HashiCorp Vault 0.8.1

We are proud to announce the release of HashiCorp Vault 0.8.1, which includes a number of exciting new features, improvements, and bug fixes.

Download Now

In addition to some bug fixes and minor enhancements, Vault 0.8.1 contains new functionality including the following new features:

• Google Cloud Platform IAM Authentication Backend: Vault now supports authentication using Google Cloud IAM identities.

  This is a feature developed by Google’s Open Source team in collaboration with the HashiCorp Vault Team. See their blog post for more details.

• Oracle Database Secret Backend: Vault now supports dynamically generating credentials for Oracle databases via an external plugin. See the plugin's repository for more details.

• PingID Push Support for Path-Based MFA (Enterprise): PingID Push can now be used for MFA with the new path-based MFA introduced in Vault Enterprise 0.8.

• Permitted DNS Domains Support in PKI: The pki backend now supports specifying permitted DNS domains for CA certificates, allowing you to narrowly scope the set of domains for which a CA can issue or sign child certificates. This is supported for both root and intermediate CA certificates.

• Plugin Backend Reload Endpoint: Plugin backends can now be triggered to reload using the sys/plugins/reload/backend endpoint and providing either the plugin name or the mounts to reload.

• Self-Reloading Plugins: The plugin system will now attempt to reload a crashed or stopped plugin, once per request

The release includes additional new features, general improvements, and bug fixes. The Vault 0.8.1 changelog provides a full list of changes. As always, please test in an isolated environment before upgrading and follow Vault's Upgrade Guide.

A big thanks to our amazing community for their ideas, bug reports, and pull requests.