Release 7.115.0
Release period: 2022-03-23 to 2022-03-30
This release includes the following issues:
- Policy violations will be regenerated
- Fixes race condition in Azure authentication logic
- Directly navigate to external payment method request page
- Improved permission handling for Azure UAMI Blueprints
- Configurable policy evaluation strategy
- Fixed unreadable error reason during access control
- Policies are now one-way to make them easier to use
Ticket Details
Policy violations will be regenerated
Audience: Customer, Partner, Operator
Description
We're currently improving the policy violations transparency. Therefore it is necessary to cleanup the existing policy violations. It could be the case that the policy violations are temporarily not available. The policy violations will be regenerated. No further actions are required.
Fixes race condition in Azure authentication logic
Audience: Operator
Description
Fixes an issue caused by parallel and long-running API requests against the Azure API. That could lead to sporadic failures due to a faulty authentication token refresh.
Directly navigate to external payment method request page
Audience: Customer, Partner
Description
For those that use an external process to request a payment method in meshStack, it is now possible to configure a URL that will link from the meshCustomer's payment method page to an external link. This will make it easier for users to find the right payment method request processes. Get in touch with us to configure this new option.
Improved permission handling for Azure UAMI Blueprints
Audience: Partner
Description
The logic behind the assignment of the user-assigned managed identities during the initial assignment or update of a Blueprint was improved. Previously, roles could have been removed too early in case multiple Blueprints would use the same identity. That could lead to permissions issues with the second Blueprint assignment.
Configurable policy evaluation strategy
Audience: Customer, Partner
Description
It is now possible to configure a specific evaluation strategy for each policy. Currently, we support the strategies 'subset' and 'intersection'. To learn more about how each strategy works, take a look into the meshPolicies documentation https://docs.meshcloud.io/docs/meshcloud.policies.html.
Fixed unreadable error reason during access control
Audience: Customer, Partner
Description
Sometimes an unreadable "[object Object]" error reason occurs when assigning users or groups to meshCustomers and meshProjects. This is now fixed.
Policies are now one-way to make them easier to use
Audience: User, Partner, Operator
Description
The relationship between two policy subjects within a meshPolicy is no longer bidirectional. Every meshPolicy describes a relation into one specific direction. This means for example if you want to restrict the meshProject depending on a meshCustomer then you need to define the following meshPolicy: meshCustomer -> meshProject. This is the first step to increase the readability of the policies and policy violations. Be aware that we'll incrementally release more and more improvements in the coming weeks. For more information please take a look into the documentation https://docs.meshcloud.io/docs/meshcloud.policies.html .