Vault Learning Resources: Vault 1.4 features
Vault 1.4 was announced on April 7th and many of us are itching to try and experiment with those new features! Come visit the Vault Learn site where we've created a Vault 1.4 Release Highlights section to list all guides that are specific to Vault 1.4 features.
» Vault Integrated Storage
A long wait is over! The general availability of the Integrated Storage was announced on April 7th, and it is now supported in production. Integrated Storage was first introduced in Vault 1.2 as a Technical Preview feature. Some of you might have already experimented with this new storage backend. A series of guides are now available to help you understand the usage of integrated storage.
-
Vault with Integrated Storage Reference Architecture is a guide explaining the recommended Vault deployment practices using integrated storage.
-
Vault HA Cluster with Integrated Storage is an introductory tutorial to walk you through the steps to create a Vault cluster on your local machine.
-
Vault HA Cluster with Integrated Storage on AWS is an introductory tutorial for AWS users.
-
Preflight Checklist - Migrating to Integrated Storage lists questions to ask yourself before you decide to migrate your current external storage backend to integrated storage.
-
Storage Migration Guide - Consul to Integrated Storage walks you through the steps to migrate the Vault data from Consul to integrated storage.
-
Inspecting Data in Integrated Storage is a guide showing how to inspect your Vault data in Integrated Storage setups so that you can familiarize yourself with the process.
» OpenLDAP Secrets Engine
The OpenLDAP Secrets Engine guide provides a step-by-step tutorial to manage your existing OpenLDAP entities.
Once you've learned the basics and want more examples, Docker OpenLDAP Secrets Engine with SSH Demonstration is available as well.
» Transform Secrets Engine
The Vault Enterprise 1.4 Advanced Data Protection module introduced the Transform Secrets Engine, which can encode and decode your secrets based on a user-defined format. The Transform Secrets Engine guide walks you through the basic workflow with an interactive tutorial.
Also, refer to the Transform Secrets Engine blog post which talks about the business challenges that Transform secrets engine solves.
» Disaster Recovery (DR) Operation Token Enhancement
When your Vault cluster becomes non-operational for any reason, the Disaster Recovery (DR) secondary cluster must be promoted to be the active primary in a timely manner to maintain business continuity. An improvement has been introduced in Vault Enterprise 1.4 making a batch DR operation token available. Read the DR operation token strategy section added to the Disaster Recovery Replication Setup guide for step-by-step instructions.
Sign up for the latest HashiCorp news
More blog posts like this one

Secure AI identity with HashiCorp Vault
HashiCorp Vault's dynamic credentials give AI applications traceable, short-lived identities with just-in-time access, replacing risky static credentials. Try our proof-of-concept LangChain application to see how this can work.

SCEP: A bridge from legacy PKI to modern certificate management
Vault Enterprise now supports SCEP, empowering secure certificate enrollment for legacy and device-constrained environments while helping teams plan their evolution to modern protocols like EST and ACME.

Build secure, AI-driven workflows with Terraform and Vault MCP servers
At AWS Summit New York, HashiCorp introduced new capabilities that bring Terraform, Vault, and Vault Radar into the age of AI agents — advancing secure, automated infrastructure through composable, agentic systems.