2023.5.1
Changes in Veza release v2023.5.1
Integrations
Enhancements
When configuring a Google Cloud integration, administrators can now set allow and deny lists to limit KMS extraction by location.
The AWS integration now gathers metadata for EKS Services and EKS Clusters. You will need to apply an updated integration trust policy that allows
eks:ListClusters
andeks:DescribeCluster
. New Saved Queries identify:AWS IAM Users with EKS permissions
AWS IAM Roles with EKS permissions
AWS EKS Clusters with public endpoint access
Additional entity types are now supported when connecting to OneLogin:
OneLogin Groups
OneLogin Roles
OneLogin Apps
Insight Point Configuration page:
Administrators can now initialize a new Insight Point by clicking Create (changed from Generate New Key).
The list of Insight Points now instantly refreshes after creating a provisioning key.
An expiration date for the provisioning key is no longer specified when creating an Insight Point.
Early Access: The Google Cloud integration can now show cross-account access where identities in one organization have access to resources in another organization integrated with Veza. Cross organization permission mapping can be configured in the following ways:
At the Google Workspace and Cloud IAM level (such as Groups in one Google Organization with Project roles in another Organization).
At all levels, including cross-organization access granted by a policy applied at the resource level.
Contact your support team to enable the most appropriate setting for your environment.
Bug Fixes
Salesforce: Integrating a sandbox environment containing a full replica of an integrated production environment no longer causes entity duplication and collision errors.
Search and Insights
Bug Fixes
Fixed an issue where queries for Snowflake could appear even when an integration was not configured.
Workflows
Enhancements
A description is now shown when hovering over possible Smart Actions.
Bug Fixes
Certification PDF exports correctly include the Signed Off By ID, Signed Off By Name, and Signed Off By Email columns.
Fixed an issue with CSV and PDF exports missing file extensions.
Prevented unexpected error messages when switching Smart Actions and selecting reviewers to assign.
Fixed an issue that could prevent nested roles from appearing in certification results.
Developers
To ensure performance, filter operators on certification result
decision
,signed_off_state
, andreviewers
are temporarily restricted toeq
.
Last updated