0.2.0
·
42 commits
to master
since this release
0.2.0
russell-lewis
Russell Lewis
This tag was signed with the committer’s verified signature.
The key has expired.
russell-lewis
Russell Lewis
0.2.0 - June 7, 2017
- Several changes have been made to the BLESS request format and return values.
- Merged Lyft's kmsauth changes into BLESS, adding an optional kmsauth_token parameter.
- Changed BLESS requests from using remote_username to remote_usernames and bastion_ip to bastion_ips, both comma- separated lists.
remote_usernames can be used for SSH principals specified in an AuthorizedPrincipalsFile (see SSHD_CONFIG(5)). - Aligning BLESS returns so that Lambda configuration errors raise exceptions, and request errors return a dictionary with either errorType and errorMessage or a certificate.
- Updated the sample BLESS client to deal with the new lambda return values.
- Additional username validation methods are now supported via configuration.
- Config file options can now be set as Lambda environment variables.
- For kmsauth requests, it is now possible for users to request certificates for allowed remote user names.