New Release: Forseti Security v2.22.0

[Gregg Kowalski]

Forseti Security team is excited to announce the release of Forseti Security version 2.22.0!

Highlights:

• Forseti GitHub repository
• Instead of maintaining two main branches (dev and master), we are going to consolidate into only using the master branch. In the past we have used the dev branch for merging feature changes and we recommended to fork from this branch. Going forward we will be merging changes directly to master. This work will be completed during the week of October 7th. If this causes any issues for your forked repository, please contact us on Slack.

• Installer
• We are postponing the Python installer deprecation to align with the sub-modularization Terraform changes coming in the next release. The Python installer will still be supported to upgrade from v2.21.0 to v2.22.0. We are planning to fully remove support for this installation method in the next release.
  
• Inventory
• Added new resources from Cloud Asset Inventory.
• Compute Security Policy
• Fix for the Groups Settings inventory for G Suite. Previously the allowExternalMembers setting would always be interpreted as true.
  
• Scanner
• Fix for the Location and Groups Settings Rules Engines to format violation data in a more helpful format. This will be used by the Notifier to produce helpful messages for Slack Notification, and other notification methods.
  
• Updated the Firewall Rule Scanner to support firewall rules that targeted a protocol (other than TCP/UDP) and a port. Previously these rules were throwing an exception and causing the scanner to not complete.
• Infrastructure
  
• Upgraded the default size for the Forseti Server VM and the CloudSQL instance.
• Improved performance of the startup script by only pulling in the current head of the Forseti branch.
• Updated the startup script to use a random minute for the periodic scan. This will help reduce rate throttling that was seen by some instances in regards to getting a Cloud Asset Inventory (CAI) export.

We encourage you to take a look at the release notes for more details. Try out the release by following this guide to install and configure a new Forseti instance or by following this guide on how to upgrade an existing deployment.

Questions, feedback, or comments are welcomed at dis...@forsetisecurity.org.

[Henry Chang]

Hi Juan, our goal to migrate to terraform-based installation is to simplify the future upgrade process.  Please see our blogpost about this.

Thanks.

On Fri, Oct 4, 2019 at 7:20 AM 'Juan Bueno' via Forseti Security Discussion <dis...@forsetisecurity.org> wrote:

Does the eventual depreciation of the Python installer, have any implications with regards to the ease of incorporating future upgrades? I am trying to assess the benefits of switching to a terraform-based installation?

This message, and any attachments, is for the intended recipient(s) only, may contain information that is privileged, confidential and/or proprietary and subject to important terms and conditions available at http://www.digitalasset.com/emaildisclaimer.html. If you are not the intended recipient, please delete this message.

--
You received this message because you are subscribed to the Google Groups "Forseti Security Discussion" group.
To unsubscribe from this group and stop receiving emails from it, send an email to discuss+u...@forsetisecurity.org.
To view this discussion on the web visit https://groups.google.com/a/forsetisecurity.org/d/msgid/discuss/ba9f518c-b428-40f9-bc68-2844181f3a60%40forsetisecurity.org.