hashicorp/boundary v0.3.0

on GitHub

0.3.0 (2021/06/08)

Deprecations/Changes

• password account IDs: When the oidc auth method came out, accounts were
  given the prefix acctoidc. Unfortunately, accounts in the password method
  were using apw...oops. We're standardizing on acct and have updated the
  password method to generate new IDs with acctpw prefixes.
  Previously-generated prefixes will continue to work.

New and Improved

• oidc: The new Managed Groups feature allows groups of accounts to be created
  based on an authenticating user's JWT or User Info data. This data uses the
  same filtering syntax found elsewhere in Boundary to provide a rich way to
  specify the criteria for group membership. Once defined, authenticated users
  are added to or removed from these groups as appropriateds each time they
  authenticate. These groups are treated like other role principals and can be
  added to roles to provide grants to users.
• dev: Predictable IDs in boundary dev mode now extend to the accounts created
  in the default password and oidc auth methods.
• mlock: Add a Docker entrypoint script and modify Dockerfiles to handle mlock
  in a fashion similar to Vault
  (PR)