mirrors/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-05-05 20:36:26 +02:00
Code Issues Projects Releases Wiki Activity

Update STS known issue into important-changes and release-notes (#30766)

Browse Source
This commit is contained in:
kpcraig 2025-05-30 16:11:35 -04:00 committed by GitHub
parent c8966dfd05
commit f7c7633cc2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
website/content/docs/updates/important-changes.mdx
View File

@ -352,3 +352,29 @@ similar to the following folder structure for
Alternatively, upgrade to one of the following Vault versions: 1.16.21+, 1.17.17+,
1.18.10+, 1.19.4+. See [Register external plugins](/vault/docs/plugins/register)
for more details.
## AWS STS configuration can fail if STS endpoints are unspecified ((#aws-fallback-sts))
| Change | Affected version | Affected deployments
| ------ | ---------------- | --------------------
| Bug | 1.19.0-1.19.3 | any
When configuring an sts endpoint in the AWS Secrets engine, or when upgrading Vault with such an endpoint,
if no sts_endpoint is set, the engine will return an error stating that the number of endpoints and regions do not match:
```
{"errors":["number of regions does not match number of endpoints"]}
```
### Recommendation
Explicitly set the default endpoint and region when configuring sts:
```
{
...
sts_region = "us-east-1"
sts_endpoint = "https://sts.amazonaws.com"
...
}
```

1
website/content/docs/updates/release-notes.mdx
View File

@ -40,6 +40,7 @@ description: >-
| Known issue | 1.19.x | [Automated rotation stops after unseal](/vault/docs/updates/important-changes#rotation-stops)
| Known issue | 1.19.x, 1.18.x, 1.17.x, 1.16.x | [Azure Auth fails to authenticate Uniform VMSS instances](/vault/docs/updates/important-changes#azure-vmss)
| Known issue | 1.19.x, 1.18.x, 1.17.x, 1.16.x | [External Vault Enterprise plugins can't run on a standby node when it becomes active](/vault/docs/updates/important-changes#external-enterprise-plugins)
| Known issue | 1.19.x | [AWS STS secrets can fail if STS endpoints are unspecified](/vault/docs/updates/important-changes#aws-fallback-sts)
| Breaking | 1.20.x | [`disable_mlock` required for integrated storage](/vault/docs/updates/important-changes#disable_mlock-config)
## Feature deprecations and EOL