The Vault team is happy to announce the release of Vault 1.8!
Open-source binaries can be downloaded at . Enterprise binaries are available to customers as well.
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing firstname.lastname@example.org and do not use the public issue tracker. Our security policy and our PGP key can be found at .
The key fixes and improvements in this release are:
- Apple M1 Support : Add a darwin/arm64 binary release supporting the Apple M1 CPU.
- Autopilot on DR Secondaries (Enterprise) : In Vault GA, we have added support for Autopilot on DR Secondary clusters.
- Control Groups (Enterprise) : We have added functionality to Vault Control Groups to trigger Control Group approval on a subset of operations, instead of all operations on a path where a Control Group is configured.
- Diagnose : In Vault 1.8 we are introducing Vault Diagnose. This feature is intended to allow more user-friendly diagnostics in situations when Vault is not starting.
- GCP Secrets : The GCP Secrets engine can now manage access tokens or keys for an existing service account.
- Key Management Secrets Engine for AWS (Enterprise) : Key Management Secrets Engine support for AWS KMS, released as beta in Vault 1.7, is now Generally Available.
- Database Secrets Engine : Support for customizable usernames has been added to several additional database secrets engines.
- Licensing Updates (Enterprise) : License/EULA changes that ensure the presence of a valid HashiCorp license to start Vault. More information is available in the Vault License FAQ , and License Installation tutorial.
- Secret Engine Descriptions (UI) : Vault’s UI now shows descriptions set on a secret engine on the secret engines list page.
- OIDC Auth in Safari Fix (UI) : Vault’s UI now works as expected when attempting to log in via OIDC method in Safari browser.
- MSSQL and MySQL Database Support (UI) : Vault UI Database Secret Engine now supports configuring MSSQL and MySQL type databases and associated roles.
- Validation on KV Secret Engine (UI) : Vault’s UI now as client-side validation for KV secrets.
See the Changelog at  for the full list of improvements and bug fixes.
OSS  and Enterprise  Docker images will be available soon.
See  for general upgrade instructions.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at .
We hope you enjoy Vault 1.8!
Sincerely, The Vault Team
 Security at HashiCorp
 vault/CHANGELOG.md at main · hashicorp/vault · GitHub
 Upgrading Vault - Guides | Vault by HashiCorp
 Docker Hub
 Docker Hub
 Vault - HashiCorp Discuss
 Install a HashiCorp Enterprise License | Nomad - HashiCorp Learn