# Govern file transfers with policy

## `zli v. 6.7.3`

### New

* **Distinguish `bzero` targets by environment.** `zli connect` allows users to differentiate non-unique `bzero` target names by adding its corresponding environment name or environment UUID to the command. Do this by appending a period and the environment name or UUID after the target you wish to connect to. This may look like:

  * `zli connect target-user@target-name.environment-name`
  * `zli connect target-user@target-name.environment-id`
  * `zli connect target-name.environment-id`

  Command logs now include target type, environment UUID, and environment name columns for clarity. Connection event logs also include environment name and UUID

{% hint style="info" %}
**BEST PRACTICES TIP**

As part of this change, we *<mark style="background-color:purple;">strongly</mark>* recommend that target names no longer contain periods. This will reduce the risk of conflict when trying to connect to a target containing periods in the name or a target that is distinguished by environment.
{% endhint %}

## `bzero v. 6.4.2`

### Fixes

* **TCP connections.** Resolved issue with certain TCP connections that caused data truncation and out-of-order writes
* **`Kubectl exec` commands.** Resolved issue where daemon quit following a `kubectl exec` command
* **`Sudo` using `ssm-user` and `bzero-user`.** Resolved issue when using the `bzero` agent as the `bzero-user` and `ssm-user` that required a password when executing a `sudo` command
* **\[Released 25 June] SSH tunneling on `bzero`.** Resolved issue with opening a tunnel using the `bzero` agent

## Web app & backend

### New

* **Use policy to govern file upload/download.** Policy manages if a user can upload/download to a `bzero` target using `scp` and `stfp` protocols from their terminal. This capability allows administrators to remove a users' tunnel and/or shell access to a `bzero` target and maintain their file transfer access. File transfers will continue to appear in the session logs as an SSH event. *<mark style="color:purple;">To take advantage of this new feature, make sure to upgrade to</mark>* *<mark style="color:purple;">`zli v.6.7.3`</mark><mark style="color:purple;">,</mark>* *<mark style="color:purple;">`bzero v.6.4.2`</mark><mark style="color:purple;">, and run a fresh</mark>* *<mark style="color:purple;">`zli generate sshConfig`</mark>* *<mark style="color:purple;">from your terminal</mark>*

### Enhancements

* **Prompt for log in.** Identity providers routinely rotate their keys. When this happens, BastionZero will prompt users for new log in

### Fixes

* **Container autodiscovery script on AL2 machines.** Resolved an issue where running the container autodiscovery script on AL2 machines produced an error when starting the `bzero` agent
* **Connect to a non-unique target.** Resolved an issue where naming conflicts between online and offline targets were not detected and blocked valid connection requests
* **`zli connect` error message.** Resolved typo in the `zli connect` error message that displayed an erroneous `$`
* **Sort on the admin's user management tab.** Resolved issue with sorting columns in the user management tab
* **\[Released 10 June] Connect to `bzero` target using single-user policy.** Resolved an issue where a `zli connect` to a `bzero` target, governed by a single-user policy, resulted in a handshake timeout
* **\[Released 15 June] In response to CVE-2022-1650.** Upgraded `eventsource` dependency proactively based on potential vulnerability outlined in CVE-2022-1650
* **\[Released 17 June] User-specific registration keys.** Resolved an issue where user-specific registration keys were being rejected as API keys when global registration keys were not enabled
* **\[Released 27 June] Trouble accessing cloud.bastionzero.com.** Resolved issue with intermittent 504s on the BastionZero web app


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://changes.bastionzero.com/2022/07-27-2022.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.