3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-01 03:16:31 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/docs/enterprise/changelog.md
bobby 8b755a36b3
Update enterprise changelog for v0.16.0 (#2977) 
* Update enterprise changelog for v0.16.0

* fmt

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>

* Update upgrading.md

Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
2022-01-28 15:23:22 -08:00

2.8 KiB
Raw Blame History

title sidebarDepth
Changelog 0

Changelog

0.16.0

New

  • Devices: It is now possible to manage, enroll, approve, and write authorization policy for device identity.
  • Signing keys can now be dynamically pulled from the Authenticate service's JWKS endpoint.
  • Added the ability to write PPL policy for HTTP method and path contexts.

Updated

  • Policies can now incorporate device identity and approval status.
  • Routes certificate UI now shows the matching TLS certificate used.
  • Routes now has Kubernetes service account token field
  • Metric addresses are now shown in the runtime info dashboard.
  • Envoy was upgraded to 1.20.1.
  • The code editor now supports dark mode.
  • Various UI style improvements and fixes.

Fixed

  • --tls-insecure-skip-verify was not applied to databroker connections.
  • Fixed a bug in the host rewrite code (thank you @rankinc for reporting).
  • Fixed a bug in the way timeout fields were being displayed.
  • Fixed a bug in the way route header fields were being ordered.

Fixed

0.15.2

Fixed

  • A regression in the Deployments page loading has been corrected.

0.15.1

Fixed

  • Tracing settings now persist correctly.

Updated

  • Support configuring multiple audiences for the console.
  • Improved configuration validation.
  • Various UI style improvements.

0.15.0

New

  • Telemetry - View real time metrics and status from Pomerium components inside the Enterprise Console.
  • More expressive policy syntax: Pomerium's new extended policy language allows more complex policies to be configured, along with non-identity based conditions for access.
  • Support for Google Cloud Serverless configuration on routes.
  • Support for SPDY configuration on routes.
  • More consistent filtering and sorting across resource listing pages.

Updated

  • Certificate Management - Certificates with overlapping SAN names are no longer permitted.
  • Policies - New editing screen supports Wizard based, Text based or Rego based policy.
  • Policies - Only global administrators may manage Rego based policies.
  • Policies - Support time based criteria.
  • Service Accounts - Simplified UI.
  • Service Accounts - Support token expiration time.
  • Service Accounts - Namespace support.
  • Impersonation - Impersonation is now done on an individual session basis.
  • Various other bug fixes and improvements.