Vault Learning Resources: Vault 1.4 features

Vault 1.4 was announced on April 7th and many of us are itching to try and experiment with those new features! Come visit the Vault Learn site where we've created a Vault 1.4 Release Highlights section to list all guides that are specific to Vault 1.4 features.

»Vault Integrated Storage

A long wait is over! The general availability of the Integrated Storage was announced on April 7th, and it is now supported in production. Integrated Storage was first introduced in Vault 1.2 as a Technical Preview feature. Some of you might have already experimented with this new storage backend. A series of guides are now available to help you understand the usage of integrated storage.

• Vault with Integrated Storage Reference Architecture is a guide explaining the recommended Vault deployment practices using integrated storage.

• Vault HA Cluster with Integrated Storage is an introductory tutorial to walk you through the steps to create a Vault cluster on your local machine.

• Vault HA Cluster with Integrated Storage on AWS is an introductory tutorial for AWS users.

• Preflight Checklist - Migrating to Integrated Storage lists questions to ask yourself before you decide to migrate your current external storage backend to integrated storage.

• Storage Migration Guide - Consul to Integrated Storage walks you through the steps to migrate the Vault data from Consul to integrated storage.

• Inspecting Data in Integrated Storage is a guide showing how to inspect your Vault data in Integrated Storage setups so that you can familiarize yourself with the process.

»OpenLDAP Secrets Engine

The OpenLDAP Secrets Engine guide provides a step-by-step tutorial to manage your existing OpenLDAP entities.

Once you've learned the basics and want more examples, Docker OpenLDAP Secrets Engine with SSH Demonstration is available as well.

»Transform Secrets Engine

The Vault Enterprise 1.4 Advanced Data Protection module introduced the Transform Secrets Engine, which can encode and decode your secrets based on a user-defined format. The Transform Secrets Engine guide walks you through the basic workflow with an interactive tutorial.

Also, refer to the Transform Secrets Engine blog post which talks about the business challenges that Transform secrets engine solves.

»Disaster Recovery (DR) Operation Token Enhancement

When your Vault cluster becomes non-operational for any reason, the Disaster Recovery (DR) secondary cluster must be promoted to be the active primary in a timely manner to maintain business continuity. An improvement has been introduced in Vault Enterprise 1.4 making a batch DR operation token available. Read the DR operation token strategy section added to the Disaster Recovery Replication Setup guide for step-by-step instructions.