| Release | Update | Description |
|---|---|---|
| Vault Secrets Operator (v0.5) | ENHANCED |
Use templating to format, transform, and decode secrets before syncing to
Kubernetes secret.
Learn more: Secret data transformation |
| Release | Update | Description |
|---|---|---|
| Endpoint hardening | ENHANCED |
Minimize network exposure by selectively redacting select fields like IP
addresses, cluster names, and Vault version from the HTTP responses of
your Vault server.
Learn more: redact_addresses parameter |
| External plugins | GA |
Run external plugins in their own container with native container platform
controls.
Learn more: Containerize Vault plugins |
| Release | Update | Description |
|---|---|---|
| Long-term support | GA |
Reduce risk and operational overhead with Vault Enterprise Long-Term
Support (LTS) releases.
Learn more: LTS overview |
| Vault GUI | GA |
Configure custom messages and display those messages to targeted users in
the Vault GUI.
Learn more: Custom UI messages |
| Audit logging | GA |
Filter audit logs to write data to different destinations based on the content.
Learn more: Filter syntax for audit results |
| Static secret caching | GA |
Use Vault Proxy to cache static secrets for a set period of time and receive
event notifications when secrets change.
Learn more: Vault Proxy static secret caching |
| Event notifications | GA |
Subscribe to notifications for various events in Vault. Includes support
for filtering, permissions, and cluster configurations with K-V secrets.
Learn more: Events |
| Public Key Infrastructure (PKI) | BETA |
Automate certificate lifecycle management for IoT/EST enabled devices with
native EST protocol support
Learn more: Enrollment over Secure Transport (EST) |
| Default lease count quotas | GA |
New server deployments automatically create a lease count quota in the
root namespace with a 300K limit.
Learn more: Lease count quotas |
| License utilization reporting | ENHANCED |
Use the Vault CLI to bundle and report usage data to HashiCorp for
clusters that do not report license utilization data automatically.
Learn more: Manual license utilization reporting |
| Secrets sync | GA |
Sync Key Value (KV) v2 data between Vault and secrets managers from AWS,
Azure, Google Cloud Platform (GCP), GitHub, and Vercel.
Learn more: Secrets Sync |
| AWS plugin | GA |
Use automatic identity tokes for workload identity federation
authentication flows with the AWS secret engine without explicitly
configuring sensitive security credentials.
Learn more: AWS secrets engine |