Skip to content
This repository has been archived by the owner on Jan 12, 2024. It is now read-only.

Releases: Nike-Inc/cerberus

v0.15.1

04 Apr 17:12
Compare
Choose a tag to compare
  • Set is_admin to false, rather than have it be missing from the metadata, when an IAM prinicpal does not have admin permissions.

v0.15.0

04 Apr 00:33
Compare
Choose a tag to compare
  • Added logic to automatically validate and regenerate KMS key policies when a customer deletes and recreates an IAM role that was referenced in a KMS key policy created by CMS.
  • Added logging of principal name in various CMS API calls.
  • Modified how IAM identity information is stored in the database to references full ARNs rather than account id and role name as separate data.
  • Added new v2 IAM auth endpoint that allows users to auth with an ARN and region rather than account id, role name, and region as separate data.
  • Fixed a bug that was introduced when CMS was ported from the internal Karyon-based Jetty framework to the OSS Riposte Netty-based framework where users with read and write access could delete an SDB. Only owners can delete SDBs now.
  • IAM Role based principals get a default group assigned to them

v0.14.0

27 Feb 00:00
Compare
Choose a tag to compare
  • Add metadata restore endpoint for cross region, cross environment backup and restoring.

v0.13.0

16 Feb 21:01
Compare
Choose a tag to compare
  • Changes meta data to metadata to correct spelling of word, as a result the json returned by the metadata endpoint has changed, this would normally require reaving the API version number, but this is a new Admin only endpoint that is only used by the dashboard.

v0.12.0

31 Jan 18:35
Compare
Choose a tag to compare
  • Added config property cms.admin.roles to enable IAM roles / Instances to have access to admin endpoints.

v0.11.0

31 Jan 01:26
Compare
Choose a tag to compare

Removed deprecated 'stats' admin endpoint.

v0.10.0

30 Jan 21:42
Compare
Choose a tag to compare

Adds an Okta authentication connector that always requires MFA (regardless of user settings). This allows you to require MFA for Cerberus login, without requiring it for all users in Okta.

v0.9.1

09 Jan 19:08
Compare
Choose a tag to compare
  • Fix Guice errors when not using the OktaAuthConnector

v0.9.0

09 Jan 18:29
Compare
Choose a tag to compare
  • Added OKTA auth connector
  • Added new gradle tasks to run external dependencies (Vault, MySQL, Dashboard, Reverse Proxy) embedded in gradle with out needed to have them installed.

v0.8.0

06 Jan 20:10
Compare
Choose a tag to compare
  • Added new metadata admin endpoint for viewing and backing up SDB metadata which is what CMS primary stores.
  • Added runCMS gradle task for running CMS locally through gradle rather than shell scripts, which is nice for running CMS on Windows.