gravitational/teleport v18.1.5

Teleport 18.1.5

on GitHub

Description

• Fix AWS CLI access using AWS OIDC integration. #57977
• Fixed an issue that could cause revocation checks to fail in Windows environments. #57880
• Fixed the case where the auto-updated client tools did not use the intended version. #57870
• Bound Keypair Joining: Fix lock generation on sequence desync. #57863
• Fix database PKINIT issues caused missing CDP information in the certificate. #57850
• Fixed connection issues to Windows Desktop Services (v17 or earlier) in Teleport Connect. #57842
• The teleport-kube-agent Helm chart now supports kubernetes joining. teleportClusterName must be set to enable the feature. #57824
• Fixed the web UI's access request submission panel getting stuck when scrolling down the page. #57797
• Enroll new Kubernetes agents in Managed Updates. #57784
• Teleport now supports displaying more than 2k tokens. #57772
• Updated Go to 1.24.6. #57764
• Database MCP server now supports CockroachDB databases. #57762
• Added support for CockroachDB Web Access and interactive CockroachDB session playback. #57762
• Added the --auth flag to the tctl plugins install scim CLI command to support Bearer token and OAuth authentication methods. #57759
• Fix Alt+Click not being registered in remote desktop sessions. #57757
• Kubernetes Access: kubectl port-forward now exits cleanly when backend pods are removed. #57738
• Kubernetes Access: Fixed a bug when forwarding multiple ports to a single pod. #57736
• Fixed unlink-package during upgrade/downgrade. #57720
• Add new oidc joining mode for Kubernetes delegated joining to support providers that can be configured to provide public OIDC endpoints, like EKS, AKS, and GKE. #57683
• Teleport event-handler now accepts HTTP Status Code 204 from the recipient. This adds support for sending events to Grafana Alloy and newer Fluentd versions. #57680
• Enrich the windows.desktop.session.start audit event with additional certificate metadata. #57676
• Allow the use of ResourceGroupsTaggingApi for KMS Key deletion. #57671
• Added --force option to tctl workload-identity x509-issuer-overrides sign-csrs to allow displaying the output of partial failures, intended for use in clusters that make use of HSMs. #57662
• Tctl top can now display raw prometheus metrics. #57632
• Enable resource label conditions for notification routing rules. #57616
• Use the bot details page to view and edit bot configuration, and see active instances with their upgrade status. #57542
• Device Trust: added required-for-humans mode to allow bots to run on unenrolled devices, while enforcing checks for human users. #57222
• Add TeleportDatabaseV3 support to the Teleport Kubernetes Operator. #56948
• Add TeleportAppV3 support to the Teleport Kubernetes Operator. #56948
• Fix TELEPORT_SESSION and SSH_SESSION_ID environmental variables not matching in an SSH session. #55272

Enterprise:

• Allow OIDC authentication to complete if email verification is not provided when the OIDC connecter is set to enforce verified email addresses.

Download

Download the current and previous releases of Teleport at https://goteleport.com/download.

Plugins

Download the current release of Teleport plugins from the links below.

• Slack Linux amd64 | Linux arm64
• Mattermost Linux amd64 | Linux arm64
• Discord Linux amd64 | Linux arm64
• Terraform Provider Linux amd64 | Linux arm64 | macOS amd64 | macOS arm64 | macOS universal
• Event Handler Linux amd64 | Linux arm64 | macOS amd64
• PagerDuty Linux amd64 | Linux arm64
• Jira Linux amd64 | Linux arm64
• Email Linux amd64 | Linux arm64
• Microsoft Teams Linux amd64 | Linux arm64