License autoloading
Vault Enterprise license or HCP Vault Plus cluster required
Prior to Vault 1.8, Vault Enterprise would be licensed using special binaries that contained embedded licenses, or via a license written into Vault storage using the POST sys/license API.
As of Vault 1.8 those options still exist but are deprecated, and the recommended mechanism for managing licenses is called License Autoloading. New clusters are required to use the autoloading method.
License Autoloading can be done using one of these mechanisms, in decreasing order
of priority (i.e. VAULT_LICENSE
takes precedence over VAULT_LICENSE_PATH
, which
takes precedence over license_path
in config.)
Nodes within a cluster should be consistently licensed. All nodes in a cluster should use autoloading, or none should. If autoloading is used, all nodes should use the same license string. Warnings will be written to the log when there are discrepancies.
If autoloading is used, any existing stored license will be ignored. The presence of a stored license in conjunction with an autoloaded license will also result in logged warnings, which may require a service restart to clear.