User Guide
Release Notes

2023.5.29

Changes in Veza release v2023.5.29

Search and Insights

Features

  • Early Access: Veza users can now quickly inspect individual identities, groups, and roles from the Access Intelligence > Analysis streamlined search interface. The results can be opened in Query Builder to modify parameters, add rules, or set risk levels. Depending on the chosen entity, Analysis offers the following functionalities:

    • Finding the groups a single user belongs to or the roles a single user can assume.

    • Searching for users and other groups that belong to a group.

    • Identifying all users and other roles that can assume a role.

Enhancements

  • When marking risks as exceptions, you can now add context and details with an optional note. Notes for exceptions appear in an additional column when browsing lists of risks.

Integrations

Enhancements

  • Okta: Added support for Okta Roles to enable search and certification of built-in and custom administrator roles for Okta users. Note that to gather admin role assignments, the integration now requires a token with the super admin role (upgraded from read-only admin).

Bug Fixes

  • AWS: To align with current AWS product terms, AWS SSO is now AWS IAM Identity Center Service in Authorization Graph. AWS IAM Identity Center Groups, Permission Sets, and Users also now refer to the current service name (instead of "AWS SSO").

  • Box: Improved error handling and fixed a bug gathering nested fields for empty Orchestration Actions.

  • Google Cloud: Fixed an issue where Workspace and IAM extraction could be disabled inadvertently when modifying a saved provider configuration. To fix any impacted integrations, an administrator should save the integration configuration after re-selecting the services to limit.

Platform

Enhancements

  • Teams (Early Access): When provisioning users with single sign-on, users are now auto-assigned to the root team by default.

Workflows

Enhancements

  • A collapsible banner now provides a visual summary of certification progress stats. Depending on whether the viewer has results assigned to them, progress indicators now show:

    • The status of all assigned rows (for reviewers with assignments).

    • The status of all signed-off (completed) rows (for operators with no assignments).

    • The number of days since the certification started, or time remaining until the due date (for certifications with a deadline).

  • The initial list of filters in the Access Reviewer mobile experience will now match the desktop experience, instead of listing all available filters.

Bug Fixes

  • Workflow queries: When applying attribute filters on AWS account ID, you can now specify one or more AWS accounts from a dropdown menu. Attribute filters on AWS account ID now always use the in operator.

Previous2023.6.5Next2023.5.22

Last updated