LogoLogo
DocsMain SiteStart Now
  • 2024
    • πŸ’ΏJIT access for passwordless databases
    • πŸ€–Docker Hub updates
    • 🌱Updates for Kubernetes API
    • 🌷Some spring sprucing
    • 🌁Multiple replica support for Kubernetes agent
    • πŸ“¨Include your issue directly in your zli send-logs command
    • πŸ€–Update to agent shutdown procedures
    • β˜‚οΈTable refresh
    • 🎿A small fix
    • 🌁Minor adjustments
    • πŸ”Introducing OpenPubkey SSH
  • 2023
    • 🧹End of year cleanup
    • πŸŒ„Use environments as proxy targets
    • πŸ‚Configurable MFA duration
    • 🍁Customize agent log levels
    • 🍏Connect to all Kubernetes targets in a single command
    • 🐝Sorting, grouping, and range search for `zli lt` and `zli la`
    • β˜€οΈThe divorce of targets and agents
    • β›΅Small fix for connecting to Kubernetes targets
    • 🌴Connect to Kubernetes targets without specifying a target group
    • πŸ—ΊοΈConnection improvements
    • ⛱️Google SSO users
    • πŸ”¨Kubernetes updates pt. 2
    • 🧰Kubernetes updates pt. 1
    • πŸͺŸSupport for Windows
    • πŸ•οΈA couple fixes
    • 🌻Changes to bzero's agent types
    • ☁️Passwordless access to GCP Cloud SQL
    • πŸ—οΈAuthenticate using Keycloak
    • πŸ‘ΎBastionZero's Terraform Provider is live
    • 🐦MFA setup enhancements
    • 🌷Access Linux targets with IdP username as target user
    • πŸ€Fixed Kube connection stability
    • ❄️Use Github Actions to grant just-in-time access
    • πŸ’ŒImproved ZLI error messaging
    • πŸ”‘SplitCert with databases is ready to demo
    • 🎿Authenticate using OneLogin
  • 2022
    • β˜ƒοΈGlobal MFA is enabled by default for new orgs
    • πŸ€–Headless authentication with service accounts
    • πŸ‚Secure your targets using the onboarding tool
    • 😎Need help? Send us your logs from the ZLI
    • ⏱️QuickStart installs the bzero agent
    • 🍁Some autumn housekeeping
    • πŸŽ‰Tab completion in the ZLI
    • πŸ“©Laying the foundation
    • βš’οΈRestart a bzero agent from the ZLI
    • πŸ“„Improved SSH config file management
    • πŸ’ΎConnect to multiple database targets
    • βš™οΈCreate policies from the ZLI
    • πŸ”₯Govern file transfers with policy
    • πŸ’‘Enhanced filtering with the ZLI
Powered by GitBook
On this page
  • zli v. 6.15.12
  • New
  • Enhancements
  • Fixes
  • bzero v. 7.5.2
  • New
  • Enhancements
  • Fixes
  • Web app & backend
  • New
  • Enhancements
  • Fixes

Was this helpful?

  1. 2023

Authenticate using OneLogin

18 January 2023

zli v. 6.15.12

IMPORTANT

This zli release is mandatory for all Okta-based BastionZero organizations.

This can be done via:

  • yum update zli for yum

  • brew upgrade zli for Homebrew

  • apt update, followed by an apt install zli for apt

This change has no impact on our APIs or web app access.

IMPORTANT REMINDER zli v. 6.14.3** introduces a change to the context name used when connecting to a Kubernetes cluster secured by BastionZero.** > Bzero-context is no longer used to connect to your cluster. Instead, all contexts follow a format that includes both the targetUser (Kubernetes role) and targetName (cluster name): bzero-{targetUser}@{targetName} > Each Kubernetes connection creates an additional context entry following the same bzero- format mentioned above > zli generate kubeConfig is no longer required before connecting to a Kubernetes target. Simply run zli connect {targetUser}@{targetName}, and the zli will update your kubeconfig to a new context entry to connect to your target > Before upgrading, adjust any tooling that relies on the former context name, bzero-context

New

  • OneLogin authentication support. The latest zli release, v. 6.14.3, contains support for authenticating to BastionZero via OneLogin SSO. To set up a OneLogin organization, see our product docs for a step-by-step guide

Enhancements

  • JIT policy expiration and policy modification. Improved error messaging is returned to users when their JIT policy expires and/or they have lost access to a target due to policy modification

Fixes

  • zli send-logs. Resolved issue so zli send-logs sends zli logs when no daemon logs exist

bzero v. 7.5.2

New

  • OneLogin support. This release of bzero includes the changes required to support OneLogin authentication support

  • [Released 21 December] ARM64 bzero agent. Resolved issue with installing the ARM64 bzero agent

Enhancements

  • JIT policy expiration and policy modification. This release of bzero includes the changes needed to improve error messaging when users' JIT policy expires and/or they have lost access to a target due to policy modification

Fixes

  • Log level. Resolved issue with the -logLevel flag in both the systemD and Kube agents

Web app & backend

New

  • OneLogin groups support. The latest backend release contains support for integrating OneLogin groups with BastionZero. This capability allows you to create policy using OneLogin groups rather than having to name specific users

Enhancements

  • SSH connection response. Improved the SSH connection response to include the target user

Fixes

  • Onboarding tool. Resolved issue with the onboarding tool when onboarding a cluster with the same name as a current offline cluster

  • BastionZero app on Slack. Resolved issue preventing the BastionZero app from accepting JIT requests for tunnel or file transfer verbs

  • SSH connections. Resolved issue with revoking active SSH connections when policy is modified

  • Connect to targets with altered control channel. Resolved issue with connecting to a target after the control channel has changed AWS availability regions

For questions or to provide feedback on how we can improve our updates, reach out to product@bastionzero.com.

PreviousSplitCert with databases is ready to demoNextGlobal MFA is enabled by default for new orgs

Last updated 1 year ago

Was this helpful?

🎿