v0.34.0

What's Changed

• Sort sso profiles by profile name by @shwethaumashanker in #733
• Fix using default duration on auto approved requests by @meyerjrr in #748
• Update file permissions to read/write by @meyerjrr in #751
• Implement custom templated launch for sso browser option by @meyerjrr in #750

Full Changelog: v0.33.0...v0.34.0

v0.33.0

This release adds support for XDG directories (thankyou @chris3ware!), and adds a new granted request close command for closing Just-In-Time Access Requests in Common Fate.

What's Changed

• if we run into the issue with activation, print the diagnostics by @meyerjrr in #734
• Open the common fate console by @JoshuaWilkes in #732
• Add support for custom browser launch templates by @chrnorm in #731
• Add messaging when the proxy command cannot connect to the target in SSM by @JoshuaWilkes in #735
• Add support for XDG directories by @chris3ware in #726
• Add 'granted request close' subcommand by @ckluy31 in #740
• Fix success message when access request is closed by @ckluy31 in #743
• Fix nil pointer error in registry sync when merging fails with an unknown error by @JoshuaWilkes in #744
• Granted login deprecation message should be clearer by @ckluy31 in #745

New Contributors

• @chris3ware made their first contribution in #726

Full Changelog: v0.32.0...v0.33.0

v0.32.0

This release adds support for using Granted with the tcsh shell.

What's Changed

• Prevent a panic due to configFile being nil by @chrnorm in #717
• Access Request should not immediately extend after request has just been activated by @ckluy31 in #722
• Support multiple Common Fate profile Registries by @JoshuaWilkes in #724
• initial attempt at tcsh support by @bovine in #729
• keep in logic for backwards compatability in common fate timings by @meyerjrr in #720
• Fix potential panic in RDS instance selection by @chrnorm in #730

New Contributors

• @bovine made their first contribution in #729

Full Changelog: v0.31.2...v0.32.0

v0.31.2

What's Changed

• Fixes the granted request check command masking errors by @JoshuaWilkes in #716
• granted sso populate create ~/.aws if it does not exist by @shwethaumashanker in #714

Full Changelog: v0.31.1...v0.31.2

v0.31.1

What's Changed

• Fix the check for a grant being active in the retrier by @JoshuaWilkes in #712
• Wait by default in rds plugin by @JoshuaWilkes in #711

Full Changelog: v0.31.0...v0.31.1

v0.31.0

AWS RDS Proxy Plugin

This release adds an AWS RDS proxy plugin:

granted rds proxy

This plugin allows Granted to broker a connection to an AWS RDS database over AWS SSM Session Manager. The connection is routed through a Common Fate AWS Proxy which captures audit logs of the SQL statements executed.

The plugin uses the Common Fate control plane APIs to determine which databases a user is authorized to access, so to use this plugin a Common Fate instance is required. Email us at [email protected] if you'd like to test this and we'll set up an instance for you.

You can read more about the plugin here in our documentation.

Currently, plugins are compiled into the main Granted binary. We intend to shift to a model similar to the gh GitHub CLI where plugins can be independently versioned to Granted.

Fixes

A big thankyou to first-time contributor @dnrce for fixing the output message when credentials are exported with assume --export.

What's Changed

• Output actual credentials file path when exporting by @dnrce in #708
• Add AWS RDS Proxy plugin by @JoshuaWilkes in #709

New Contributors

• @dnrce made their first contribution in #708

Full Changelog: v0.30.0...v0.31.0

v0.30.0

This release adds granted request check which can be used to check the status of a Just-In-Time Access Request, for AWS profiles protected by Common Fate.

granted request check --aws-profile Production/ViewOnlyAccess

This release also includes some caching fixes. It removes some of the interactivity around 'granted cache clear' - it is a breaking API change but given that the previous API required manual user input, we do not believe this should be an issue for any users.

What's Changed

• Granted caching fixes by @chrnorm in #705
• Fix file backend not found by @meyerjrr in #704
• fix issue causing credential process to break by @meyerjrr in #703
• fix cache check error messages for 'granted request check' command by @chrnorm in #706

Full Changelog: v0.29.3...v0.30.0

v0.29.3

What's Changed

• Bump github.com/gorilla/schema from 1.2.0 to 1.4.1 by @dependabot in #697
• updated granted cache clear --all by @shwethaumashanker in #699
• Sanity check error matching of invalid_grant by @ckluy31 in #701
• bump sdk to v1.45.1 by @JoshuaWilkes in #702
• The NoAccess hook should not return an error when a user does not use Common Fate by @JoshuaWilkes in #700

Full Changelog: v0.29.2...v0.29.3

v0.29.2

What's Changed

• Fix default duration when requesting access with Granted by @chrnorm in #694
• added flag to disable cache lookup and saving by @meyerjrr in #695

Full Changelog: v0.29.1...v0.29.2

v0.29.1

This release fixes an issue which could cause Granted to hang when running assume if a duplicate profile existed while syncing Profile Registries.

What's Changed

• pass in stdio to dupe profile prompt by @meyerjrr in #696

Full Changelog: v0.29.0...v0.29.1