We are proud to announce the release of HashiCorp Vault 0.8.1, which includes a number of exciting new features, improvements, and bug fixes.
In addition to some bug fixes and minor enhancements, Vault 0.8.1 contains new functionality including the following new features:
- Google Cloud Platform IAM Authentication Backend: Vault now supports authentication using Google Cloud IAM identities.
This is a feature developed by Google’s Open Source team in collaboration with the HashiCorp Vault Team. See their blog post for more details.
- Oracle Database Secret Backend: Vault now supports dynamically generating credentials for Oracle databases via an external plugin. See the plugin's repository for more details.
- PingID Push Support for Path-Based MFA (Enterprise): PingID Push can now be used for MFA with the new path-based MFA introduced in Vault Enterprise 0.8.
- Permitted DNS Domains Support in PKI: The pki backend now supports specifying permitted DNS domains for CA certificates, allowing you to narrowly scope the set of domains for which a CA can issue or sign child certificates. This is supported for both root and intermediate CA certificates.
- Plugin Backend Reload Endpoint: Plugin backends can now be triggered to reload using the
sys/plugins/reload/backendendpoint and providing either the plugin name or the mounts to reload.
- Self-Reloading Plugins: The plugin system will now attempt to reload a crashed or stopped plugin, once per request
The release includes additional new features, general improvements, and bug fixes. The Vault 0.8.1 changelog provides a full list of changes. As always, please test in an isolated environment before upgrading and follow Vault's Upgrade Guide.
A big thanks to our amazing community for their ideas, bug reports, and pull requests.