mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-28 08:27:26 +02:00
* Update enterprise changelog for v0.16.0 * fmt Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com> * Update upgrading.md Co-authored-by: Travis Groth <travisgroth@users.noreply.github.com>
82 lines
2.8 KiB
Markdown
82 lines
2.8 KiB
Markdown
---
|
|
title: Changelog
|
|
sidebarDepth: 0
|
|
---
|
|
|
|
# Changelog
|
|
|
|
## 0.16.0
|
|
|
|
### New
|
|
|
|
- Devices: It is now possible to manage, enroll, approve, and write authorization policy for device identity.
|
|
- Signing keys can now be dynamically pulled from the Authenticate service's JWKS endpoint.
|
|
- Added the ability to write PPL policy for HTTP method and path contexts.
|
|
|
|
### Updated
|
|
|
|
- Policies can now incorporate device identity and approval status.
|
|
- Routes certificate UI now shows the matching TLS certificate used.
|
|
- Routes now has Kubernetes service account token field
|
|
- Metric addresses are now shown in the runtime info dashboard.
|
|
- Envoy was upgraded to 1.20.1.
|
|
- The code editor now supports dark mode.
|
|
- Various UI style improvements and fixes.
|
|
|
|
### Fixed
|
|
|
|
- `--tls-insecure-skip-verify` was not applied to databroker connections.
|
|
- Fixed a bug in the host rewrite code (thank you @rankinc for reporting).
|
|
- Fixed a bug in the way timeout fields were being displayed.
|
|
- Fixed a bug in the way route header fields were being ordered.
|
|
|
|
### Fixed
|
|
|
|
## 0.15.2
|
|
|
|
### Fixed
|
|
|
|
- A regression in the `Deployments` page loading has been corrected.
|
|
|
|
## 0.15.1
|
|
|
|
### Fixed
|
|
|
|
- Tracing settings now persist correctly.
|
|
|
|
### Updated
|
|
|
|
- Support configuring multiple audiences for the console.
|
|
- Improved configuration validation.
|
|
- Various UI style improvements.
|
|
|
|
## 0.15.0
|
|
|
|
### New
|
|
|
|
- [Telemetry] - View real time metrics and status from Pomerium components inside the Enterprise Console.
|
|
- More expressive policy syntax: Pomerium's new extended [policy language] allows more complex policies to be configured, along with non-identity based conditions for access.
|
|
- Support for [Google Cloud Serverless] configuration on routes.
|
|
- Support for [SPDY] configuration on routes.
|
|
- More consistent filtering and sorting across [resource listing pages][runtime].
|
|
|
|
### Updated
|
|
|
|
- Certificate Management - Certificates with overlapping SAN names are no longer permitted.
|
|
- [Policies] - New editing screen supports Wizard based, Text based or Rego based policy.
|
|
- Policies - Only global administrators may manage Rego based policies.
|
|
- Policies - Support time based criteria.
|
|
- [Service Accounts] - Simplified UI.
|
|
- Service Accounts - Support token expiration time.
|
|
- Service Accounts - Namespace support.
|
|
- Impersonation - Impersonation is now done on an individual session basis.
|
|
- Various other bug fixes and improvements.
|
|
|
|
[`signing key`]: /reference/readme.md#signing-key
|
|
[google cloud serverless]: /reference/readme.md#enable-google-cloud-serverless-authentication
|
|
[policies]: /enterprise/reference/manage.md#policies-2
|
|
[policy language]: /enterprise/reference/manage.md#pomerium-policy-language
|
|
[runtime]: /enterprise/reference/reports.md#runtime
|
|
[service accounts]: /enterprise/concepts.md#service-accounts
|
|
[spdy]: /reference/readme.md#spdy
|
|
[telemetry]: /enterprise/reference/reports.md#traffic
|