HashiCorp Enterprise License | Nomad - HashiCorp Learn