Release Notes for Styra DAS
This page describes the release notes for Styra DAS delivered in May 2021.
Release Summary
Styra is built on the Open Policy Agent (OPA), a popular and widely deployed open source project developed by the founders of Styra. With primary credibility for the underlying technology, the Styra team and technology are both proven in production across verticals. Styra enables enterprises to define, enforce, validate, and continually monitor security, compliance and operational policies across the cloud-native application stack. Styra has reinvented the authorization solutions to mitigate customer risk, and reinforce commitment to trust and transparency in safeguarding customers’ data. Styra’s Declarative Authorization Service (DAS) is a sophisticated management plane that provides context-based guardrail, built from a graphical policy library to mitigate risk, reduce human error and accelerate development. Styra makes it possible for enterprises to implement policy-as-code controls and to prove their effectiveness to both internal and external security and compliance audiences.
May 25, 2021
This Styra DAS 20210525 release delivers the new enhancements and the list of fixed issues.
New Features and Enhancements
This section describes the new enhancements in Styra DAS 20210525.
Data Sources
- The HTTP data source supports authorization headers, both JSON and YAML formats, and custom headers in the requests. YAML does not support large numbers beyond
int64
.
Styra DAS UI
- Styra DAS is now collecting product usage data to help us build a better user experience.
May 18, 2021
This Styra DAS 20210518 release delivers the new enhancements and the list of fixed issues.
New Features and Enhancements
This section describes the new enhancements in Styra DAS 20210518.
GUI
- This release allows Styra DAS to improve performance by not preloading all policies and data sources filenames from all systems. When a system is expanded or selected in the navigation panel, only then it reads and lists those files.
Systems
-
In addition to the compact mode,
GET /v1/systems
API now also accepts supplementary query flags that allow omitting various parts of the system configuration object on the output. These flags make the resulting JSON smaller, accelerates the API, and prevents computing the omitted parts.The supplementary query flags are:
-
policies=false to omit policies
-
modules=false to omit modules
-
datasources=false to omit datasources
-
errors=false to omit errors/warnings
-
authz=false to omit authz
-
metadata=false to omit metadata
-
Issues Fixed
This section describes the issues fixed in Styra DAS 20210518.
Backend
- Fixed an issue that caused bundles to change frequently without real policy changes.
GUI
-
Fixed an issue that prevented system owners from updating a custom system’s datasource.
-
Temporarily disabled
data.
autocomplete due for performance issues.
May 11, 2021
This Styra DAS 20210511 release delivers the new enhancements and the list of fixed issues.
New Features and Enhancements
This section describes the new enhancement in Styra DAS 20210511.
GUI
- This release improves the performance of reading systems by reducing the number of database calls in the backend.
Issues Fixed
This section describes an issue fixed in Styra DAS 20210511.
GUI
- Fixed the client-side Rego formatter issue that rendered keywords using dot notation even if the keyword was originally quoted in bracket notation (for example,
path.to["default"]
→path.to.default
).
May 4, 2021
This Styra DAS 20210504 release delivers the new enhancements
New Features and Enhancements
This section describes the new enhancement in Styra DAS 20210504.
API
- System and Stack configurations returned by the DAS API now have additional fields status. When system or stack is not fully initialized its value is
Initializing
. When all system or stack policies, data sources, and other resources are successfully created, then the status value changes toReady
.
Backend
- Partial Evaluation is now available as an option for bundle download requests. Requests to
v1/bundles
API can specify aneval_path
parameter to trigger partial evaluation of the provided path in the policy. If an error occurs during partial evaluation,v1/bundles
API aborts the partial evaluation and returns the original bundle. Envoy systems will use this feature by default, and should see a performance improvement due to the policy library’s stack resolution logic being pre-evaluated.
Git
-
This release improves the Git synchronization with Styra DAS. The background Git synchronization is run more frequently for policies to synchronize faster. Changes made to the main Git branch should appear in Styra DAS within five minutes.
-
Styra DAS requires Rego policies synced from a Git repository to have package names that reflect their path. Git synchronizer validates all synced Rego modules and any changes to the DAS to avoid partial synchronization. Styra DAS also requires that policy package names do not overlap. In terms of paths, if there is a policy in a folder, then no other folders along its path are allowed to have Rego files in it. Also, Git synchronizer validates the paths, and the current file or folder structure to avoid conflicts with what is already in DAS before doing any synchronization.
On-Premises
- Prior to this release, for the on-premises installation of Styra DAS,
root_user
credentials was stored as plain text inconfigmap
. This release adds a functionality to read credentials from secrets while retaining the existing functionality to read fromconfigmap
, if it is available for backward compatibility.