Release period: 2021-03-17 to 2021-03-24
This release includes the following issues:
- Filter meshTenants by platform via API
- Multiple LDAP entities as source for meshObjects
- Fix Tenant Details for some Partner roles
- Absent tag won't violate meshPolicy rule
- OpenStack federated IdP integration
- Handle AWS metering edge-case
- Additional check against duplicate Blueprint assignments
Filter meshTenants by platform via API
We added platform filtering to the meshApi for meshTenants. You can use the API to filter meshTenants by their platform identifier to e.g. get a list of all Azure subscriptions. Platform identifiers can be found in Administration > Platforms > Platform Instances > Platform Identifier.
Multiple LDAP entities as source for meshObjects
The Identity Connector can now be configured to query multiple LDAP entities as sources for meshObject replication. This for example allows a lookup of users from different OUs.
Fix Tenant Details for some Partner roles
There was an issue when accessing the tenant detail screen in the Admin Area as a Platform Operator or Replication Operator. This has been fixed now.
Absent tag won't violate meshPolicy rule
Audience: Partner, Customer, Operator
We altered the evaluation of meshPolicies in a way that two meshObjects are now compliant to a meshPolicy rule if they both do not have the tag set, that is specified in the rule. This does not apply if the tag is set, but contains an empty value. This change will not lead to non compliant assignments of meshObjects because meshObjects that need to be protected have a tag specified. This change only applies to meshObjects that both don't have a tag specified which is in scope of a policy. E.g. if you want to prevent a production Landing Zone from being used by a dev meshProject just assign a production tag to the Landing Zone and create a meshPolicy that checks the meshProject on a production tag. If the meshProject is not tagged in this case but the Landing Zone is, the meshPolicy will prevent the meshProject from assigning the Landing Zone. If you have doubts or questions about this change please reach out to us and we will assess your setup.
OpenStack federated IdP integration
A new mode is available for OpenStack integration. meshIdB is not required for the integration anymore. You can directly integrate your company-wide IdP to OpenStack. meshStack will make sure that users have access to the OpenStack projects they are assigned to in meshStack.
Handle AWS metering edge-case
Audience: Operator, Partner
In AWS Cost and Usage Reports, the AWS Registrar product had in rare cases usage dates that were outside of the billing period. It seems to be the only product in AWS with such an edge-case. We now handle this case correctly and charge those costs in the same month as AWS did.
Additional check against duplicate Blueprint assignments
Adds a safety check to explicitly prevent duplicate Blueprint assignments before updating an Azure Blueprint. Please note that there are already countermeasures against this condition in place and this is only an extra safety enhancement for older blueprint assignments.