LogoLogo
DocsMain SiteStart Now
  • 2024
    • πŸ’ΏJIT access for passwordless databases
    • πŸ€–Docker Hub updates
    • 🌱Updates for Kubernetes API
    • 🌷Some spring sprucing
    • 🌁Multiple replica support for Kubernetes agent
    • πŸ“¨Include your issue directly in your zli send-logs command
    • πŸ€–Update to agent shutdown procedures
    • β˜‚οΈTable refresh
    • 🎿A small fix
    • 🌁Minor adjustments
    • πŸ”Introducing OpenPubkey SSH
  • 2023
    • 🧹End of year cleanup
    • πŸŒ„Use environments as proxy targets
    • πŸ‚Configurable MFA duration
    • 🍁Customize agent log levels
    • 🍏Connect to all Kubernetes targets in a single command
    • 🐝Sorting, grouping, and range search for `zli lt` and `zli la`
    • β˜€οΈThe divorce of targets and agents
    • β›΅Small fix for connecting to Kubernetes targets
    • 🌴Connect to Kubernetes targets without specifying a target group
    • πŸ—ΊοΈConnection improvements
    • ⛱️Google SSO users
    • πŸ”¨Kubernetes updates pt. 2
    • 🧰Kubernetes updates pt. 1
    • πŸͺŸSupport for Windows
    • πŸ•οΈA couple fixes
    • 🌻Changes to bzero's agent types
    • ☁️Passwordless access to GCP Cloud SQL
    • πŸ—οΈAuthenticate using Keycloak
    • πŸ‘ΎBastionZero's Terraform Provider is live
    • 🐦MFA setup enhancements
    • 🌷Access Linux targets with IdP username as target user
    • πŸ€Fixed Kube connection stability
    • ❄️Use Github Actions to grant just-in-time access
    • πŸ’ŒImproved ZLI error messaging
    • πŸ”‘SplitCert with databases is ready to demo
    • 🎿Authenticate using OneLogin
  • 2022
    • β˜ƒοΈGlobal MFA is enabled by default for new orgs
    • πŸ€–Headless authentication with service accounts
    • πŸ‚Secure your targets using the onboarding tool
    • 😎Need help? Send us your logs from the ZLI
    • ⏱️QuickStart installs the bzero agent
    • 🍁Some autumn housekeeping
    • πŸŽ‰Tab completion in the ZLI
    • πŸ“©Laying the foundation
    • βš’οΈRestart a bzero agent from the ZLI
    • πŸ“„Improved SSH config file management
    • πŸ’ΎConnect to multiple database targets
    • βš™οΈCreate policies from the ZLI
    • πŸ”₯Govern file transfers with policy
    • πŸ’‘Enhanced filtering with the ZLI
Powered by GitBook
On this page
  • zli v. 6.7.15
  • New
  • Enhancements
  • Fixes
  • bzero v. 6.5.4
  • Fixes
  • Web app & backend
  • Enhancements
  • Fixes

Was this helpful?

  1. 2022

Create policies from the ZLI

24 August 2022

PreviousConnect to multiple database targetsNextGovern file transfers with policy

Last updated 1 year ago

Was this helpful?

zli v. 6.7.15

New

  • Create a new policy from the zli. Create a policy from the zli using:

    • zli policy create-cluster for a cluster policy

    • zli policy create-proxy for a proxy policy

    • zli policy create-tconnect for a target connect policy

    • zli policy create-recording for a session recording policy

    Run zli policy help or see the policy entry in the for additional guidance

Enhancements

  • Execute all policy-related commands with zli policy. Complete all policy-related commands from zli policy . This change encompasses the previous policy, describe-cluster-policy, user, group, targetUser, and targetGroup commands. Run zli policy help or see the policy entry in the for additional guidance

  • Remove zli generate-bash. The generate-bash command was deprecated in zli v.6.0.8 in favor of zli generate bash. It is now fully removed from the zli

  • Prompt for log in. Identity providers routinely rotate their keys. When this happens, BastionZero will prompt users for new log in

Fixes

  • Run ZLI Quickstart against an existing target. Modified the error message returned when running Quickstart against a target with the BastionZero agent already installed

  • Include all download options for the ZLI on Github. Updated the to include all download options

  • Cancel a zli connect request. Resolved issue where users were unable to cancel a shell session request in between the request and the session being established. This action can now be performed using ctrl+c, ctrl+d, or ctrl+\

  • Connect to target names that contain periods. Resolved issue where users were unable to connect to targets with names that contained periods following . Note that zli connect will work as long as the string following the first period in the target name does not conflict with an environment name

bzero v. 6.5.4

Fixes

  • Use environment variables to pass arguments from the zli to the bzero daemon. Resolved a potential issue with arguments being visible by processes when passed from zli to the daemon

  • Rare race condition in bzero agent. Resolved a rare race condition that could cause connection requests through zli connect to fail

  • Revoke user connections. Resolved an issue where revoking user connections caused cluster, database, and web connections to hang

  • iperf -R. Resolved an issue where iperf -R would hang prior to output

Web app & backend

Enhancements

  • Webshell and spaces removal. Removed the webshell from the web app as the first step in our plan to create a web app centered around the admin-focused experience

Fixes

  • Close database connections. Resolved an issue with the daemon poller that was preventing database connections from closing correctly

  • Target type in tables. Fixed naming inconsistency with target types in the web app where "Target Connect" was "TargetConnect" and "Session Recording" was "SessionRecording"

For questions or to give us feedback on how we can make our updates better, please reach out to .

βš™οΈ
zli reference manual
zli reference manual
Github ZLI repo
zli v.6.7.3
product@bastionzero.com