Vault 1.11.0 released!

Hi folks,

The Vault team is announcing the GA release of Vault 1.11.0!

Open-source and Enterprise binaries can be downloaded at [1].

As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].

The major features and improvements in 1.11.0 are:

  • Autopilot Improvements (Enterprise): Autopilot on Vault Enterprise now supports automated upgrades and redundancy zones when using integrated storage.
  • Kubernetes Secrets Engine: Add support for generating dynamic Kubernetes service account tokens.
  • Consul Secrets Engine: Node and Service identities are now supported.
  • Snowflake DB Secrets Engine: Keypair based authentication is now supported.
  • GCP Auth Engine: Support for non-public GCP endpoints has been added.
  • Non-Disruptive Intermediate/Root Certificate Rotation: Allow import, generation and configuration of any number of keys and/or issuers within a PKI mount, providing operators the ability to rotate certificates in place without affecting existing client configurations.
  • Key import for Transit: Allow import of private key material to be used in Transit secrets engine.
  • KMIP Improvements: Implement operations Query, Import, Encrypt and Decrypt. Improve operations Locate, Add Attribute, Get Attributes and Get Attribute List to handle most supported attributes.
  • ADP Tokenization: Add support for convergent tokenization as well as token lookup for some configurations of tokenization transforms.

See the Changelog at [3] for the full list of improvements and bug fixes.

See the Feature Deprecation Notice and Plans page [7] for our upcoming feature deprecation plans.

OSS [5] and Enterprise [6] Docker images will be available soon.


See [4] for general upgrade instructions, and [9] for upgrade instructions and known issues for 1.11.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [8].

We hope you enjoy Vault 1.11.0!

Sincerely, The Vault Team

[1] Vault Versions | HashiCorp Releases
[2] Security at HashiCorp
[3] vault/ at main · hashicorp/vault · GitHub
[4] Upgrading Vault - Guides | Vault by HashiCorp
[5] Docker Hub
[6] Docker Hub
[7] Feature Deprecation Notice | Vault by HashiCorp
[8] Vault - HashiCorp Discuss