Release Notes for Styra DAS
This page describes the release notes for Styra DAS delivered in April 2022.
Release Summary
Styra is built on the Open Policy Agent (OPA), a popular and widely deployed open source project developed by the founders of Styra. With primary credibility for the underlying technology, the Styra team and technology are both proven in production across verticals. Styra enables enterprises to define, enforce, validate, and continually monitor security, compliance and operational policies across the cloud-native application stack. Styra has reinvented the authorization solutions to mitigate customer risk, and reinforce commitment to trust and transparency in safeguarding customers’ data. Styra’s Declarative Authorization Service (DAS) is a sophisticated management plane that provides context-based guardrails, built from a graphical policy library to mitigate risk, reduce human error and accelerate development. Styra makes it possible for enterprises to implement policy-as-code controls and to prove their effectiveness to both internal and external security and compliance audiences.
April 26, 2022
This Styra DAS 20220426 release fixes the following issues.
Issues Fixed
This section describes the issues fixed in Styra DAS 20220426.
Styra DAS UI
When editing policy code, DAS saves the scrolling position for all layout modes per session. This prevents the editor from resetting to the start of the file when switching between different files.
Backend
- Fix a regression in Entitlements that could cause errors if the optional membership-attributes field was omitted from a group or role.
- Disallow subjects from obtaining dynamic membership in groups or roles that have an undefined or empty membership-attributes object for Entitlements.
April 19, 2022
This Styra DAS 20220419 release delivers the following new enhancements and issues fixed.
New Features and Enhancements
This section describes the new enhancements in Styra DAS 20220419.
Backend
- Starting with this release, the SystemManager is added in the GUI. This role provides the same permissions as the SystemOwner, except without visibility into install instructions.
Styra DAS UI
- This release adds a Print tab to display all print() Rego output in the Validate pane. You can click on the Validate button for any Rego policy to find the Print tab.
Issues Fixed
This section describes the issues fixed in Styra DAS 20220419.
Backend
- Prior to this release, arrays were not always handled correctly and their values were not used in RBAC role mapping. Starting with this release, issue mapping OIDC provider claims to DAS RBAC roles was fixed. The issue occurred when the claim was an array of multiple values.
April 12, 2022
This Styra DAS 20220412 release delivers the following new enhancements.
New Features and Enhancements
This section describes the new enhancements in Styra DAS 20220412.
Data Sources
-
This release integrates the debug charts to enhance the debugging of data source agents. The debug charts allows you to watch for the memory and CPU usage in real-time.
kubectl port-forward datasources-agent 6060
open http://localhost:6060/debug/charts
Styra DAS UI
- This release adds support for the
every
keyword. For more information, see theevery
keyword page.
April 5, 2022
This Styra DAS 20220405 release delivers the following new enhancements.
New Features and Enhancements
This section describes the new enhancements in Styra DAS 20220405.
Backend
-
When you implement OpenID Connect (OIDC) on top of Azure Active Directory (AD) Business-to-Consumer (B2C), an error message stating
Issuer did not match the issuer returned by provider
may occur. Styra DAS Enterprise users can contact Styra Customer Support to enable a feature flag so that you can then configure an Identity Provider to skip this verification. -
The
SECONDARY_INGRESS_URL
setting for on-premises installation configures a second ingress gateway URL. This can be used to report status and discovery. By default, only one ingress is used.
Data Sources
- Starting with this release, you can import the data sources from a Git repository by using the repository link and credentials into Styra DAS.
Git
- This release allows you to set a pinned commit SHA of the default branch in a Git repository, instead of a reference (branch or tag). It locks the Rego policy files to that specific commit SHA. This feature is located in the Settings >> Git Repository for the workspace, system, stack, and library level and in the Settings button of Git based data sources for Custom Systems. A Git icon appears in the navigation panel for workspace, system, stack, libraries, or data sources to describe the configured Git settings to allow you to keep track of this information.
GUI
-
This release allows you to preview your data source result before saving. Add all necessary information into the data source configuration form and click Refresh data to see a preview of the data source result.
-
Starting with this release, all systems show matching stacks count in the stats section located in the System view and all stacks show matching systems count in the stats section located in the Stack view.
Systems
-
Starting with this release, calendar snippet has the following options:
-
Match Request by Month allows you specify the timezone. For backwards-compatibility, if the timezone parameter is omitted then the default timezone is UTC.
-
Match Request by Day of Week assumes the default timezone as UTC. Previously, an undefined timezone would case the rule to be undefined.
-