Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Pomerium v0.27 is released!

7 views
Skip to first unread message

c...@pomerium.com

unread,
Sep 25, 2024, 3:50:10 PM9/25/24
to pomerium-announce

Pomerium v0.27 is here with performance improvements and bug fixes!

Highlights include:


Enterprise:

  • New widget: Report an issue. The Enterprise Console now includes a Report Issue widget for streamlining the feedback process. It can be disabled by setting the new option `--disable-feedback-widget`.

  • New policy condition: Exists. The policy builder now has a new "Exists" condition for use with external data source records. The condition is true when an incoming request matches any record in the selected external data source. 


Core:

  • New: TLS 1.3 for upstream connections. We now support TLS for both upstream and downstream connections.

  • Change: Downstream mTLS support. The Match Subject Alt Names setting now supports UserPrincipalName matching, and the reject_connection enforcement mode now enables TLS connection failure logging. This allows you to monitor for connection attempts blocked due to mTLS requirements.


Zero:

  • Officially launched! Explore Pomerium Zero’s capabilities and sign up for free.

  • Improved metrics and visualizations. When running Zero-managed mode, Pomerium will now report usage metrics for display in a new Traffic tab in the Zero user interface. This provides a useful visualization of both overall and per-route request rate, size, and duration.


This release will include the following breaking changes:


  • Deprecated. The /.pomerium/jwt endpoint is now deprecated and disabled by default. To temporarily opt out of this deprecation, please set the runtime flag `pomerium_jwt_endpoint` to true. This flag will be removed in a future release.

  • Pomerium Zero Kubernetes deployments.  The installation manifest now uses a Deployment rather than a StatefulSet. When upgrading, you will need to first remove the existing StatefulSet before re-installing, using a command like: `kubectl delete statefulset/pomerium -n pomerium-zero`


Please view the Core and Enterprise changelogs for more information and make sure to address any necessary changes to your configuration before upgrading.


Big thank you to all our users, and to everyone who contributed to this release!


Best,

Pomerium Team


Reply all
Reply to author
Forward
0 new messages