Skip to content

Latest commit

 

History

History
1074 lines (590 loc) · 21.1 KB

CHANGELOG.md

File metadata and controls

1074 lines (590 loc) · 21.1 KB

Change Log (v2.8.1+)

v4.0.1 [2025-01-29]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Withdrawn request now returns withdrawn status instead of cancelled.
  • Always include ITSM ticket_type and/or ticket_id if they are provided.
  • Failing my_resources.checkout due to 404 after approval.

Dependencies:

  • None

Other:

  • None

v4.0.0 [2025-01-17]

What's New:

  • Reorganized codebase to align with UI orginizational structure.
  • Decoupled my_requests and my_approvals from my_access.
  • Added brokers and pools functionality for access_broker.
  • Added firewall settings functionality.
  • Added Britive managed_permissions functionality.
  • Britive exceptions by type and error code.
  • my_resources improvements.

Enhancements:

  • Added add_favorite and delete_favorite to my_resources.
  • Added checkout approvals to my_resources.
  • Added ITSM to checkout approvals.
  • Added (create|list|update|delete)_filter) to my_access.
  • Added response_templates functionality for access_broker credentials.
  • Added request_approval[_by_name]|withdraw_approval_request[_by_name] to my_resources.
  • Added my_access.list to retrieve access details with new type=sdk option.

Bug Fixes:

  • Fixed missing param_values option for resource creation.
  • my_approvals.list now includes my_resources requests.
  • Make get call in helper method instead list_approvals.
  • Catch requests.exceptions.JSONDecodeError in handle_response.

Dependencies:

  • requests >= 2.32.0

Other:

  • Python 3.8 is EOL, so support is dropped.
  • Method assignments dropped:
Dropped New location
access_builder application_management.access_builder
accounts application_management.accounts
applications application_management.applications
audit_logs audit_logs.logs
environment_groups application_management.environment_groups
environments application_management.environments
groups application_management.groups
identity_attributes identity_management.identity_attributes
identity_providers identity_management.identity_providers
notification_mediums global_settings.notification_mediums
notifications workflows.notifications
permissions application_management.permissions
profiles application_management.profiles
saml security.saml
scans application_management.scans
security_policies security.security_policies
service_identities identity_management.service_identities
service_identity_tokens identity_management.service_identity_tokens
settings global_settings
step_up security.step_up_auth
tags identity_management.tags
task_services workflows.task_services
tasks workflows.tasks
users identity_management.users
workload identity_management.workload
my_access.approval_request_status my_requests.approval_request_status
my_access.approve_request my_approvals.approve_request
my_access.list_approvals my_approvals.list
my_access.reject_request my_approvals.reject_request

v3.1.0 [2024-10-07]

What's New:

  • Added access_broker functionality.

Enhancements:

  • None

Bug Fixes:

  • Fixed incorrect if filter in secrets_manager.

Dependencies:

  • None

Other:

  • Switched tox to install from requirements.txt

v3.0.0 [2024-09-09]

What's New:

  • Added access_builder functionality.
  • Added audit_logs.webhooks functionality.

Enhancements:

  • Added comments to my-access.{approve|reject}_request args.
  • Added filter_expression to notification_mediums.list.
  • notification_mediums.create now uses url=... and token=... instead of connection_parameters.
  • Added otp for step up authentication to my_secrets.{download|view}.

Bug Fixes:

  • Fixed issues with some tests and added missing test deletes.

Dependencies:

  • Dropped support for python3.7.
  • Dropped pkg_resources dependency.

Other:

  • Removed deprecated policies.py.
  • Removed deprecated from_time|to_time.
  • Switched to ruff for style linting and code-quality checking.

v2.25.0 [2024-07-01]

NOTE: This will be the last minor version before 3.0.0

What's New:

  • britive.my_resources - allow users to list, checkout, and checkin their Cloud PAM Anywhere resources.
  • britive.step_up.authenticate - allow users to use MFA/TOTP step-up authentication with britive.my_access.checkout

Enhancements:

  • Addition of gitlab federation provider
  • Addition of include_tags on users.list and service_identities.list

Bug Fixes:

  • Adding missing otp arguments to my_access.
  • missing otp dependency for tox testing.

Dependencies:

  • None

Other:

  • Added *_CA_BUNDLE examples to the docs.
  • Add PYBRITIVE_CA_BUNDLE to requests session if set, introduced in pybritive (v1.8.0rc2)

v2.25.0rc5 [2024-06-21]

What's New:

  • britive.my_resources - allow users to list, checkout, and checkin their Cloud PAM Anywhere resources.

Enhancements:

  • None

Bug Fixes:

  • missing otp dependency for tox testing.

Dependencies:

  • None

Other:

  • None

v2.25.0rc4 [2024-06-07]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Adding missing otp arguments to my_access.

Dependencies:

  • None

Other:

  • Added *_CA_BUNDLE examples to the docs.
  • Add PYBRITIVE_CA_BUNDLE to requests session if set, introduced in pybritive (v1.8.0rc2)

v2.25.0rc3 [2024-05-23]

What's New:

  • britive.step_up.authenticate - allow users to use MFA/TOTP step-up authentication with britive.my_access.checkout

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.25.0rc2 [2024-05-10]

What's New:

  • None

Enhancements:

  • Addition of include_tags on users.list and service_identities.list

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.25.0rc1 [2024-04-22]

What's New:

  • None

Enhancements:

  • Addition of gitlab federation provider

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.24.0 [2024-04-05]

What's New:

  • britive.settings.banner.* - administer the banner/system announcement
  • britive.banner - view the banner/system announcement (all end users can view the banner)

Enhancements:

  • Implement logic to catch and present user-friendly error if a tenant is under maintenance
  • britive.users.minimized_user_details method to get a summarized set of user attributes given a list of user ids
  • britive.tags.minimized_tag_details method to get a summarized set of tag attributes given a list of tag ids
  • britive.notification.configure method changes to support the memberRules attribute
  • Native spacelift.io OIDC workload federation support
  • Add filter_expression to listing of system policies/roles/permissions
  • Add secrets_manager.rename() method
  • Add view=includePolicies as an option to the listing of profiles

Bug Fixes:

  • Fix bug related to pagination with system policies/roles/permissions (#97)

Dependencies:

  • Removal of pkg_resources dependency

Other:

  • Remove references to version 1 of profiles as the Britive Platform no longer supports version 1 and all customers have been migrated to version 2
  • Updates to the test suite
  • Addition of __version__ in __init__.py

v2.24.0rc5 [2024-04-03]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • Removal of pkg_resources dependency

Other:

  • Addition of __version__ in __init__.py

v2.24.0rc4 [2024-04-01]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Updates to the test suite

v2.24.0rc3 [2024-03-15]

What's New:

  • None

Enhancements:

  • Add filter_expression to listing of system policies/roles/permissions
  • Add secrets_manager.rename() method
  • Add view=includePolicies as an option

Bug Fixes:

  • Fix bug related to pagination with system policies/roles/permissions (#97)

Dependencies:

  • None

Other:

  • Updates to the test suite

v2.24.0rc2 [2024-01-24]

What's New:

  • None

Enhancements:

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.24.0rc1 [2024-01-18]

What's New:

  • britive.settings.banner.* - administer the banner/system announcement
  • britive.banner - view the banner/system announcement (all end users can view the banner)

Enhancements:

  • Implement logic to catch and present user-friendly error if a tenant is under maintenance
  • britive.users.minimized_user_details method to get a summarized set of user attributes given a list of user ids
  • britive.tags.minimized_tag_details method to get a summarized set of tag attributes given a list of tag ids
  • britive.notification.configure method changes to support the memberRules attribute

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • Remove references to version 1 of profiles as the Britive Platform no longer supports version 1 and all customers have been migrated to version 2

v2.23.0 [2023-11-07]

What's New:

  • None

Enhancements:

  • Support for extending a checked out profile via my_access.extend_checkout and my_access.extend_checkout_by_name

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.23.0rc1 [2023-11-03]

What's New:

  • None

Enhancements:

  • Support for extending a checked out profile via my_access.extend_checkout and my_access.extend_checkout_by_name

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.22.0 [2023-10-12]

What's New:

  • None

Enhancements:

  • Support additional policy condition format. Historically only "stringified" JSON was supported by the Britive backend. Now standard JSON is supported and this SDK will now optionally offer to convert the policy condition block to a python dictionary.

Bug Fixes:

  • Enhanced error handling when a secret or node/path in secrets manager does not exist
  • Fixed bug related to AWS federation provider when a tenant was not provided via the BRITIVE_TENANT environment variable

Dependencies:

  • None

Other:

  • None

v2.21.0 [2023-09-15]

What's New:

  • None

Enhancements:

  • Support for environment_association in profiles.list
  • Support for summary parameter on profiles.get

Bug Fixes:

  • Fixes a bug that will re-request access to a secret instead of raising an exception that the secret request was denied.
  • Fixes service identity tokens due to some changes in the way they are generated now that service identity workload federation is supported.
  • Fixes a bug with profiles.update which was not including all the proper fields in the update request.

Dependencies:

  • None

Other:

  • Updates to the test suite.

v2.20.1 [2023-06-26]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Properly handle situation when a user requests approval to checkout a profile but there is already an approved request for that same profile.

Dependencies:

  • None

Other:

  • None

v2.20.0 [2023-06-14]

What's New:

  • Support for profile permission constraints.

Enhancements:

  • Support multiple notification mediums for an approval policy condition.

Bug Fixes:

  • None

Dependencies:

Other:

  • None

v2.19.0 [2023-05-09]

What's New:

  • Added workload.scim_user for managed workload identity federation for SCIM users.
  • Added my_access.approve_request, my_access.reject_request, and my_access.list_approvals.

Enhancements:

  • Modified the way in which workload identity providers are associated with service identities.
  • Added date_schedule and days_schedule to the various policy build methods.

Bug Fixes:

  • Addressed race condition in my_access.checkout if multiple processes (running as the same user) attempt to check out the same profile for the same environment at the same time

Dependencies:

  • None

Other:

  • None

v2.18.0 [2023-03-27]

What's New:

  • Support for tag membership rules.

Enhancements:

  • Allow the creation of external tags (tags associated with an identity provider) using a non-SCIM identity.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.17.0 [2023-03-14]

What's New:

  • Workload API coverage (create workload federation identity providers and map to service identities) workload
  • System Policies coverage system.policies
  • System Roles coverage system.roles
  • System Permissions coverage system.permissions

Enhancements:

  • Add custom attribute coverage to users and service identities

Bug Fixes:

  • None

Dependencies:

  • For dev/test removed the pin on pytest which was causing issues with newer versions of python

Other:

  • None

DEPRECATION NOTICE

policies.py

This python file only holds one method build. The remainder of the system policy logic has been created in system.policies so as not to cause confusion with secrets manager and profile policies.

In the next major release, policies.py will be retired. As of release 2.17.0 the polices.build method simply calls system.policies.build.

v2.16.0 [2023-03-02]

What's New:

  • Natively support Azure Managed Identity OIDC authentication for workload federation.

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.15.1 [2023-02-16]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Added missing API call profiles.get_scopes()

Dependencies:

  • None

Other:

  • None

v2.15.0 [2023-02-06]

What's New:

  • Added two new APIs for managing single environment scope changes for a profile
    • profiles.add_single_environment_scope()
    • profiles.remove_single_environment_scope()

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.14.2 [2023-01-27]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • In poilicies.build() properly handle when lists are empty

Dependencies:

  • None

Other:

  • None

v2.14.1 [2023-01-24]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • In profile.poilicies.build() support the now available validFor approval parameter via method parameter access_validity_time.

Dependencies:

  • None

Other:

  • None

v2.14.0 [2023-01-18]

What's New:

  • Added Bitbucket as an OIDC federation provider so that the needed logic for authenticating to Britive via Bitbucket pipelines is abstracted away from the caller.

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.13.0 [2023-01-06]

What's New:

  • Ability to pass a callback function to the following my_access methods which will report progress of the process.
    • checkout
    • checkout_by_name
    • request_approval
    • request_approval_by_name

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.12.4 [2023-01-04]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Properly handle use case of long term (IAM User) vs. temporary credentials (AssumeRole/Federation) in the AWS Federation Provider

Dependencies:

  • None

Other:

  • None

v2.12.3 [2022-12-12]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Fix bug when catching JSON decode exceptions when decoding requests response - catching the more generic ValueError instead of a specific JSON decode error

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Remove port from tenant name in the AWS provider

Dependencies:

  • None

Other:

  • Allow disabling TLS/SSL verification for local development work by setting environment variable export BRITIVE_NO_VERIFY_SSL=true

v2.12.2 [2022-11-28]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Fix issue with AWS provider when injecting the tenant name into the AWS sigv4 signed request

Dependencies:

  • None

Other:

  • None

v2.12.1 [2022-11-17]

What's New:

  • None

Enhancements:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Allow caller to specify duration/expiration time of tokens generated by the AWS federation provider

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.12.0 [2022-11-16]

What's New:

NOTE: This is a pre-release feature. It is being published in anticipation of upcoming features being released to production. This functionality will not yet work in production environments.

  • Support for workload identity federation providers

Enhancements:

  • None

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.11.2 [2022-11-01]

What's New:

  • None

Enhancements:

  • Reduce number of API calls required to checkout a profile

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.11.1 [2022-10-24]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Allow local machine DNS resolution (e.g. /etc/hosts) for tenant URL check

Dependencies:

  • None

Other:

  • None

v2.11.0 [2022-10-18]

What's New:

  • Support for Secrets Manager APIs
    • Vaults
    • Password Policies
    • Secrets
    • Policies
    • Static Secret Templates
    • Resources
    • Folders
  • Support for Notification Medium APIs

Enhancements:

  • Allow the use of a port number in a tenant URL

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.10.0 [2022-10-06]

What's New:

  • None

Enhancements:

  • Allow for non *.britive-app.com tenants. Default to britive-app.com if no valid URL is provided (for backwards compatibility)

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.9.0 [2022-09-30]

What's New:

  • Exponential backoff logic added to all API calls.

Enhancements:

  • Add filter_expression to britive.reports.run() to allow filtering the results as required by the caller.

Bug Fixes:

  • None

Dependencies:

  • None

Other:

  • None

v2.8.1 [2022-09-22]

What's New:

  • None

Enhancements:

  • None

Bug Fixes:

  • Fixes an issue with britive.audit_logs.query() pagination. The last page of results is now included.
  • Fixes an issue with britive.reports.run() pagination. The last page of results is now included.
  • Fixes an issue with britive.reports.run() results being truncated to a maximum of 1000 records when csv=False. This was due to how the API handles JSON results vs. CSV results. Now the results are always obtained in CSV format from the API and then converted to a list of dictionaries if csv=False.

Dependencies:

  • None

Other:

  • None