Discover the new features, logic changes, bug fixes, breaking changes, and known issues and limitations in Piiano Vault release v1.4.0.
- delete token REST API operation now supports a
tenant_idquery parameter. It can be included as an extra filter to one of the existing query parameters (token_ids, object_ids, and tags). It ensures that only the tokens whose owner has the specified tenant_id will be deleted.
- The CLI
selftestcommand now supports execution on a Vault in a stateless mode.
- Config logger now reports the current collections in PVSchema format in addition to the JSON format.
- Improved explanation of policy violations in logs.
- The default IAM now includes new policies to allow and deny crypto operations.
- Normalize object ID to lowercase once providing it in
- Fix bug where fields of JSON type were expected to be handled in the API as serialized JSON strings instead of JSON objects.
- Fix an issue where the CLI health command truncated errors.
- Fix an issue where updating a collection returned only the updated properties.
- Fix bug where listing objects using the same object ID multiple times returns an error.
- Update collection returns all properties in the collection, not just these that were updated.
- The CLI now prints the message "Command completed successfully" as a log, to Stderr (instead of Stdout).
- Minor OpenAPI changes - these change doesn't affect the REST API but might cause generated clients to be generated differently.
- Some models were renamed.
uniqueItems: trueis added to
- Fields of JSON type are now expected to be sent and received in the API as JSON objects and not as serialized JSON strings.
- Config logger report of the IAM is now nested in an object for a better collapsing in logs visualization tools.
- Update collection API now returns the full updated collection and not just the updated properties.
- The obsolete
PVAULT_FEATURES_POLICY_ENFORCEMENTenvironment variable was removed.
- The IAM is now loaded during startup, either from the user file when provided or from the default system provided file. It is not merged any more. Coming soon: an option to continue reloading the user provided IAM file even post initial system setup to support infrastructure as code.