HashiCorp Vault 0.8.1

We are proud to announce the release of HashiCorp Vault 0.8.1, which includes a number of exciting new features, improvements, and bug fixes.

Download Now

In addition to some bug fixes and minor enhancements, Vault 0.8.1 contains new functionality including the following new features:

  • Google Cloud Platform IAM Authentication Backend: Vault now supports authentication using Google Cloud IAM identities.

    This is a feature developed by Google’s Open Source team in collaboration with the HashiCorp Vault Team. See their blog post for more details.

  • Oracle Database Secret Backend: Vault now supports dynamically generating credentials for Oracle databases via an external plugin. See the plugin's repository for more details.

  • PingID Push Support for Path-Based MFA (Enterprise): PingID Push can now be used for MFA with the new path-based MFA introduced in Vault Enterprise 0.8.

  • Permitted DNS Domains Support in PKI: The pki backend now supports specifying permitted DNS domains for CA certificates, allowing you to narrowly scope the set of domains for which a CA can issue or sign child certificates. This is supported for both root and intermediate CA certificates.

  • Plugin Backend Reload Endpoint: Plugin backends can now be triggered to reload using the sys/plugins/reload/backend endpoint and providing either the plugin name or the mounts to reload.

  • Self-Reloading Plugins: The plugin system will now attempt to reload a crashed or stopped plugin, once per request

The release includes additional new features, general improvements, and bug fixes. The Vault 0.8.1 changelog provides a full list of changes. As always, please test in an isolated environment before upgrading and follow Vault's Upgrade Guide.

A big thanks to our amazing community for their ideas, bug reports, and pull requests.

Sign up for the latest HashiCorp news

By submitting this form, you acknowledge and agree that HashiCorp will process your personal information in accordance with the Privacy Policy.