v1.11.2
Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in this Piiano Vault release.
New features
- Finer permissions control with three new capabilities:
CapObjectsLister,CapObjectsReaderandCapObjectsWriter. Use the last two capabilities to allow read or write operations to objects while disallowing the traversal of objects. This is required in many web forms situations. This is not a breaking change. While the previous data access capabilities were removed from the default IAM for new Vaults, they are still fully supported and could be used when applicable. - The credit card LUHN check can now be turned off using this environment variable
PVAULT_FEATURES_DISABLE_CC_LUHN_VALIDATION - A new
PVAULT_SERVICE_ALLOWED_PCI_HTTP_DESTINATIONSenvironment variable that specifies the allowed destinations for HTTP requests that include PCI data. ThePVAULT_SERVICE_ALLOWED_HTTP_DESTINATIONSenvironment variable allows destinations for other data-types. See HTTP Call Action for more information.
Bug fixes
- Fixed the wrong permissions check for tokenize operation without properties (when tokenizing the entire object).
- Fixed the failed import when exporting from one cloud provider and importing to another.
Breaking changes
If you are using the tokenize operation without listing which properties to tokenize, review your IAM permissions of that user to ensure that you will not lose access to this operation after upgrade. You require an allow policy that has tokenize in its operation list.