changelog++
This commit is contained in:
Jeff Mitchell
parent
7ac167f8a4
commit
8677ae2f7a
30
CHANGELOG.md
30
CHANGELOG.md
|
|
@ -22,9 +22,13 @@ DEPRECATIONS/CHANGES:
|
|||
* SSH role list changes: When listing roles from the `ssh` backend via the API,
|
||||
the response data will additionally return a `key_info` map that will contain
|
||||
a map of each key with a corresponding object containing the `key_type`.
|
||||
* More granularity in audit logs: Audit request and response entires are still
|
||||
in RFC3339 format but now have a granularity of nanoseconds.
|
||||
|
||||
FEATURES:
|
||||
|
||||
* **RSA Support for Transit Backend**: Transit backend can now generate RSA
|
||||
keys which can be used for encryption and signing. [GH-3489]
|
||||
* **Identity System**: Now in open source and with significant enhancements,
|
||||
Identity is an integrated system for understanding users across tokens and
|
||||
enabling easier management of users directly and via groups.
|
||||
|
|
@ -42,8 +46,25 @@ FEATURES:
|
|||
* **Sentinel Integration (Enterprise)**: Take advantage of HashiCorp Sentinel
|
||||
to create extremely flexible access control policies -- even on
|
||||
unauthenticated endpoints.
|
||||
* **RSA Support for Transit Backend**: Transit backend can now generate RSA
|
||||
keys which can be used for encryption and signing. [GH-3489]
|
||||
* **Barrier Rekey Support for Auto-Unseal (Enterprise)**: When using auto-unsealing
|
||||
functionality, the `rekey` operation is now supported; it uses recovery keys
|
||||
to authorize the master key rekey.
|
||||
* **Operation Token for Disaster Recovery Actions (Enterprise)**: When using
|
||||
Disaster Recovery replication, a token can be created that can be used to
|
||||
authorize actions such as promotion and updating primary information, rather
|
||||
than using recovery keys.
|
||||
* **Trigger Auto-Unseal with Recovery Keys (Enterprise)**: When using
|
||||
auto-unsealing, a request to unseal Vault can be triggered by a threshold of
|
||||
recovery keys, rather than requiring the Vault process to be restarted.
|
||||
* **UI Redesign (Enterprise)**: All new experience for the Vault Enterprise
|
||||
UI. The look and feel has been completely redesigned to give users a better
|
||||
experience and make managing secrets fast and easy.
|
||||
* **UI: SSH Secret Backend (Enterprise)**: Configure an SSH secret backend,
|
||||
create and browse roles. And use them to sign keys or generate one time
|
||||
passwords.
|
||||
* **UI: AWS Secret Backend (Enterprise)**: You can now configure the AWS
|
||||
backend via the Vault Enterprise UI. In addition you can create roles,
|
||||
browse the roles and Generate IAM Credentials from them in the UI.
|
||||
|
||||
IMPROVEMENTS:
|
||||
|
||||
|
|
@ -64,6 +85,9 @@ IMPROVEMENTS:
|
|||
* secret/transit: Sign and verify operations now support a `none` hash
|
||||
algorithm to allow signing/verifying pre-hashed data [GH-3448]
|
||||
* secret/database: Add the ability to glob allowed roles in the Database Backend [GH-3387]
|
||||
* ui (enterprise): Support for RSA keys in the transit backend
|
||||
* ui (enterprise): Support for DR Operation Token generation, promoting, and
|
||||
updating primary on DR Secondary clusters
|
||||
|
||||
BUG FIXES:
|
||||
|
||||
|
|
@ -88,6 +112,8 @@ BUG FIXES:
|
|||
* plugins: Allow response errors to be returned from backend plugins [GH-3412]
|
||||
* secret/transit: Fix panic if the length of the input ciphertext was less
|
||||
than the expected nonce length [GH-3521]
|
||||
* ui (enterprise): Reinstate support for generic secret backends - this was
|
||||
erroneously removed in a previous release
|
||||
|
||||
## 0.8.3 (September 19th, 2017)
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue