Boundary 0.17.0 release notes
GA date: July 31, 2024
Release notes provide an at-a-glance summary of key updates to new versions of Boundary. For a comprehensive list of product updates, improvements, and bug fixes refer to the changelog included with the Boundary code on GitHub.
We encourage you to upgrade to the latest release of Boundary to take advantage of continuing improvements, critical fixes, and new features.
New features
Feature | Update | Description |
---|---|---|
Centralized tag management for workers | GA | Prior to this version, if you wanted to edit or update worker tags, you had to do it using the worker configuration file, the CLI, or the API. Now, you can edit worker tags directly in the Boundary UI. Learn more: Worker tags. |
Multi-scope roles and inheritance | GA | You can now assign a single role to multiple scopes, making it easier to grant permissions to users who must access resources across multiple scopes. You can also configure children scopes to inherit roles. Learn more: Permissions in Boundary. |
Improved worker failure handling | GA | When you attempt to connect to a target, Boundary randomly selects a worker that has the matching tags to proxy the connection. Before release 0.17.0, unhealthy workers that had issues related to the external storage provider were eligible to proxy connections. The connections would fail, and users had to restart the connection until Boundary selected a healthy worker. In this release, Boundary removes workers from the pool of available workers if they have issues with the external storage provider for improved worker failure handling. Learn more: Configure workers for session recording. |
S3-compliant storage options for session recording | GA | As of Boundary 0.16.0, the MinIO plugin made it possible to use MinIO storage as a storage option for session recording. Starting in this release, you can use the MinIO plugin to configure storage using other S3-compliant storage providers. Learn more: Configure S3-compliant storage for session recording. |
Known issues and breaking changes
Version | Issue | Description |
---|---|---|
0.13.0+ | Rotation of AWS access and secret keys during a session results in stale recordings | In Boundary version 0.13.0+, when you rotate a storage bucket's secrets, any new sessions use the new credentials. However, previously established sessions continue to use the old credentials. As a best practice, administrators should rotate credentials in a phased manner, ensuring that all previously established sessions are completed before revoking the stale credentials. Otherwise, you may end up with recordings that aren't stored in the remote storage bucket, and are unable to be played back. |
0.13.0+ | Unsupported recovery workflow during worker failure | If a worker fails during a recording, there is no way to recover the recording. This could happen due to a network connectivity issue or because a worker is scaled down, for example. Learn more: Unsupported recovery workflow |