releases.shpreview
HashiCorp/Boundary/v0.10.4

v0.10.4

September 13, 2022BoundaryView original ↗
$npx -y @buildinternet/releases show rel_NyUbNjSgldu-dl8Ufezsm

0.10.4 (2022/09/13)

New and Improved

  • Controller-led worker authorization: This is a second authorization option for the workers using PKI-based authentication that was introduced in Boundary 0.10.0. In 0.10.0, the only mode available was "worker-led", in which a worker generates an authorization request which can be submitted to a controller to authorize the worker. With this new controller-led flow, a worker can be created via the controller API first and return a one-time-use authorization token. This token can then be made available to the worker at startup time via its configuration file, env var, or a file with the value. If the worker is not authorized and this token is provided, it will use the token to authorize itself to the controller and set up PKI-based authentication. (PR)
  • Initial upstreams reloading on SIGHUP: Workers will now re-read the initial_upstreams value from the configuration file when given a SIGHUP. This allows a worker to reconnect to controllers if the full set of controllers has been changed over at the same time, without having to restart the worker. (PR)

Bug Fixes

  • vault: Correctly handle Vault credential stores and libraries that are linked to an expired Vault token. (Issue, PR).
  • aws host catalog: Fix an issue where the request to list hosts could timeout on a large number of hosts (Issue, PR)
  • aws host catalog: Fix an issue where filters could become unreadable in the UI if only one filter was created and was set by the CLI or directly via the API (PR1, PR2)
  • aws host catalog: Use provided region for IAM calls in addition to EC2 (Issue, PR)
  • azure host catalog: Fix hosts not being found depending on the exact filter used because different filters return values with different casing (PR)
  • sessions: Fix an issue where sessions could not have more than one connection (Issue, PR)
  • workers: Fix repeating error in logs when connected to HCP Boundary about an unimplemented HcpbWorkers call (PR)
  • workers: Fix a panic that could occur when workers:create:worker-led (e.g. via boundary workers create worker-led) was given an invalid token (PR)
  • workers: Add the ability to set API-based worker tags via the CLI (PR)

Fetched April 8, 2026