Hi folks,
The Vault team is announcing the GA release of Vault 1.11.0!
Open-source and Enterprise binaries can be downloaded at [1].
As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing security@hashicorp.com and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].
The major features and improvements in 1.11.0 are:
- Autopilot Improvements (Enterprise): Autopilot on Vault Enterprise now supports automated upgrades and redundancy zones when using integrated storage.
- Kubernetes Secrets Engine: Add support for generating dynamic Kubernetes service account tokens.
- Consul Secrets Engine: Node and Service identities are now supported.
- Snowflake DB Secrets Engine: Keypair based authentication is now supported.
- GCP Auth Engine: Support for non-public GCP endpoints has been added.
- Non-Disruptive Intermediate/Root Certificate Rotation: Allow import, generation and configuration of any number of keys and/or issuers within a PKI mount, providing operators the ability to rotate certificates in place without affecting existing client configurations.
- Key import for Transit: Allow import of private key material to be used in Transit secrets engine.
- KMIP Improvements: Implement operations Query, Import, Encrypt and Decrypt. Improve operations Locate, Add Attribute, Get Attributes and Get Attribute List to handle most supported attributes.
- ADP Tokenization: Add support for convergent tokenization as well as token lookup for some configurations of tokenization transforms.
See the Changelog at [3] for the full list of improvements and bug fixes.
See the Feature Deprecation Notice and Plans page [7] for our upcoming feature deprecation plans.
OSS [5] and Enterprise [6] Docker images will be available soon.
Upgrading
See [4] for general upgrade instructions, and [9] for upgrade instructions and known issues for 1.11.
As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [8].
We hope you enjoy Vault 1.11.0!
Sincerely, The Vault Team
[1] Vault Versions | HashiCorp Releases
[2] Security at HashiCorp
[3] vault/CHANGELOG.md at main · hashicorp/vault · GitHub
[4] Upgrading Vault - Guides | Vault by HashiCorp
[5] Docker Hub
[6] Docker Hub
[7] Feature Deprecation Notice | Vault by HashiCorp
[8] Vault - HashiCorp Discuss
[9] https://www.vaultproject.io/docs/upgrading/upgrade-to-1.11.x