Skip to main content

Release Notes for Styra DAS

This page describes the release notes for Styra DAS delivered in July 2021.

Release Summary

Styra is built on the Open Policy Agent (OPA), a popular and widely deployed open source project developed by the founders of Styra. With primary credibility for the underlying technology, the Styra team and technology are both proven in production across verticals. Styra enables enterprises to define, enforce, validate, and continually monitor security, compliance and operational policies across the cloud-native application stack. Styra has reinvented the authorization solutions to mitigate customer risk, and reinforce commitment to trust and transparency in safeguarding customers’ data. Styra’s Declarative Authorization Service (DAS) is a sophisticated management plane that provides context-based guardrail, built from a graphical policy library to mitigate risk, reduce human error and accelerate development. Styra makes it possible for enterprises to implement policy-as-code controls and to prove their effectiveness to both internal and external security and compliance audiences.

July 27, 2021

This Styra DAS 20210727 release delivers the new enhancements.

New Features and Enhancements

This section describes the new enhancements in Styra DAS 20210727.

API

  • Starting with this release, computing the compliance results for large clusters or stacks can take longer than the 30 seconds timeout of the existing APIs. Now, this computation will continue in the background if it takes too long, and the UI will poll the backend until the compliance results are ready.

Data Sources

  • The HTTP data sources plugin now supports using Rego policies to filter incoming data. A policy filter and query will allow you to apply Rego transformations before it is persisted as data. This mechanism is useful for filtering out data that you no longer want to store or for any other mutations that you want to perform.

GUI

  • Rule cards now support drag and drop between enforcement columns.

  • The inventory can now be filtered. The search bar at the top of the inventory will limit the systems, stacks, and libraries shown.

July 20, 2021

This Styra DAS 20210720 release delivers the new enhancements and the list of fixed issues.

New Features and Enhancements

This section describes the new enhancements in Styra DAS 20210720.

CLI

  • This release introduces styra-cli 0.6.0. This enhancement includes the styra-cli vet command that can be used to validate your JSON or YAML files with your system rules according to the assigned system OPA configuration.

GUI

  • Starting with this release, the compliance API is updated to run in the background only when the compliance results are not computed within 30 seconds. When the API completes, it returns a 202 response with a link to retrieve the results.

Systems

  • DAS now supports Terraform system-type. The Terraform system-type helps you put guardrails onto the public cloud resources you manage with Terraform. For example, it requires S3 buckets to be encrypted on AWS so that your data is encrypted at rest and satisfies your compliance and security requirements. For more details, read the Styra blog.

Issues Fixed

This section describes the issues fixed in Styra DAS 20210720.

GUI

  • Fixed an issue where the Timeseries service failed to collect the correct number of compliance violations and mutations on stacks or systems; resulting in a period of zero violations on the Styra DAS Monitoring.

July 13, 2021

This Styra DAS 20210713 release delivers the new enhancements and the list of fixed issues.

New Features and Enhancements

This section describes the new enhancements in Styra DAS 20210713.

API

  • Starting with this release, ?compact=true flag is added to /v1/decisions API. In compact mode, only the essential decision fields are returned. This is useful for decisions with larger input or result, where the decisions are not rendered because the important fields are already in the allowed/reason/columns fields.

CLI

  • This release allows you to create a Kubernetes system-type with the create system command through the CLI. This command now triggers a deprecation warning and creates a v1 kubernetes system which will be deprecated in future for kubernetes:v2.

Systems

  • This releases introduces the ability for users to toggle partial evaluation via API per system. Partial evaluation for bundles can be enabled on individual systems on Styra DAS. The configuration for partial evaluation is toggled using a setting in the deployment parameters that are part of a system's configuration.

  • The default ingress policy for Envoy systems now contains an additional rule to allow health checks for the pod to succeed.

allow {
input.attributes.request.http.method == "GET"
input.parsed_path = ["health"]
}

Issues Fixed

This section describes the issues fixed in Styra DAS 20210713.

API

  • Added alias field id and name for system and system_type to /v1/systems/metrics API for consistency with the /v1/timeseries/metrics API.

GUI

  • This release accurately displayed the outcome of advice type mutation decisions when replayed.

July 6, 2021

This Styra DAS 20210706 release delivers the list of fixed issues.

Issues Fixed

This section describes the issues fixed in Styra DAS 20210706.

API

  • Rego traces produced by the summary tracer (/v1/data/path?trace=summary) could return incomplete information for certain Rego rules. This could have lead to Envoy decisions not replaying correctly.

Git

  • Removed the Git synchronization state when the system or stack was deleted, or after a timeout period (24 hrs).