Try out the new and enhanced features introduced in Vault 1.10 with step-by-step tutorials on HashiCorp Learn.
HashiCorp Vault 1.10 was released on March 23rd, introducing some exciting new features and enhancements. Now you can visit the Vault 1.10 Release Highlights collection on HashiCorp Learn and start exploring what's new.
Vault 1.10 extended the sys/remount API endpoint to support moving secrets engines and auth methods from one mount location to another. If you are running Vault Enterprise with namespaces, you can move them from one namespace to another.
The new Move Secrets Engines and Auth Methods Across Namespaces tutorial demonstrates how easily you can move secrets engines and auth methods from one mount path to the new target path across namespaces.
Many large enterprises that use IBM Db2 databases are delegated to using local usernames and passwords for access into Db2 databases. Using Vault's OpenLDAP secrets engine, you can let Vault manage the credential lifecycle for Db2 environments.
The IBM Db2 Credential Management tutorial demonstrates how to use the OpenLDAP secrets engine to solve the Db2 credential management challenge.
The Vault usage metrics dashboard in Vault 1.10 enables you to select a billing period more easily than before.
In addition, you can view client count per auth mount. You can also view month over month changes to clients via the API.
See the updated Vault Usage Metrics tutorial to learn more about this enhanced experience.
Multi-factor authentication (MFA) is a mechanism for outsourcing secondary authentication for your website (or other product) to a third-party one-time key provider.
The Enable Login Multi Factor Authentication (MFA) tutorial demonstrates MFA with PingID.
Vault 1.10 introduced an updated token format to enable greater control over the consistency model, allowing performance standby nodes to decide whether to forward requests.
If you are storing encrypted data, you should periodically rotate the encryption key to make it difficult for a malicious user to make unauthorized attempts to decrypt the data.
Vault 1.10 introduced the capability to rotate your encryption key automatically. Check the updated Encryption as a Service: Transit Secrets Engine tutorial, which demonstrates the automatic key rotation feature.
The Vault AWS Lambda Extension tutorial was updated to demonstrate the caching configuration for the Vault Lambda extension local proxy server so that it does not forward every request to the Vault server.
Vault 1.9 introduced the ability to configure Vault as an OIDC identity provider as a Technical Preview. It is now generally available in 1.10. This lets users leverage pre-existing Vault identities for authN into their applications.
See the Vault as an OIDC Identity Provider tutorial for step-by-step instructions.
For other tutorials on all the features of Vault, including videos and in-browser hands-on lab environments using real cloud compute resources that we provide for you, visit HashiCorp Learn.
A recap of HashiCorp infrastructure and security news and developments on AWS from the past year, from self-service provisioning to fighting secrets sprawl and more.
If you’re attending AWS re:Invent in Las Vegas, Nov. 27 - Dec. 1, visit us for breakout sessions, expert talks, and product demos to learn how to accelerate your adoption of a cloud operating model.
10 new HashiCorp Vault ecosystem integrations extend security use cases for customers.