Skip to main content


Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in Piiano Vault release v1.10.2.

New features

  • A new PVAULT_SERVICE_PCI_RESTRICTIONS environment variable was added to enforce PCI regulatory rules in the Vault. These rules apply only to PCI data types. When set to true, the following rules are enforced:
    • CC_CVV data type expiration is enforced to be always less than one hour for all operations. Attempting to create/update a token/object with a longer expiration time will fail with a bad request (400) error code.
    • A global deny policy is dynamically injected to all IAM roles to prevents any read access of the CC_NUMBER data type. Attempting to access CC_NUMBER will fail with 403 error code. Note, this policy affects only Roles used by users. When a role is used internally by the Vault, such as with the http_call action, it would still be possible to use the CC_NUMBER data type in the http_call action.

Logic changes

Bug fixes

  • Fix a bug where license was reported as new in logs even when being unchanged.
  • Fix a bug where the user role was not reported correctly in debug logs.
  • Fix a bug where disabling users was not saved correctly in the database and caused anti-tampering signature failures.