DevOps Secrets Safe 20.1 Release Notes

December 10, 2019

Requirements:

  • DevOps Secrets Safe deployment is currently only supported using Helm 2.
  • DevOps Secrets Safe is currently supported on Kubernetes version 1.13, 1.14, 1.15.
  • DevOps Secrets Safe CLI (ssrun) is supported on any standard Unix / Linux environment that has Python 3.5 or higher and pip3 installed.
  • The MD5 signature is: 177043a577e1a3ddecf684652b2c20a3
  • The SHA-1 signature is: 85cb363c364baf3ae4e25e1ed1176c5734c0488a

New Features and Enhancements:

  • Command-Line Interface: The ssrun command-line interface is a cross platform user friendly tool for managing Secrets Safe deployments.
  • Kubernetes Deployment: Secrets Safe is a cloud native application designed to be cloud platform agnostic and deployable on Kubernetes.
  • Initialize, Seal, and Unseal: Secrets Safe supports a RSA private key initialization and sealing workflow.
  • Health Monitoring and Recovery: Maximize uptime with internal health monitoring and integration with Kubernetes Liveness and Readiness Probes.
  • Key Value Store Secrets and Scopes: Store arbitrary secrets organized individually or grouped in scopes.
  • Metadata Storage on Secrets and Scopes: User created key value metadata on any secret or scope allow.
  • User and Group Access Control: Granular access control allows grant or deny for API endpoints and entities.
  • IP Based Safelist Access Restrictions: Safelists allow users to explicitly grant or deny access to specific IP addresses for API endpoints.
  • Internal Authentication: Internal user and group management for simplified initial deployment and configuration.
  • API Key Application Authentication: Key base authentication for machine to machine application access.
  • Oracle Identity Cloud Services Authentication: Authentication and group synchronization for users and groups stored in IDCS.
  • Lightweight Directory Access Protocol Authentication: Authentication and group synchronization for users and groups stored in LDAP.
  • Syslog Event Sink for Auditing and Logging: Send audit and log events to one or more syslog servers.
  • Elasticsearch Event Sink for Auditing and Logging: Send audit and log events to one or more Elasticsearch servers.
  • Console Event Sink for Auditing and Logging: Send audit and log events to one or more Elasticsearch servers.
  • Oracle Database Support: Supports Oracle database as a persistent data store.
  • Postgresql Database Support: Supports Postgresql database as a persistent data store.
  • Subscription Based Licensing: Simple subscription-based licensing.
  • Integration for Ansible: Native support for Ansible via an Ansible lookup plugin.