33 lines
1.1 KiB
Plaintext
33 lines
1.1 KiB
Plaintext
---
|
|
layout: docs
|
|
page_title: Upgrading to Vault 1.3.5 - Guides
|
|
description: |-
|
|
This page contains the list of deprecations and important or breaking changes
|
|
for Vault 1.3.5. Please read it carefully.
|
|
---
|
|
|
|
# Overview
|
|
|
|
This page contains the list of deprecations and important or breaking changes
|
|
for Vault 1.3.5 compared to 1.3.4. Please read it carefully.
|
|
|
|
## AWS Auth Metadata
|
|
|
|
The metadata handling for AWS Auth logins has changed:
|
|
|
|
The default set of metadata fields has been changed to `account_id` and `auth_type`. If your
|
|
application relies on fields that were removed, they may be added back via the AWS Auth identity
|
|
configuration endpoint (see example below).
|
|
|
|
## Known Issues
|
|
|
|
The AWS metadata changes have caused an issue preventing renewal of tokens issued via AWS Auth.
|
|
This has been fixed in Vault 1.3.6. The issue may be addressed in Vault 1.3.5 by configuring the
|
|
required metadata explicitly:
|
|
|
|
```
|
|
vault write auth/aws/config/identity \
|
|
ec2_metadata=account_id,auth_type,instance_id,region \
|
|
iam_metadata=account_id,auth_type,client_user_id,canonical_arn,inferred_entity_id,inferred_aws_region
|
|
```
|