Skip to content
This repository has been archived by the owner on Jan 12, 2024. It is now read-only.

Releases: Nike-Inc/cerberus

v0.30.0

19 Sep 16:43
Compare
Choose a tag to compare
  • Adding Hystrix library for calls to Vault and KMS

v0.29.0

05 Sep 17:08
Compare
Choose a tag to compare
  • Adds a new metrics reporter that allows users to send Riposte metrics to SignalFx.

Note: This is an optional feature intended for those who use SignalFx. This feature is turned off by default.

v0.28.0

16 Aug 23:13
Compare
Choose a tag to compare
  • Adding logging of client IP from X-Forwarded-For HTTP header

v0.27.0

10 Aug 20:08
Compare
Choose a tag to compare
  • Upgraded Riposte version to 10.1
  • Several DB connection pool adjustments (increasing initial/min/max pool size, keep idle connections over 1 hour before closing, larger acquireIncrement)
  • Bug fix: RequestSecurityValidator for Riposte was misconfigured

v0.26.0

04 Aug 19:41
Compare
Choose a tag to compare
  • Adds additional logging to show X-Cerberus-Client header

v0.25.0

21 Jul 16:01
Compare
Choose a tag to compare
  • Reduce AWS calls when validating keys to avoid being rate limited

v0.24.0

17 Jul 17:11
Compare
Choose a tag to compare
  • Gives CMS permissions to schedule and cancel KMS key deletion when cleaning up inactive or orphaned KMS keys
  • Clean up endpoint returns immediately, while clean up process runs in the background

v0.23.0

06 Jul 17:17
Compare
Choose a tag to compare
  • Lock down user token refresh to only user principals.
  • Enable a maximum amount of times that a user can refresh there token without re-authenticating.

v0.22.0

28 Jun 18:17
Compare
Choose a tag to compare
  • Added full CRUD support for IAM Principals

v0.21.0

26 Jun 16:26
Compare
Choose a tag to compare
  • Adds an admin endpoint to clean up orphaned IAM roles in the database and inactive or orphaned KMS keys in AWS.

This is required because orphaned database records, and AWS KMS keys are created when an SDB is deleted.

Orphaned KMS keys are not cleaned up at SDB deletion time because it would add unnecessary complexity and remove control from Cerberus administrators over when KMS keys should be deleted.