Keeper Gateway v1.3.0
Released on September 1, 2023
New Features
Gateway Configuration with an AWS EC2 Instance
An IAM Role Policy can be created and assigned to an EC2 Instance in order to provide the Keeper Gateway service with the required permissions to retrieve the necessary configuration from the AWS Key Management Service (KMS). This method eliminates the need for storing a configuration file on the disk, and instead, stores the configuration file in your AWS KMS.
Improvements & Bug Fixes
Updates to handle Non-UTF8 Encoding
Added functionality to ignore bad characters during decoding, addressing potential encoding mismatches, especially with Windows.
Removed the AD Organizational Unit (OU) Check
Removed the OU check feature as it was not performing as expected.
Handle Nologin User Shell
Implemented measures to detect and handle instances with a
/sbin/nologin
shell orfalse
, searching for a supported shell instead.Enforced the overriding of the
SHELL
variable in the spawned shell to prevent inconsistencies.
Clean Up Rotation Action Processes, Use Environment Variable Options
Moved log configuration to process initializer for better control.
Excluded process information in job debug messages temporarily.
Added the ability to obtain command-line parameters from environment variables, providing more flexible configuration options.
Created constants to guide the retrieval of parameters from environment variables.
Prioritized command-line parameters over environment variables to ensure consistency in configurations.
Add
MAC_CONFIG_PATH
Variable and Permissions SettingsIntroduced a MAC_CONFIG_PATH variable pointing to the configuration file for enhanced readability.
Added explicit permission settings for directories and configuration files to bolster security.
Improved Reconnection Strategy
Modified the system to continue reconnection attempts if the WebSocket response code is 500 or greater. Reused reconnection code for HTTP status codes less than 500.
Websocket Client Updates
Modified the 'create_dispatcher' method to choose the correct dispatcher based on SSL configuration, addressing issues when connecting to routers without SSL.
Logging Improvements
Improve Error Messages
Continued refinement of error messages to enhance the user experience and enable more effective troubleshoot
Logging Configuration: Restricted the allowance of multiple configurations for logging to prevent conflicts and potential errors.
Last updated