We are proud to announce the release of HashiCorp Vault 0.7.1, which includes a number of exciting new features, improvements, and bug fixes.
In addition to a number of bug fixes and minor enhancements,Vault 0.7.1 includes:
AWS IAM Authentication - You can now authenticate to Vault using IAM principals. This extends the existing EC2 functionality to allow automatic Vault credential provisioning for users, ECS containers, Lambda instances, and more. This functionality lives with the EC2 functionality in a combined
TOTP Secret Backend - Vault can now generate or ingress TOTP keys, allowing Vault to both provide and validate 2FA codes. Generated keys can optionally never be exposed outside of Vault.
Database Backend with Secure Plugins (Beta) - The database backend combines the functionality of (currently) the Cassandra, MSSQL, MySQL, and PostgreSQL backends into a much more scalable and flexible system. A single mount can allow as many database connections as desired, with roles able to switch between them if needed. The database functionality is written as secure plugins, allowing for new databases to be supported that previously could not (due to licensing or technical requirements) and easier user development of custom database types.
The release includes additional new features, general improvements, and bug fixes. The Vault 0.7.1 changelog provides a full list of changes. As always, please test in an isolated environment before upgrading and follow Vault's Upgrade Guide.
A big thanks to our always-amazing community for their ideas, bug reports, and pull requests.