HashiCorp Vault 1.8 offers a new Vault Diagnose command, Key Management secrets engine AWS GA support, updates to Integrated Storage Autopilot, and more.
The new ‘vault operator diagnose’ command enables users to do faster troubleshooting and user-friendly diagnostics in situations when Vault is not starting.
“Troubleshooting is a fundamental task for Vault operators. However, root causing an error with Vault can be a complex task since Vault connects to so many other systems; it can be difficult to ascertain what is wrong in a timely and efficient manner,” HashiCorp wrote in a post. “The command focuses on why Vault cannot serve requests, but will also warn on configurations or statuses that it deems to be unsafe in some way.”
Also, the new version has added support for DR secondary clusters to have their own Autopilot configuration managed independently of their primary.
Autopilot can monitor cluster node health, prevent disruption to the Raft quorum due to an unstable new node, and periodically check and automatically clean up failed servers.
In addition to supporting Microsoft Azure Key Vault, AWS Key Management secrets engine (KMS) support is now generally available to assist with automating many lifecycle operations.
With the Key Management Secrets Engine, organizations can greatly simplify the lifecycle management of keys that Vault has distributed and maintains centralized control of those keys in Vault, while still taking advantage of cryptographic capabilities native to the KMS providers, according to the company.
With an enterprise licensing update, Vault Enterprise includes a number of features that go beyond what is supported in the open-source version, such as replication for DR and HA, HSM auto unseal support, and performance standby nodes.