Aembit Edge Components have been updated to newer versions to improve overall performance and functionality.
The following components and packages have been updated:
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Agent Proxy has been updated to include a new environment variable that enables Agent Proxy to monitor network traffic so you can perform detailed debugging if you encounter network traffic errors.
For more detailed information on this feature, please see the Agent Proxy Debug Network Tracing page.
The Aembit Terraform Provider is regularly updated with new features and capabilities to give you additional configuration options.
You may now use multiple Trust Provider match rules of the same type (OR-based combinations) in your Terraform Provider configuration.
For more detailed technical information on how to use similar match rule types in GitLab using the Aembit Terraform Provider, please see the Aembit Terraform Provider Registry technical documentation.
Aembit regularly releases new enhancements and improvements to Aembit Edge and Aembit Cloud components to provide additional features and functionality for your Aembit environment.
The following new features and enhancements have been released:
Aembit automatically records and collects various types of workload metadata in access authorization events, enabling you to use this information to audit and analyze security events.
The information collected and recorded in these access authorization events has been enhanced to now capture and display additional workload metadata, including VM hostname, IP address, and process name.
For more information on access authorization events, please refer to the following technical documentation pages:
Aembit continues to look for ways to improve the overall user experience in an Aembit environment, while also providing additional functionality and features that enhance this experience. One of these ways is by enabling you to route only specific types of traffic through Aembit, via the explicit steering feature.
With explicit steering, you can now configure Client Workloads to direct only certain types of traffic to the Agent Proxy. This enables you to have more precise control of which traffic is managed by the Agent Proxy.
For more information on the explicit steering feature, please refer to the Explicit Steering page.
Aembit Edge Components have been updated to newer versions to improve overall performance and functionality.
The following components and packages have been updated:
For the latest available versions of these components, please see the Edge Components Supported Versions page.
The Aembit Terraform Provider is regularly updated with new features and capabilities to give you additional configuration options.
Aembit now supports both GitLab Job Client Identifiers and GitLab Job Trust Provider types, enabling you to manage Client Workloads in Gitlab using the Aembit Terraform Provider.
For more detailed technical information on how to manage Client Workloads in GitLab using the Aembit Terraform Provider, please see the Aembit Terraform Provider Registry technical documentation.
Aembit regularly releases new enhancements and improvements to Aembit Edge and Aembit Cloud components to provide additional features and functionality for your Aembit environment.
The following four new major features have been released:
Aembit has released a Terraform Provider update that enables users to add multiple Credential Providers to an Access Policy.
Aembit now supports use cases where the Aembit Terraform Provider can manage Aembit Access Policies associated with individual or multiple Credential Providers.
For more information about this feature, please see the Multiple Credential Providers - Terraform page.
Aembit continually makes improvements and enhancements to the Admin Dashboard to provide greater visibility and insight into your Aembit environment.
The Admin Dashboard has been updated and enhanced with additional tiles and panels that provide detailed information on Client and Server Workloads, Credential Usage by Type, the number of Access Condition failures based on Access Policies over the past 24 hours, and several other visualizations.
For more information on the Admin Dashboard and these additional panels, please see the Admin Dashboard Overview page.
Aembit aims to provides users with the ability to view detailed Aembit Edge metrics and data.
Aembit now exposes Prometheus-compatible metrics which enables users to view, and troubleshoot Aembit Edge Components (Agent Proxy, Agent Controller, and Agent Injector), while supporting both Kubernetes and virtual machine deployment models.
For more detailed information on how Aembit exposes Prometheus-compatible metrics, please see the Aembit Edge Prometheus-compatible Metrics page.
Aembit Edge Components have been updated to newer versions to improve overall performance and functionality.
The following components and packages have been updated:
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Aembit has released improvements to its reporting and logging/auditing capabilities, giving you improved visibility into access authorization events and audit logs. With these enhancements, you can more easily diagnose issues and troubleshoot problems in your environment.
Improvements have been made to the Aembit Tenant’s reporting capabilities and reporting documentation, enabling increased visibility into access authorization events and audit logs. The Aembit technical documentation has also been augmented to assist with using these capabilities.
For more information on these access authorization event and audit log improvements, please see the following pages:
Aembit has released two new updates and improvements to Aembit components:
You may now view the real-time health status of Agent Controllers in the Aembit Tenant.
For more information on how to check the health status of Agent Controllers, please see the Tenant Health Check page.
Aembit Edge Components have been updated to newer versions to improve overall performance and functionality.
The following components and packages have been updated:
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Aembit Edge Components are regularly updated to newer versions to address specific bug fixes and optimize performance of these components.
We recently identified a known issue that was resolved with a new Helm Chart version.
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Aembit regularly provides feature and functionality updates to various components to extend capabilities and performance.
Aembit has released a feature improvement that enables you to work with Custom Resource Sets in GitHub Actions and GitLab Jobs CI/CD pipelines.
For users that would like to implement a CI/CD pipeline solution using Aembit with a custom Resource Set, separate from other workloads, Aembit has introduced Resource Set support for both GitHub Actions and GitLab Jobs.
Aembit supports Workload Identity and Access with GitHub Actions or GitLab Jobs, in your CI/CD workloads and encourages scoping these for appropriate access control. Adding support for Resource Sets in these solutions provides you with additional options and flexibility in best managing and protecting your CI/CD workloads.
For more information on how to configure Resource Sets in GitHub Actions and GitLab Jobs, please see the following pages:
Aembit regularly releases updates to Aembit components and packages to improve overall performance of your environment.
The following updates have been released:
Aembit Edge Components have been updated to newer versions to improve overall performance and functionality.
The following components and packages have been updated:
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Aembit has extended the Aembit PKI-based Agent Controller TLS functionality beyond just ECS deployment models to include Kubernetes and virtual machine deployments.
For Kubernetes deployments, if the Customer’s PKI-based Agent Controller is already configured, it will remain unchanged. Otherwise, Aembit’s PKI-based Agent Controller TLS is enabled by default.
For virtual machine deployments, you need to configure Aembit’s PKI-based Agent Controller TLS manually.
Aembit Edge Components are updated on a regular basis to include new features, functionality, and package improvements.
Aembit has released new versions of the following components and packages:
Agent Proxy has been updated to address a specific issue related to idle timeouts for HTTP persistent connections (currently 1 hour). If no new request comes over a connection, the request will be closed by Agent Proxy.
For the latest available versions of these components, please see the Edge Components Supported Versions page.
Aembit recently released the following two updates to improve the Aembit user experience:
Aembit has released an updated Admin Dashboard with additional metrics and data you can review when logging into your tenant. You will now see the following metrics displayed from the last 24 hours:
Aembit now supports the ability for you to have multiple Credential Providers associated with an Access Policy for specific use cases.
Adding and mapping multiple Credential Providers to an Access Policy can be very useful when you have a single Access Policy, but want to have different Credential Providers associated with that Access Policy.
For example, if you want to have the same Client Workload access the same Server Workload, but use different credentials for different functions, this feature enables you to specify the appropriate Credential Providers for each function on an Access Policy.
For more detailed information on how you can add multiple Credential Providers to an Access Policy, please see the Multiple Credential Providers page.
Kubernetes recently introduced support for native sidecar containers. Aembit now leverages this model for the Agent Proxy, where possible.
Aembit now automatically injects the Agent Proxy as a native sidecar, allowing init container Client Workloads.
This change only applies to Kubernetes deployments of version 1.29 and above.
For more information on how you can use Agent Proxy as a sidecar to support init containers, please see the Kubernetes Deployment page.
Aembit has released comprehensive API technical documentation for the Aembit API.
With this documentation release, you now have access to a complete library technical content, usage information, and the latest version of the OpenAPI specification, which you can use to learn how to use the Aembit API.
For more detailed information on the Aembit API technical documentation, please see the page.
Aembit has released two major enhancements to Aembit Edge Components: Aembit Edge Terraform Module for AWS ECS, and ECS TLS support.
Aembit releases updates to the Aembit ECS Terraform Registry on a regular basis to provide users with additional features and functionality, including improvements to Agent Proxy and Agent Controller.
For more information on the latest ECS Terraform Registry release, please see the Aembit Terraform Registry page.
Aembit has released an ECS deployment enhancement that enable Transport Layer Security (TLS) between the Agent Proxy and Agent Controller using Aembit-provided Private Key Infrastructure (PKI).
There is no option to use your own PKI for ECS deployments.
Aembit has released an Aembit Terraform Provider update to the Terraform Registry.
This update includes several improvements and enhancements, including:
For more information on these updates and changes, please see the Aembit Terraform Registry page.
Aembit now supports dynamically steering only specific traffic to the Agent Proxy.
The dynamic steering feature introduces the ability to restrict this proxied traffic to a specific list of hostnames. When this feature is enabled, only egress traffic to the user-specified hostnames will be proxied. This enables you to have more precise control over which destinations’ traffic is managed by the Agent Proxy.
Aembit now supports more options for identifying Client Workloads and specifying Trust Provider match rules, including multiple “or” condition matches and wildcard support.
These matching improvements shipped alongside the new OAuth 2.0 Authorization Code Credential Provider; see that entry for the new-feature details.
Aembit now supports 3-legged OAuth (3LO) workflows through the new OAuth 2.0 Authorization Code Credential Provider. Applications can request a user’s permission to access their account data and act on the user’s behalf.
With 3LO support, an application can access services or applications that the user has authorized.
Aembit supports the following third-party services with OAuth 2.0 Authorization Code Credential Providers:
For configuration details, see the OAuth 2.0 Authorization Code Credential documentation.
An expansion to Client Workload identification and Trust Provider match rules also shipped in this release; see Expanded Client Workload identification and Trust Provider match rules.