0.14.0 (2023/10/10)
Deprecations/Changes
- Per the note in Boundary 0.12.0, the
vault
credential library subtype has
now been removed in favor ofvault-generic
. For example, instead of
boundary credential-libraries create vault
, you must useboundary credential-libraries create vault-generic
. - Per the note in Boundary 0.12.0, errors returned from the cli when using the
-format=json
option will now only use thestatus_code
field. Thestatus
field has been removed. - Per the note in Boundary 0.12.0, targets require a default port value. Ports
defined as part of a host address were ignored but allowed as part of a target
definition; from 0.14.0 onwards, any port defined on a host address will now
become an error. - Targets: Per the note in Boundary 0.10.10, target Application Credentials has
been renamed to Brokered Credentials.application-credential-source
has been
removed as a field.brokered-credential-source
should be used instead.
(PR, deprecated
changelog).
New and Improved
- cli: Add support for specifying a command that will be executed on the remote host when
using theboundary connect ssh
subcommand.
(Issue,
PR). - feat: add API support for additional LDAP auth method fields:
maximum_page_size
anddereference_aliases
(PR). - feat: add worker upstream connection status to ops health check
(PR). - feat: allow HCP cluster id to be sourced from file or env variable
(PR). - feat: add support for telemetry events via flag or Boundary configuration
(requires observation events to be enabled). Deny filter now filters
coordination worker status from observation events by default. (This behavior
is overridden by any user specified allow or deny filters)
(PR). - ui: Add full UI support for LDAP auth method
(PR) - ui: Add new attribute fields to storage bucket to support the assume role service in AWS.
(PR)
Bug Fixes
- LDAP auth methods: allow bind-dn and bind-password to be updated
independently. (PR) - targets: Fix address field not being populated if the number of targets on a
list returns more than 10000 entries
(PR) - cli: Fix issue when using the
authenticate
command against a password auth
method on Windows where the password would be swallowed when the login name is
submitted (PR) - worker: Fix an issue that could cause intermittent startup issues on slow
systems (PR) - cli: Remove websocket max message size. This fixes issues where large message
sizes are sent to the client from a worker which resulted in the connection
being terminated, as is the case with an scp download when using an SSH
Target. (PR)