upstream/vault
1
0
Fork 0
mirror of https://github.com/hashicorp/vault.git synced 2026-02-18 18:38:08 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

[docs] add known issue where static roles get rotated on upgrade (#30145)

Browse source 
* add known issue where static roles get rotated on upgrade #VAULT-35117)

* Update website/content/partials/known-issues/static-role-premature-rotations.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

* Update website/content/partials/known-issues/static-role-premature-rotations.mdx

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>

---------

Co-authored-by: Sarah Chavis <62406755+schavis@users.noreply.github.com>
This commit is contained in:
Ellie 2025-04-02 11:40:50 -05:00 committed by GitHub
parent d17b6268c4
commit 0b9ed13b82
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
9 changed files with 27 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
website/content/docs/release-notes/1.16.1.mdx
View file

@ -31,7 +31,7 @@ description: |-
| New default (1.16.13) | [Vault product usage metrics reporting](/vault/docs/upgrading/upgrade-to-1.6.x#product-usage-reporting) |
| Deprecation (1.16.13) | [`default_report_months` is deprecated for the `sys/internal/counters` API](/vault/docs/upgrading/upgrade-to-1.16.x#activity-log-changes) |
| Known Issue (1.16.16) | [Authorization failures using Azure federated identity credentials](/vault/docs/upgrading/upgrade-to-1.16.x#authorization-failures-using-azure-federated-identity-credentials) |
| Known issue (1.16.16) | [Unexpected static role rotations on upgrade](/vault/docs/upgrading/upgrade-to-1.16.x#static-role-rotations)
## Vault companion updates

1
website/content/docs/release-notes/1.17.0.mdx
View file

@ -31,6 +31,7 @@ description: |-
| New default (1.17.9) | [Vault product usage metrics reporting](/vault/docs/upgrading/upgrade-to-1.17.x#product-usage-reporting) |
| Deprecation (1.17.9) | [`default_report_months` is deprecated for the `sys/internal/counters` API](/vault/docs/upgrading/upgrade-to-1.17.x#activity-log-changes) |
| Known Issue (1.17.12) | [Authorization failures using Azure federated identity credentials](/vault/docs/upgrading/upgrade-to-1.17.x#authorization-failures-using-azure-federated-identity-credentials) |
| Known issue (1.17.12) | [Unexpected static role rotations on upgrade](/vault/docs/upgrading/upgrade-to-1.17.x#static-role-rotations)
## Vault companion updates

1
website/content/docs/release-notes/1.18.0.mdx
View file

@ -20,6 +20,7 @@ description: |-
| Beta feature removed (1.18) | [Request limiter removed](/vault/docs/upgrading/upgrade-to-1.18.x#request-limiter-configuration-removal) |
| New default (1.18.2) | [Vault product usage metrics reporting](/vault/docs/upgrading/upgrade-to-1.18.x#product-usage-reporting) |
| Known Issue (1.18.5) | [Authorization failures using Azure federated identity credentials](/vault/docs/upgrading/upgrade-to-1.18.x#authorization-failures-using-azure-federated-identity-credentials) |
| Known issue (1.18.5) | [Unexpected static role rotations on upgrade](/vault/docs/upgrading/upgrade-to-1.18.x#static-role-rotations)
## Vault companion updates

3
website/content/docs/release-notes/1.19.0.mdx
View file

@ -23,7 +23,8 @@ description: |-
| Known issue (1.19.x, 1.18.x, 1.17.x, 1.16.x) | [Duplicate HSM keys creation when migrating to HSM from Shamir](/vault/docs/upgrading/upgrade-to-1.19.x#hsm-keys)
| New behavior (1.19.0) | [Uppercase values are no longer forced to lower case](/vault/docs/upgrading/upgrade-to-1.19.x#case-sensitive)
| Known issue (1.19.0) | [Login/token renewal failures after group changes](/vault/docs/upgrading/upgrade-to-1.19.x#group-writes)
| Known issue (1.19.0) | [Unexpected static role rotations on upgrade](/vault/docs/upgrading/upgrade-to-1.19.x#static-role-rotations)
## Feature deprecations and EOL

2
website/content/docs/upgrading/upgrade-to-1.16.x.mdx
View file

@ -240,3 +240,5 @@ more details, and information about opt-out.
@include 'known-issues/database-skip-static-role-rotation.mdx'
@include 'known-issues/azure-unseal-regression.mdx'
@include 'known-issues/static-role-premature-rotations.mdx'

2
website/content/docs/upgrading/upgrade-to-1.17.x.mdx
View file

@ -211,3 +211,5 @@ more details, and information about opt-out.
@include 'known-issues/database-skip-static-role-rotation.mdx'
@include 'known-issues/azure-unseal-regression.mdx'
@include 'known-issues/static-role-premature-rotations.mdx'

2
website/content/docs/upgrading/upgrade-to-1.18.x.mdx
View file

@ -146,3 +146,5 @@ more details, and information about opt-out.
@include 'known-issues/database-skip-static-role-rotation.mdx'
@include 'known-issues/azure-unseal-regression.mdx'
@include 'known-issues/static-role-premature-rotations.mdx'

4
website/content/docs/upgrading/upgrade-to-1.19.x.mdx
View file

@ -97,4 +97,6 @@ As of Vault 1.19.0 the RADIUS authentication plugin will not force case sensitiv
@include 'known-issues/duplicate-hsm-key.mdx'
@include 'known-issues/1_19-failures-after-external-group-changes-standby.mdx'
@include 'known-issues/1_19-failures-after-external-group-changes-standby.mdx'
@include 'known-issues/static-role-premature-rotations.mdx'

13
website/content/partials/known-issues/static-role-premature-rotations.mdx Normal file
View file

@ -0,0 +1,13 @@
### Static role rotations on upgrade ((#static-role-rotations))
#### Affected Versions
- 1.19.0, 1.18.5, 1.17.12, 1.16.16
#### Issue
Vault automatically rotates existing static roles tied to database and LDAP
credentials once when upgrading to an affected version. After the one-time
rotation, the static roles behave as expected.
#### Workaround
If you rely on LDAP or static database roles, avoid upgrading to the affected
versions until we fix the issue.