Skip to main content

Release Notes for Self-Hosted Styra DAS

Self-Hosted Styra DAS 0.11.0 was released on 03-24-23.

Helm Chart Updates

New Features and Enhancements

Certificates Through Values

The Self-Hosted Styra DAS Helm Chart can now load certificates for the gateway and gateway-secondary services, as well as for Custom CA Certificates from the values file.

Prior to this enhancement the only way of providing certificates was to copy them into a tls directory in an unpacked copy of the chart. Being able to provide certificates in the values file now makes it possible for users to provide certificates without having to download the Helm chart locally.

Loading the certificates from the file system is still supported for both the gateway services and custom CA Certificates. Loading certificates from the tls directory remains the default setting for the gateway services.

This update changes the customCA field from a boolean value to a nested section. If you previously set customCA to true, you must now update your values.yaml to use customCA.enabled: true, and either customCA.fromFile or customCA.fromValues.

Application Updates

New Features and Enhancements

This section describes new features and enhancements.

Enhancement for Decision Log Management

Decisions now come with an nd_builtin_cache field. When the Styra DAS UI replays a decision, that decision’s nd_builtin_cache value is supplied in the request body parameter into the decision replay API.

OPA Update

Styra DAS is updated with OPA 0.47.

Terraform v2

Terraform v2 returns additional metadata with each rule violation.

Styra DAS API Configuration

This release adds support to the /v1/systems API for customizing the Discovery configuration for OPAs linked to a System. Any nested key values provided in the System's configuration through the field deployment_parameters.discovery will be rendered as part of the System’s discovery configuration

See OPA Discovery for information on how to use this feature.

Fixed Issues

This section describes fixed issues.

Terraform Rule

The Terraform GCP KICS "IP Forwarding Enabled" Rule was not working.

Kubernetes Data

Kubernetes data was not properly pushed to OPA by SLP.

Terraform System

Terraform configuration could not be modified by SSO users with Admin access.