Cloud Privilege Broker 22.1 Release Notes

February 8, 2022

New Features and Enhancements:

  • Review permissions recommendation: New actionable method for reviewing permissions assigned to a principal and when cloud logging activity has not been detected.
  • JSON recommendation viewer: You can now view and copy AWS IAM policy and Azure Custom Role Definition updates in the remove permissions recommendations details screen.

Issues Resolved:

  • Resolved issue in which Azure connector could not be created due to connector duplication.
  • Resolved issue in which Recommendations Details was missing vertical scrollbar.
  • Resolved issue in which Completed Recommendations risk level filter contained Unspecified.

Known Issues:

  • Updated names of Azure Group and ServicePrincipal are not being reflected after discovery.
  • When running the Azure onboarding script in your Azure console, you might see a warning that this application is using Azure AD Graph API. Workaround: None. Cloud Privilege Broker will address this in a future release.
  • The Risk Over Time chart does not display a risk score datapoint for a week without scans.
  • When Recommendations or Cloud Connector create panels are open, you can inadvertently close them by clicking outside of the panel. Workaround: Avoid clicking outside the panel until you have finished interacting with it.
  • Unrecognized actions appear in an AWS IAM Policy permissions list after uploading a new policy. Workaround: None. This will be addressed in a future release of Cloud Privilege Broker.
  • Unrecognized actions appear in the Azure custom role after uploading a new role definition. Workaround: Manually remove the invalid action from the policy file and then try again. This will be addressed in a future release of Cloud Privilege Broker.
  • BeyondInsight: While viewing AWS IAM policy and Azure custom role definition contents, the JSON may run off the page with inability to scroll when it is too long. Workaround: Select the copy button to copy/paste the full JSON contents to another console.
  • BeyondInsight: Remove Recommendations JSON viewer shows a red error message before the JSON loads. Workaround: None. The page eventually loads successfully.
  • BeyondInsight: Newly added cloud connector cannot be deactivated. Workaround: Remove and re-add the cloud connector.