Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in this Piiano Vault release.
New features
- Vault now support for substring searching over fully encrypted objects. This feature allows you to search for objects based on a glob pattern that matches the object's properties. See Substring Search Objects for more information.
- Added support for export and import of tokens. See Data import and export for more details.
Bug fixes
- Fixed a wrong permissions check for decrypt operation when decrypting without explicitly requesting return properties.
- Fixed a bug where Vault would not start when the Admin API key is expired.
Logic changes
- HTTP response for with an error now includes a hint about the documentation page for the error code.
- Improved error messages for JWT related errors. See JWT specific error messages for more details.
Breaking changes
If you are using the decrypt operation without listing which properties to decrypt, review your IAM permissions of that user to ensure that you will not lose access to this operation after upgrade. You require an allow policy that has decrypt in its operation list.
This release includes a minor change in Vault's anti-tampering signatures of JWT structures. If you are running multiple instance, and wish to run this release along side the previous one, you must remove the enforcement of the anti tampering for that transition time. Set the PVAULT_FEATURES_ANTI_TAMPERING environment variable to log or off on the existing instances before upgrading to this version. Restore the enforcement once all Vault instances are running this release.