Release Notes
Back to All

Entitle January 2024 release notes

about 1 year ago

Integrations

🎉🆕 RDP to a remote server

Manage permissions that enable the user to remotely log in to a server by the RDP protocol. The integration is implemented by Microsoft Active Directory group policies for domain-joined machines.

🎉🆕 Local Windows machine admin privileges escalation

IT teams can automate and audit use cases where a non-administrator user on a domain joined Windows machine needs privileges escalation to become a machine administrator. The privileges escalation is done by Microsoft Active Directory group policies for domain-joined machines. This capability is useful for cases where the end-user occasionally needs to elevate his non-admin privileges for his company-issued laptop to update certain software or similar. After the admin privileges are set, the user has to log out and in again to apply them.

GitHub support of organization roles

GitHub integration can now manage Organization permissions: members and owners. For details, see GitHub guide.

Postgres supports custom roles

For Postgres DBAs who would like to grant access to developers and other stakeholders according to custom secure roles they defined for my organization, we added the support of user-defined, custom, roles.

Entitle Agent

Entitle Agent Chart 1.0.7

To disable installing external Datadog agents such as DaemonSet, use datadog.enable=false` attribute upon installing Entitle agent. For more details, see here.

Until now, the Entitle agent installation always included a Datadog agent on the Kubernetes cluster to send logs and metrics about the deployed agent. Datadog agent is deployed using DaemonSet, which causes a Datadog pod to run on every node of the Kubernetes cluster. For customers who install the Entitle agent on large (non-dedicated) clusters, or customers who use Datadog themselves (i.e. have another Datadog agent installed), both agents caused conflicts or excessive resource consumption (because a Datadog pod was launched on every node). Now, our customer can choose to disable installing a cluster-wide Datadog agent, by using an internal sidecar container that runs alongside the Entitle agent, i.e. each Entitle agent pod will consist of 2 containers - entitle-agent and datadog-agent.

Developer experience

Entitle API support prerequisite permissions

The following APIs were updated with prerequisite permissions capabilities, matching Admin UI capabilities:

  • Create a new integration
  • Get integration by ID
  • Update integration by ID
  • Get a resource by ID
  • Update a resource
  • Get a role by ID
  • Update a role

For details, see Entitle REST API.

Access request by CLI - embedded retrieval of Entitle's Personal Access Token

For all the developers and DevOps engineers out there who work frequently with Entitle and request access permissions by CLI, we streamlined the experience of retrieving Entitle Personal Access Token (PAT) to the CLI - the CLI user now opens a web browser by CLI command, authenticates using his IdP credentials and then returns to the CLI to continue his work.

For more details, please contact Entitle.