βοΈGlobal MFA is enabled by default for new orgs
15 December 2022
bzero v. 7.3.1
bzero v. 7.3.1IMPORTANT REMINDER
For those who use Helm to install the Kubernetes bzero agent, you must update the Helm repository to chart version >= 1.1.3 before doing a fresh install of the bzero agent. You can do this with helm repo update.
This action updates the bctl-agent role to include permissions for retrieving logs from pods within the deployed namespace for the zli send-logs feature. Even if you do not intend to use send-logs, you must be using chart version >= 1.1.3 for any new Helm installations to be compatible with the new backend changes. We strongly recommend everyone who uses Helm takes this action.
Fixes
[Released 8 December] Agent re-registration. Resolved issue if
bzeroagent is attempting to register on top of an existing registration,bzerowill prompt user to use the-fflag to force a new registration
Web app & backend
New
Onboarding tool. To help aid users in onboarding targets to BastionZero, a self-serve, interactive onboarding guide is available within the web app underneath the support (?) icon in the top right corner. This tool provides guides for remote hosts, databases, Kubernetes clusters, web servers, and SSH tunnels. If you give it a try, let us know what you think!
Enhancements
Policies without a subject. Target connect, Kubernetes, and proxy policies can be created from the web app without any specified subjects. This enables you to mandate target access through just-in-time access only
Global MFA. New BastionZero organizations will have global MFA enabled by default. Users will be prompted upon first log in to set up their MFA using their chosen authenticator app. While it is not possible to disable MFA for the entire org, administrators may choose to disable, re-enable, or reset an individual user's MFA
Fixes
Onboarding tool. Resolved minor issues in the onboarding tool
For questions or to give us feedback on how we can make our updates better, reach out to product@bastionzero.com.
Last updated