Vault 1.8.0 Released

Hi folks,

The Vault team is happy to announce the release of Vault 1.8!

Open-source binaries can be downloaded at [1]. Enterprise binaries are available to customers as well.

As a reminder, if you believe you have found a security issue in Vault, please responsibly disclose by emailing and do not use the public issue tracker. Our security policy and our PGP key can be found at [2].

The key fixes and improvements in this release are:

  • Apple M1 Support : Add a darwin/arm64 binary release supporting the Apple M1 CPU.
  • Autopilot on DR Secondaries (Enterprise) : In Vault GA, we have added support for Autopilot on DR Secondary clusters.
  • Control Groups (Enterprise) : We have added functionality to Vault Control Groups to trigger Control Group approval on a subset of operations, instead of all operations on a path where a Control Group is configured.
  • Diagnose : In Vault 1.8 we are introducing Vault Diagnose. This feature is intended to allow more user-friendly diagnostics in situations when Vault is not starting.
  • GCP Secrets : The GCP Secrets engine can now manage access tokens or keys for an existing service account.
  • Key Management Secrets Engine for AWS (Enterprise) : Key Management Secrets Engine support for AWS KMS, released as beta in Vault 1.7, is now Generally Available.
  • Database Secrets Engine : Support for customizable usernames has been added to several additional database secrets engines.
  • Licensing Updates (Enterprise) : License/EULA changes that ensure the presence of a valid HashiCorp license to start Vault. More information is available in the Vault License FAQ [8], and License Installation tutorial[9].
  • Secret Engine Descriptions (UI) : Vault’s UI now shows descriptions set on a secret engine on the secret engines list page.
  • OIDC Auth in Safari Fix (UI) : Vault’s UI now works as expected when attempting to log in via OIDC method in Safari browser.
  • MSSQL and MySQL Database Support (UI) : Vault UI Database Secret Engine now supports configuring MSSQL and MySQL type databases and associated roles.
  • Validation on KV Secret Engine (UI) : Vault’s UI now as client-side validation for KV secrets.

See the Changelog at [3] for the full list of improvements and bug fixes.

OSS [5] and Enterprise [6] Docker images will be available soon.


See [4] for general upgrade instructions.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any non-security issues, please report them on the Vault GitHub issue tracker or post to the Vault Discuss Forum at [7].

We hope you enjoy Vault 1.8!

Sincerely, The Vault Team

[2] Security at HashiCorp
[3] vault/ at main · hashicorp/vault · GitHub
[4] Upgrading Vault - Guides | Vault by HashiCorp
[5] Docker Hub
[6] Docker Hub
[7] Vault - HashiCorp Discuss
[9] Install a HashiCorp Enterprise License | Nomad - HashiCorp Learn