Overview
This page contains the list of deprecations and important or breaking changes for Vault 1.4.6 compared to 1.4.5. Please read it carefully.
AWS IAM authentication fixed
The security updates added in Vault 1.5.1, 1.4.4, 1.3.8, and 1.2.5 included additional header
checking during AWS IAM authentication that caused issues for some users. A workaround was
subsequently provided by setting allowed_sts_header_values
.
The underlying issue has been corrected in 1.5.3, 1.4.6, 1.3.10 and 1.2.7, and setting
allowed_sts_header_values
is no longer needed. If that parameter has been set, it will not conflict
with the fixed versions. It may be unset when convenient, or simply left as is.