» Overview

This page contains the list of deprecations and important or breaking changes for Vault 1.1.0 compared to 1.1.1. Please read it carefully.

» Known Issues

There is a known issue that could cause the upgrade to 1.1.1 to fail under certain circumstances. This issue occurs when a KV version 2 mount exists but contains no data. This will be fixed in 1.1.2. Addtionally a work around does exist: prior to upgrading ensure all KV v2 mounts have at least one key written to it.

» JWT/OIDC Plugin

Logins of role_type "oidc" via the /login path are no longer allowed.

» ACL Wildcards

New ordering defines which policy wins when there are multiple inexact matches and at least one path contains +. +* is now illegal in policy paths. The previous behavior simply selected any matching segment-wildcard path that matched.

» Replication

Due to technical limitations, mounting and unmounting was not previously possible from a performance secondary. These have been resolved, and these operations may now be run from a performance secondary.