v1.13.0
Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in this Piiano Vault release.
New features
- Vault now supports substring searching over encrypted objects. This feature enables you to search for objects based on a glob pattern that matches the object's properties. See Substring Search Objects for more information.
- Added support for the export and import of tokens. See Data import and export for more details.
Bug fixes
- Fixed an incorrect permissions check for the decrypt operation when decrypting without explicitly requesting return properties.
- Fixed a bug where Vault would not start when the Admin user's API key is expired.
Logic changes
- HTTP responses with an error now include a hint about the documentation page for the error code.
- Improved error messages for JWT-related errors. See JWT specific error messages for more details.
Breaking changes
If you use the decrypt operation without listing the properties to decrypt, review the user IAM permissions to ensure you do not lose access to this operation after the upgrade. Your users need an allow policy with decrypt in its operation list.
This release includes a minor change in Vault's anti-tampering signatures of JWT structures. If you run multiple instances and want to run this release alongside the previous one, you must remove anti-tampering enforcement for that transition time. Set the PVAULT_FEATURES_ANTI_TAMPERING environment variable to log or off on the existing instances before upgrading to this version. Restore the enforcement when all Vault instances are running this release.