- 
                Notifications
    You must be signed in to change notification settings 
- Fork 191
Spring Vault 3.0.0 M1 Release Notes
Spring Vault uses now AWS SDK v2 for the AWS IAM authentication method, specifically the software.amazon.awssdk:auth artifact instead of com.amazonaws:aws-java-sdk-core. As part of this upgrade, you can now configure a RegionProvider to determine the signing region.
- 
Removal of Netty4ClientHttpRequestFactorysupport
- 
Removal of the deprecated ClientHttpConnectorFactorytypes in theo.s.v.configpackage
- 
Removal of deprecated API such as LoginToken.of(String, long)methods, methods accepting durations asint/long, and other utility methods
If you use SysLeases in your configuration make sure to switch to Leases as direct replacement.
A new parser for certificate data is now available to parse DER- and PEM-encoded certificates and keys. The encoding is detected from the certificate data. Elliptic Curve keys are now supported in addition to RSA keys and certificates without additional dependencies by using our own ASN.1 parser. Keys may be represented with their ASN.1 syntax or provided as PKCS#8 container (without encryption).
Vault repositories can now store and retrieve their secrets within versioned Key/Value secrets engines (k/v version 2). The engine version is determined during runtime and the setup does not require any configuration.
Using versioned secrets allows participating in optimistic locking when defining a @Version property in the domain model.
See the updated reference documentation for details.
Vault repositories can now store and retrieve their secrets within versioned Key/Value secrets engines (k/v version 2). The engine version is determined during runtime and the setup does not require any configuration.
See the updated reference documentation for details.
Spring Vault 3.0 moves to new versions of several Spring projects:
- 
Spring Data 2022.0.0-M4 
- 
Spring Framework 6.0.0-M4 
Numerous third-party dependencies have also been updated, some of the more noteworthy of which are the following:
- 
Jackson 2.13.3 
- 
Netty 4.1.77 
- 
Kotlin 1.6 
- 
Google Cloud IAMcredential 2.2.0 
- 
Google OAuth2 Auth Library 1.7.0 
- 
BouncyCastle 1.70 
Apart from the changes listed above, there have also been lots of minor tweaks and improvements including:
- 
Version bump of the Azure Instance Metadata API from 2017-08-01to2017-12-01
- 
Upgrade to newer Google Cloud IAMcredential versions. The default artifact now uses GSON for JSON serialization. You can add the Google Jackson adapter to continue using Jackson. 
- 
Enabled AzureMsiAuthenticationfor reactive usage viaAuthenticationSteps
- 
Username-and-password authentication for userpassandldapbackends
- 
Exposure of the CA chain through CertificateBundle
- 
Internal locks using synchronizedhave been migrated toReentrantLockimproving experience on Project Loom runtime arrangements to avoid kernel thread pinning