github gravitational/teleport v15.1.0
Teleport 15.1.0
on GitHub

latest releases: v17.0.0-beta.1, api/v17.0.0-beta.1, v14.3.33-dev.yubikey.fix.3...
8 months ago

New Features

Standalone tbot Docker image

We now ship a new container image that contains tbot but omits other Teleport binaries, providing a light-weight option for Machine ID users.

Custom mouse pointers for remote desktop sessions

Teleport remote desktop sessions now automatically change the mouse cursor depending on context (when hovering over a link, resizing a window, or editing text, for example).

Synchronization of Okta groups and apps

Okta integration now support automatic synchronization of Okta groups and app assignments to Teleport as access lists giving users ability to request access to Okta apps without extra configuration.

EKS auto-discovery in Access Management UI

Users going through EKS enrollment flow in Access Management web UI now have an option to enable auto-discovery for EKS clusters.

Other changes

  • Fixed application access events being overwritten when using DynamoDB as event storage. #38815
  • Fixed a regression that had reintroduced long freezes for certain actions like "Run as different user". #38805
  • When teleport is configured to require MFA for admin actions, MFA is required to get certificate authority secrets. Ex: tctl auth export --keys or tctl get cert_authority/host/root.example.com --with-secrets. #38777
  • Added auto-enrolling capabilities to EKS discover flow in the web UI. #38773
  • Heavily optimized the Access List page in the UI, speeding things up considerably. #38764
  • Align DynamoDB BatchWriteItem max items limit. #38763
  • tbot-distroless image is now published. This contains just the tbot binary and therefore has a smaller image size. #38718
  • Fixed a regression with Teleport Connect not showing the re-login reason and connection errors when accessing databases, Kube clusters, and apps with an expired cert. #38716
  • Re-enabled the Windows key and prevents it from sticking or otherwise causing problems when cmd+tab-ing or alt+tab-ing away from the browser during desktop sessions. #38699
  • Resource limits are now correctly applied to the wait-auth-update initContainer in the teleport-cluster Helm chart. #38692
  • When teleport is configured to require MFA for admin actions, MFA is required to create, update, or delete trusted clusters. #38690
  • Fixed error in tctl get users --with-secrets when using SSO. #38663
  • When device trust is required and MFA is optional, users will need to add their first MFA device from a trusted device. #38657
  • Temporary files are no longer created during Discover UI EKS cluster enrollment. #38649
  • When teleport is configured to require MFA for admin actions, MFA is required to get or list tokens with tctl. Ex: tctl tokens ls or tctl get tokens/foo. #38645
  • Implemented dynamic mouse pointer updates to reflect context-specific actions, e.g. window resizing. #38614
  • MFA approval is no longer required in the beginning of EKS Discover flow. #38580
  • Fixed Postgres v16.x compatibility issue preventing multiple connections for auto-provisioned users. #38543
  • Fixed incorrect color of resource cards after changing the theme in Web UI and Connect. #38537
  • Updated the dialog for adding new authentication methods in the account settings screen. #38535
  • Displays review dates for access lists in dates, not remaining hours in tsh. #38525
  • Ensure that tsh continues to function if one of its profiles is invalid. #38514
  • Fixed logging output for teleport configure ... commands. #38508
  • Fixed tsh/WebAuthn.dll panic on Windows Server 2019. #38490
  • Fixes an issue that prevented the Web UI from properly displaying the hostname of servers in leaf clusters. #38469
  • Added ssh_service.enhanced_recording.root_path configuration option to change the cgroup slice path used by the agent. #38394
  • Fixed a bug that could cause expired SSH servers from appearing in the Web UI until the Proxy is restarted. #38310
  • Desktops can now be configured to use the same screen resolution for all sessions. #38307
  • The maximum duration for an access request is now 14 days, the okta-requester role has been added which takes advantage of this. #38224
  • Added TLS routing native WebSocket connection upgrade support. #38108
  • Fixed a bug allowing the operator to delete resource it does not own. #37750

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Check out latest releases or
releases around gravitational/teleport v15.1.0

Don't miss a new teleport release

NewReleases is sending notifications on new releases.

Get notifications