IronCore Labs Home
  1. Docs
  2. SaaS Shield
  3. Suite
  4. Vendor API
  5. Changelog
  1. Docs
  2. SaaS Shield
  3. Suite
  4. Vendor API
  5. Changelog

Changelog

See our buildlog for relationships between specific docker hashes and version tags. The most recent releases are at the bottom of the file. There will only ever be multiple hashes for a single version tag if the underlying image was rebuilt to fix a security vulnerability.

v3.1.0

  • Add secret_count to KMS Config responses.
  • Relax restrictions on deleting KMS Configurations that have active secrets attached to them. This allows for effectively destructively offboarding a tenant, as their secrets will be deleted. Secrets are not recoverable and any downstream services (deterministic encryption, cloaked search) will fail when attempting to do things with those secrets. We strongly advise checking for secret_count == 0 before issuing a KMS Configuration DELETE.

v3.0.0

  • Remove archived from Tenant Update request. This feature has been replaced with Tenant Delete. We recommend deleting any existing archived tenants.

v2.6.0

  • Switched to structured JSON logging

v2.5.0

  • Added tenantId to Tenant Secret List response.
  • Added tags filter to Tenant Secret List request body.

v2.4.0

  • Added support for specifying key leasing requirement when creating a KMS configuration.
  • Added field to tenant response structure indicating whether the tenant has been invited but not yet accepted the invitation.

v2.3.0

  • Added support for key leasing requirements for tenants.
    • When creating a new tenant, your organization’s default key leasing requirement will be used (see Organization Settings in Config Broker).
    • The Tenant Update endpoint can be used to change an individual tenant’s key leasing requirement.

v2.2.0

  • Added endpoints to manage tenant secrets.
    • Tenant secrets can be listed, and individual secrets can begin/commit rotation.

v2.1.0

  • Added support for Thales KMS configurations.
    • KMS config create, list, get, and update endpoints all work with the new config type.

v2.0.1

  • Breaking: Changed KMS Config Get to not return decrypted KMS config credentials. The decrypted keyPath will still be returned.
  • Added support for managing tenant tags
    • Added new endpoints to list, create, assign, and un-assign tags
  • Added new version of the Tenant Create endpoint
    • POST /api/2/tenants accepts tags to assign to tenants. If no tags are provided, none will be assigned.
    • POST /api/1/tenants does not accept tags. The tenant will be created with the Default tag for the vendor.

v1.0.1

  • Added multi arch builds. amd64 and arm64 docker containers are both published to GCR.
  • Added ability to invite tenant admins on tenant creation.
  • Added ability to resend tenant invites.

v1.0.0

  • Added support for KMS configs assigned to multiple organizations
  • Added endpoints for managing assignments
  • Fixed a bug in the grant/revoke logic for the TSP group

Was this page helpful?

One sec... bot checking