Release Notes

Versioning Information

For all software, StrongDM currently increments versions as follows:

  • n.0-100.0 for each release (such as 32.97.0, 32.98.0, 32.99.0, 33.0.0)
  • a.b.1 for patch releases (such as 32.97.1)
  • Non-listed versions are internal (numbers missing from the sequence, such as 32.97.0, 32.98.0, 33.2.0, 33.3.0)
Release Notes Atom Feeds

To see all releases (including those that have no public notes) see the Atom feed for each software:

DateSoftwareVersionDescription
2024-03-15CLI41.34.0This release fixes an issue with AWS resources where where retrieving objects through S3 with certain special characters in the object key could fail with a signature error.
2024-03-15Desktop App21.63.0This release addresses the following third party CVEs: CVE-2024-24786,CVE-2024-27303
2024-03-15CLI41.33.0This release addresses the following third party CVEs: CVE-2024-24786,CVE-2024-27303
2024-03-15Server85.49.0This release addresses the following third party CVEs: CVE-2024-24786,CVE-2024-27303
2024-03-15CLI41.32.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Server85.48.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Java SDK7.1.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Terraform8.1.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Python SDK7.1.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Ruby SDK7.1.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15Go SDK7.1.0This release adds the Issued Certificate TTL Minutes field, as a required field, to the Certificate Authorities configurations for AWS Private CA, Google Certificate Authority Service and HashiCorp Vault SSH and PKI. This field allows for the specification of the lifetime of the requested certificate. This release also marks the Certificate Authority category Secret Stores as stable.
2024-03-15CLI41.31.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Server85.46.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Terraform8.0.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Java SDK7.0.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Python SDK7.0.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Go SDK7.0.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Ruby SDK7.0.0This release adds the ability to modify user permission levels via the SDKs.
2024-03-15Server85.43.0This release replaces Support chat links during organization trials with documentation links.
2024-03-14Server85.39.0This release changes the Admin UI Access Workflows page's table header checkbox to show an indeterminate state when some but not all rows have been selected.
2024-03-12Server85.35.0This release makes approval workflows unable to be saved unless an approver is selected.
2024-03-12Server85.33.0This release updates the Device Trust settings in the Admin UI with more flexible controls globally and per user.
2024-03-08CLI41.26.0This release sets the TTL for issued certificates using certain third-party CAs to a lower default TTL of 5 minutes.
2024-03-08Server85.24.0This release makes new Policy features available to Enterprise customers in the Admin UI. These features allow admins to require MFA or text justifications or to require approval workflows to be followed for some access. Policies can consider conditions such as the geographic location of the user and the device trust score of the user's machine when making access decisions.
2024-03-08CLI41.25.0This change hides the account field returned by sdm ready by default, replacing it with account_info, a new object containing more specific information about the logged in account. This also adds the -v or verbose flag to sdm ready which restores this deprecated field temporarily, and adds additional fields as well.
2024-03-07Server85.21.0This release fixes a bug where access workflows did not save when unlinking a manual approval flow.
2024-03-07Server85.19.0In this release, the default value of the Access filter in the Access Catalog has been changed from "Any" to "Available", so that the default results will now be restricted to resources that are currently available for the user to request.
2024-03-06Server85.18.0This release modifies the presentation of user and global settings for device trust in the Admin UI.
2024-03-05Server85.15.0This adds an Access component to the Catalog Search form in the Slack app. The default value for the Access filter is still "Available", but users now have the option to change it.
2024-03-04Server85.10.0This release adds Approval Workflows permissions and Approval Workflows audit permissions for API token creation and admin token creation.
2024-03-04Terraform7.7.0This release adds support for managing approval workflows. Using the SDKs/CLI, users can now Create, Update, List, Get, and Delete approval workflows. Users can also Create, List, Get, and Delete approval workflow steps and approval workflow approvers.
2024-03-04Ruby SDK6.9.0This release adds support for managing approval workflows. Using the SDKs/CLI, users can now Create, Update, List, Get, and Delete approval workflows. Users can also Create, List, Get, and Delete approval workflow steps and approval workflow approvers.
2024-03-04Python SDK6.9.0This release adds support for managing approval workflows. Using the SDKs/CLI, users can now Create, Update, List, Get, and Delete approval workflows. Users can also Create, List, Get, and Delete approval workflow steps and approval workflow approvers.
2024-03-04Java SDK6.9.0This release adds support for managing approval workflows. Using the SDKs/CLI, users can now Create, Update, List, Get, and Delete approval workflows. Users can also Create, List, Get, and Delete approval workflow steps and approval workflow approvers.
2024-03-04Go SDK6.9.0This release adds support for managing approval workflows. Using the SDKs/CLI, users can now Create, Update, List, Get, and Delete approval workflows. Users can also Create, List, Get, and Delete approval workflow steps and approval workflow approvers.
2024-03-04Server85.7.0This release adds the ability to create, update, and delete Approval Workflows.
2024-03-04Terraform7.6.0This change adds Approval Workflows and related verticals.
2024-03-04Java SDK6.8.0This change adds Approval Workflows and related verticals.
2024-03-04Python SDK6.8.0This change adds Approval Workflows and related verticals.
2024-03-04Go SDK6.8.0This change adds Approval Workflows and related verticals.
2024-03-04Ruby SDK6.8.0This change adds Approval Workflows and related verticals.
2024-03-04Server85.4.0This release adds a link to the settings page on the access workflows page of the Admin UI.
2024-03-02Server85.3.0This release fixes an issue where the resource catalog might appear empty when fetched in ServiceNow.
2024-03-01CLI41.20.0The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Server85.2.0The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Java SDK6.7.1The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Python SDK6.7.1The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Go SDK6.7.1The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Ruby SDK6.7.1The release fixes a bug where the SourceIP field of queries as returned in the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries incorrectly included a port number in addition to an IP. Queries created since this fix will contain only an IP address in the SourceIP field. In addition, this release adds a new ClientIP field to the sdm audit queries and associated CLI commands, the Queries API, and Log Stream query log entries. This is the public-facing IP address that the client that performed a query used to authenticate with the StrongDM servers. This may differ from the SourceIP which is the IP address the client used to connect to the gateway through which the query was performed. These IP addresses may differ when the gateways are on a different network, such as behind a VPN. Lastly, this release adds the --extended option to the sdm audit k8s|rdp|ssh CLI commands, which includes some additional extended fields in the query output.
2024-03-01Server85.0.0This release fixes an issue that caused the Request Access page and its tabs not to load properly in the Admin UI.
2024-03-01Server84.98.0This change adds a notification email sent to organization admins for non-transient Device Trust API failures.
2024-02-29Server84.93.0This release fixes an issue with dynamic access rules on access workflows, where they couldn't be updated under certain conditions.
2024-02-28Server84.88.0This release introduces a change to the file format and path location of replay data stored to Amazon S3 with Log Stream enabled, to improve the performance of storing that data. Replay data is no longer stored under individual objects (one object per chunk), but is instead aggregated so that multiple chunks from different replays may be stored in the same object, up to a limit of 1000 entries or 100 MB per object. Replay data from Log Stream is now stored similarly to activity and query data. Specifically: * The path under which replays are stored in S3 changes from <prefix>/replays/YYYY/MM/DD/HH/MM/<queryUUID>/<chunkID>.json to <prefix>/replays/YYYY/MM/DD/HH/MM/<randomUUID>.json. * The content of each JSON object changes from a single chunk per object ({"formatVersion":"v1.0.0", "chunkID":"1" ...}) to N chunks separated by new lines (that is, in JSON lines format, as with queries and activities).
2024-02-28Server84.87.0This changeset clarifies text for access workflows and approval workflows throughout the Admin UI.
2024-02-28Terraform7.5.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27CLI41.18.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27Java SDK6.7.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27Python SDK6.7.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27Go SDK6.7.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27Ruby SDK6.7.0This change introduces the new AWS Private CA X.509 Certificate secret store. This secret store is marked as unstable and, as such, is not available for general use yet.
2024-02-27Server84.75.0This change reports a mocked version of a legacy variable to CLI versions older than 37.0.0 (released February 14, 2023). This variable was removed on February 24, 2024. The absence of this variable could cause the CLI to fail to respect port overrides on new connections.
2024-02-26Java SDK6.6.0This release adds the approval flow ID field to access workflows.
2024-02-26Go SDK6.6.0This release adds the approval flow ID field to access workflows.
2024-02-26Python SDK6.6.0This release adds the approval flow ID field to access workflows.
2024-02-26Ruby SDK6.6.0This release adds the approval flow ID field to access workflows.
2024-02-26Desktop App21.58.0Installer behavior has changed to allow silent installations on macOS and Windows and for installations to include updates to Virtual Networking Mode. On macOS, all PKG installers always require admin privilege, always install StrongDM in /Applications (but are owned by the end user so that update-in-place can still work), and always install the Virtual Networking Mode helper application. If macOS users want to install the desktop app without Virtual Networking Mode, they should use the DMG distribution. For a silent installation, macOS users should run the installer command line tool with the PKG file as a command line argument. On Windows, the EXE installers now install Virtual Networking Mode whenever the installer runs as Administrator. If the EXE installer is run as a non-administrator, StrongDM gets installed, but Virtual Networking Mode is not installed or updated. If Windows users want to install the desktop app without Virtual Networking Mode, they should run the installer as a non-administrator. Note that the EXE installers on Windows can be executed from the Command Prompt, and the installation will be in silent mode if the /S flag is used with the command.
2024-02-23Server84.67.0This release adds the Update Admins scope to API keys. This is a sensitive scope that allows your key to update admin users.
2024-02-23CLI41.15.0This change removes some deprecated capabilities around disabling port overrides. In particular, some CLI commands under sdm admin ports have been removed.
2024-02-23Server84.63.0This release updates the StrongDM app for Slack with improved tag search functionality that matches the way tag searching works in the Admin UI.
2024-02-23CLI41.14.0This change adds the --download option to the sdm replay rdp CLI command, which allows users to download formatted query logs from StrongDM and immediately render an MP4 from them. Previously, the logs had to be manually retrieved from a relay's logs directory. This does not currently support user-encrypted RDP logs.
2024-02-22Server84.61.0This release fixes a bug that caused resources assigned to peering groups to sometimes incorrectly show as reachable from nodes not in the resource's peering group on the Resources tab of the Admin UI Network > Relays page, the Admin UI Network > Gateways page, and the output of the sdm admin relays list in the CLI. In addition, this release fixes a bug that caused resources shown on the Resources tab of those Admin UI pages not to be ordered by name.
2024-02-22Server84.55.0This release adds support for all filters documented by the CLI help text for sdm admin resources list --filters-help.
2024-02-22CLI41.10.0This release adds support for all filters documented by the CLI help text for sdm admin resources list --filters-help.
2024-02-21Server84.53.0This change fixes a bug in device trust calculations which would prevent assessment storage from CrowdStrike for a CrowdStrike account with over 500 agents.
2024-02-21Server84.51.0User names will no longer prevent creation of service accounts with the same name.
2024-02-20CLI41.8.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Terraform7.3.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Server84.42.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Java SDK6.5.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Go SDK6.5.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Python SDK6.5.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Ruby SDK6.5.0This release introduces the GCP Certificate Authority Service, which is not yet available for general use.
2024-02-20Server84.40.0This release fixes an issue where access requests which were automatically approved would not show the correct approved timestamp when viewing the request details page in the Admin UI.
2024-02-20Server84.38.0This release fixes an issue where activities would not live feed into the Admin UI page on initial load.
2024-02-16Server84.36.0This release fixes an issue where the access requests page of the Admin UI would not load in some instances.
2024-02-16CLI41.6.0This release fixes an issue with the CLI where the sdm doctor -v command did not return any output.
2024-02-12Server84.6.0This release fixes the access details text shown on the Admin UI Request Access page to not reference a reason if there is none.
2024-02-09Server84.2.0This release fixes a bug that caused the /sdm access to command in the StrongDM integration for Slack not to work for non-admin users.
2024-02-09Ruby SDK6.4.0This release adds the new resource type, RDP (Certificate Based) server, which supports Remote Identities.
2024-02-09Java SDK6.4.0This release adds the new resource type, RDP (Certificate Based) server, which supports Remote Identities.
2024-02-09Terraform7.2.0This release adds the new resource type, RDP (Certificate Based) server, which supports Remote Identities.
2024-02-09Python SDK6.4.0This release adds the new resource type, RDP (Certificate Based) server, which supports Remote Identities.
2024-02-09Go SDK6.4.0This release adds the new resource type, RDP (Certificate Based) server, which supports Remote Identities.
2024-02-08Server83.93.0This release adds the Request timeout duration setting to the Settings > Workflows page of the Admin UI.
2024-02-07Server83.83.0The StrongDM integration for Slack has been updated to a new version. This version offers: - Channel-based approvals - Multiple-resource requests - Easier request/resource filtering - UI/UX improvements
2024-02-07Server83.79.0Creating an access request with a reason now has max length validation that matches the server.
2024-02-05Server83.59.0This release adds the Certificate Authority field to the RDP (Certificate Based) and SSH (Certificate Based) resource forms, allowing users to select a desired Certificate Authority (default is Strong CA). Strong CA is the StrongDM RDP Certificate Authority or StrongDM SSH Certificate Authority, depending on the selected server type. Strong CA is selected by default and is always the default, even if the Allow Credentials to be Stored with StrongDM option is set in the Admin UI > Settings > Security. Strong CA may be managed in the Admin UI > Network > Certificate Authorities.
2024-02-03Server83.52.0This release fixes a bug when running the sdm audit queries and related CLI commands, where including a filter using the query field to filter by query content would return an error that the filter was invalid.
2024-02-02Server83.49.0This release changes the application of the security setting "Allow Credentials to be Stored with StrongDM." Certificate-based resources, such as SSH (Certificate Based) and RDP (Certificate Based), may be created without assigning a secret store, even if the "Allow Credentials to be Stored with StrongDM" security setting is set to "No."
2024-02-01Server83.43.0This release adjusts the text in the enterprise banner at the top of workflow related pages to no longer reference Reports Library but rather Access Workflows.
2024-02-01CLI40.89.0This PR adds secret stores that will request signed x509 certificates from the PKI configured in the secret store. The initially supported PKI is HashiCorp Vault PKI. This new secret store is marked unstable and, as such, is not available for use yet.
2024-02-01Server83.40.0This PR adds secret stores that will request signed x509 certificates from the PKI configured in the secret store. The initially supported PKI is HashiCorp Vault PKI. This new secret store is marked unstable and, as such, is not available for use yet.
2024-01-31Server83.34.0This release removes the option to select suspended users as approvers for access workflows.
2024-01-31Java SDK6.3.2This release upgrades the GRPC dependency of the Java SDK to version 1.59.1. This version of the GRPC library fixes an incompatibility with newer versions of the Netty library, which may prevent the SDK from working with frameworks such as recent versions of Spring Boot.
2024-01-31Server83.32.0This release adjusts the logout condition for SentinelOne Device Trust. Previously devices would be logged out if SentinelOne reported them as not live, but testing revealed this value was not being consistently reported; live agents would sometimes be marked offline, causing random logouts. The replacement for this condition requires that a device is offline for 15 minutes before that results in an automatic logout.
2024-01-30Server83.24.0This release allows new certificates to be created for both SSH and RDP without immediately making them active. You can create a certificate, add it to your infrastructure, and then make it active in StrongDM. This enables the certificate rotation process to happen without downtime due to the delay from adding a new certificate. Additionally, previous certificates may be reactivated as a rollback option until they are removed. Certificate Authorities can be managed in the new Network > Certificate Authorities section of the Admin UI.
2024-01-29Desktop App21.54.0This release restores the missing Connect All menu item to the desktop app menu.
2024-01-29Server83.9.0This release fixes an issue where some organizations could not see reports in the Reports Library.
2024-01-26Server83.4.0This release marks the standing access report as no longer in beta.
2024-01-26Server83.3.0This release fixes a bug in filter functionality for the Access Workflows dashboard.
2024-01-25Java SDK6.3.0This release adds an SDK vertical to request checks for and retrieve the healthiness of the connections between nodes and secret stores.
2024-01-25Go SDK6.3.0This release adds an SDK vertical to request checks for and retrieve the healthiness of the connections between nodes and secret stores.
2024-01-25Python SDK6.3.0This release adds an SDK vertical to request checks for and retrieve the healthiness of the connections between nodes and secret stores.
2024-01-25Ruby SDK6.3.0This release adds an SDK vertical to request checks for and retrieve the healthiness of the connections between nodes and secret stores.
2024-01-25Server82.90.0Add pkg and msi installers to the downloads page
2024-01-25Server82.89.0This release fixes a bug where in rare cases a valid authentication with an admin token or API key would return an unauthenticated error.
2024-01-25Server82.88.0Slack tokens are no longer revoked after a failed refresh attempt.
2024-01-25Server82.87.0Update the default filter on the Standing Access Dashboard.
2024-01-25Server82.86.0This release augments resource update validation in the case when the secret store of the resource is modified. See also Server 82.80.0.
2024-01-24CLI40.78.0This release allows the Secret Store field on resources to be updated after creation. When transitioning from using a non-Strong Vault secret store to any other, or vice versa, all sensitive credential field values (those hidden in the AdminUI) are reset to ensure they are not exposed in plaintext. The Terraform Provider still recreates resources when their secret store is updated to ensure it doesn't lose track of its state because of the reset sensitive fields.
2024-01-24Server82.80.0This release allows the Secret Store field on resources to be updated after creation. When transitioning from using a non-Strong Vault secret store to any other, or vice versa, all sensitive credential field values (those hidden in the AdminUI) are reset to ensure they are not exposed in plaintext. The Terraform Provider still recreates resources when their secret store is updated to ensure it doesn't lose track of its state because of the reset sensitive fields.
2024-01-23Server82.75.0This release fixes a broken banner link for StrongDM email alerts.
2024-01-23Server82.74.0This release fixes a condition where authentications could take up to several seconds before they were available to use after logging in.
2024-01-23Server82.73.0This change fixes the filter parameters for the Approvers list in the Access Workflows dashboard.
2024-01-23Server82.70.0This release overhauls the presentation of Reports Library dashboards.
2024-01-22Server82.68.0This change fixes a bug with a deprecated authentication mode used by clients beneath 33.17.0, where those authentications were frequently revoked without reason.
2024-01-19Java SDK6.2.1This change removes some unimplemented snapshot APIs.
2024-01-19Python SDK6.2.1This change removes some unimplemented snapshot APIs.
2024-01-19Ruby SDK6.2.1This change removes some unimplemented snapshot APIs.
2024-01-19Go SDK6.2.1This change removes some unimplemented snapshot APIs.
2024-01-18CLI40.73.0This release fixes an issue that prevented successful authentication for SSH certificate-based resources that had Secret Store IDs set.
2024-01-18CLI40.59.1This release fixes an issue that prevented successful authentication for SSH certificate-based resources that had Secret Store IDs set.
2024-01-18Server82.54.0Added a checkbox in the Admin UI to allow requesters to approve their own requests when they meet the approval criteria for the associated workflow.
2024-01-16Java SDK6.2.0This release updates the SDKs to enable retrieving configured RDP CAs.
2024-01-16CLI40.67.0This release adds the 'sdm admin rdp view-ca' CLI command to retrieve the CA used for certificate-based RDP connections.
2024-01-16Python SDK6.2.0This release updates the SDKs to enable retrieving configured RDP CAs.
2024-01-16Go SDK6.2.0This release updates the SDKs to enable retrieving configured RDP CAs.
2024-01-16Ruby SDK6.2.0This release updates the SDKs to enable retrieving configured RDP CAs.
2024-01-16Terraform7.1.0This release updates the SDKs to enable retrieving configured RDP CAs.
2024-01-12Server82.35.0This release modifies the behavior of the integration with Slack, including help text and welcome message frequency changes.
2024-01-12Server82.30.0This release restores the presence of some missing release notes from the /release-notes endpoint.
2024-01-11CLI40.63.0This release renames the columns of CSV query output to be more consistent between query categories. It also adds three new fields for features in development.
2024-01-11CLI40.61.0This release adds a new, non-stable server type: SSH (Cert Based with User Provisioning). This new server type is in closed beta and not available at this time.
2024-01-09CLI40.57.0This release deprecates the sdm admin ssh rotate-ca command. The correct way to rotate SSH CA is through the credential management area in the Admin UI.
2024-01-09Server82.11.0Admins can now set a fixed duration for access requests on the Workflows settings page of the Admin UI.
2024-01-08CLI40.55.0This release updates the permissions checked when calling sdm ssh resource-name, fixing a recent regression which prevented user-level accounts from executing this action.
2024-01-08CLI40.54.0This release fixes an issue that prevented connections to certain resources with an "unable to load credential type for db type" error. This error is resolved.
2024-01-08Python SDK6.1.0This release adds a Healthcheck verb to the SDKs and the sdm admin <resource-category> CLI trees. From the CLI, one may request a healthcheck via a resource's ID or its name. Note admin tokens are not able to request checks by name if they lack the permission to list resources, as they will not be able to look up the resource.
2024-01-08CLI40.51.0This release adds a Healthcheck verb to the SDKs and the sdm admin <resource-category> CLI trees. From the CLI, one may request a healthcheck via a resource's ID or its name. Note admin tokens are not able to request checks by name if they lack the permission to list resources, as they will not be able to look up the resource.
2024-01-08Java SDK6.1.0This release adds a Healthcheck verb to the SDKs and the sdm admin <resource-category> CLI trees. From the CLI, one may request a healthcheck via a resource's ID or its name. Note admin tokens are not able to request checks by name if they lack the permission to list resources, as they will not be able to look up the resource.
2024-01-08Go SDK6.1.0This release adds a Healthcheck verb to the SDKs and the sdm admin <resource-category> CLI trees. From the CLI, one may request a healthcheck via a resource's ID or its name. Note admin tokens are not able to request checks by name if they lack the permission to list resources, as they will not be able to look up the resource.
2024-01-08Ruby SDK6.1.0This release adds a Healthcheck verb to the SDKs and the sdm admin <resource-category> CLI trees. From the CLI, one may request a healthcheck via a resource's ID or its name. Note admin tokens are not able to request checks by name if they lack the permission to list resources, as they will not be able to look up the resource.
2024-01-05Server82.2.0This changeset adds support for IDP initiated logins for SAML, if enabled within one's StrongDM SSO configuration.
2024-01-04Admin UI86.20.0This release makes some minor bug fixes for filters within dashboards.
2024-01-04Ruby SDK6.0.1This release unlocks the gemspec for the strongdm ruby SDK expanding openssl from ~> 3.1.0 to ~> 3.1.
2024-01-03Admin UI86.19.0This release adjusts and improves the user experience for filters within dashboards.
2024-01-02Server81.81.0This release adds a feature to alert organization admins for when the StrongDM RDP CA is close to expiring. It will send alert emails for the following stages: 30 days before expiration, 2 weeks before expiration, 1 week before expiration, 2 days before expiration, 1 day before expiration, and 2 days after expiration.
2023-12-22CLI40.46.0This release fixes a regression in the CLI that prevented listing resources with the sdm admin datasources|servers|... list commands with an admin token that had resources list permission but not resource locks list permission. The commands now function when run without resource lock list permission by omitting resource lock status information.
2023-12-21Go SDK6.0.1This release includes documentation updates.
2023-12-20Admin UI86.14.0In this release, the Workflows settings page of the Admin UI now allows admins to forbid users from setting a custom duration on requests. Instead, admins can define a fixed duration.
2023-12-19Server81.61.0This change modifies query storage logic to be more tolerant of queries that may be awaiting processing from recently deleted gateways or relays.
2023-12-13Admin UI86.10.0This release adds a validation error in the Admin UI if a duplicate ServiceNow URL is configured.
2023-12-13Admin UI86.9.0This release internally simplifies the flow for requesting RDP replays in the Admin UI, removing possible failure modes.
2023-12-12Server81.44.0Quotas have been enforced on all customers in order to prevent usage by one customer from impacting StrongDM's availability for other customers. If you see an error due to a quota being exceeded, please submit a request to StrongDM Support to have your quota increased.
2023-12-12Admin UI86.7.0This release fixes a bug where the revoke option was presented for access requests that can't be revoked.
2023-12-12Server81.40.0This release modifies the format of the content in access request emails to refer to request duration.
2023-12-12Admin UI86.6.0This release fixes typos in the integrations page.
2023-12-11Admin UI86.3.0This release allows non-enterprise users to see reports in a limited manner.
2023-12-11Admin UI86.1.0This release fixes a bug which prevented the creation of some RDP resource types with specific settings selected.
2023-12-08Server81.30.0This release expands the time range of valid RDP queries to request replays for in the Admin UI. This range looked back 4500 replays historically, but recent changes brought this limit down to 200. This release expands it to search all historical queries up to an organization's complete query retention range.
2023-12-08Java SDK6.0.0This release renames approver_id to account_id and adds role_id to the workflow approver vertical.
2023-12-08Python SDK6.0.0This release renames approver_id to account_id and adds role_id to the workflow approver vertical.
2023-12-08Ruby SDK6.0.0This release renames approver_id to account_id and adds role_id to the workflow approver vertical.
2023-12-08Go SDK6.0.0This release renames approver_id to account_id and adds role_id to the workflow approver vertical.
2023-12-07CLI40.28.0This release adds roles to the CLI interface for workflow approvers, renaming the 'approver-id' flag to 'account-id' in the process.
2023-12-07CLI40.27.0There was in issue with the SDM client Docker image starting at version 40.8.0 that prevented it from running properly. This issue has now been fixed.
2023-12-06Admin UI85.98.0This release adjusts the presentation of the auditor report dashboard.
2023-12-06Admin UI85.97.0When making an access request users can now specify a start date and time.
2023-12-05Admin UI85.96.0This change migrates some secret stores to be Enterprise bundle features.
2023-12-05Admin UI85.95.0This change reveals the Admin UI version number at the bottom of the navigation sidebar.
2023-12-04CLI40.24.0The RDP cert-based driver now supports DRDYNVC, which should allow the driver to support more environments.
2023-12-01Admin UI85.91.0This change adds cards on the Admin UI's Integrations page for existing integrations, such as secret stores and logging options.
2023-11-30Server80.82.0StrongDM now enforces a limit of 1,000 resources per organization for new customers. Customers who require more than this should submit a request to StrongDM Support to get their quota increased. Existing customers have been assigned enough quota to at least double their current resource count.
2023-11-28Server80.65.0This release modifies an error message displayed on one OIDC login error, to more clearly point to the cause of the problem; when a POST to an OIDC server to verify that they did send us a login request occurs, if the response is lacking a token, it usually implies that the configured client secret is invalid, or expired.
2023-11-28Server80.64.0Fixed an issue where the CLI command sdm access to executed with only a duration would immediately time out.
2023-11-28Server80.61.0This change restores the ability to provide a start from time for access requests.
2023-11-27CLI40.20.0This change modifies the proxy used by sdm aws commands to include http:// in the HTTPS_PROXY variable, which otherwise can cause some programs like terraform modules in TF 1.6.3 to reject the variable for the lack of a schema.
2023-11-22Admin UI85.90.0This change enables the use of Roles to define workflow approvers.
2023-11-21CLI40.19.0This release resolves an issue where some relays hosted in AWS, using AWS secret stores, but without permission to use IMDSv2, could panic due to an updated AWS Go SDK version introduced in CLI version 40.2.0.
2023-11-20Admin UI85.87.0This release allows users of the Auditor permission level to interact with access requests as Users, if they belong to the appropriate roles.
2023-11-17Admin UI85.85.0This release adjusts the presentation of queries in the Admin UI to address bugs where replays would not show as replayable.
2023-11-17Server80.50.0This release adjusts the presentation of queries in the Admin UI to address bugs where replays would not show as replayable.
2023-11-17Server80.47.0This release fixes a an issue where, since server version 80.41.0, it would take a manual refresh of the Admin UI for live, complete replays to present as replayable.
2023-11-16Server80.44.0This release increases the limit of workflows that an organization can have from 25 to 50.
2023-11-16Admin UI85.80.0This release enables viewing older historical queries in the Admin UI. Previously this view was limited to between 30 and 4500 results, depending on resource category. Now, using date filters, the same query range that can be viewed by users of any given organization can be viewed by those users in the Admin UI as well.
2023-11-15Admin UI85.77.0This change prevents auditors from being able to see access request approval and reject buttons even if they are selected as an approver.
2023-11-09Terraform6.0.6This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Admin UI85.72.0This release augments the access request workflow modal to respect organization-wide workflow settings for maximum durations.
2023-11-09Java SDK5.0.5This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Admin UI85.71.0This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Python SDK5.0.5This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Ruby SDK5.0.5This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Go SDK5.0.5This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-09Server80.16.0This release makes the resource types Aurora PostgreSQL (IAM) and RDS PostgreSQL (IAM) generally available.
2023-11-08Server80.12.0This release fixes a bug causing '/sdm access catalog' to not display if it contained resources with more than 6 tags.
2023-11-08Admin UI85.70.0Notification settings have been added to the Settings > Workflows page which allows you to enable/disable the sending of email notifications. This does not affect Slack notifications (if using the Slack integration).
2023-11-08Admin UI85.69.0This release adjusts the display of duration text in Access Requests.
2023-11-08Admin UI85.68.0This release adjusts the display of revoked access request details.
2023-11-08Admin UI85.67.0This release fixes a bug where the Access Requests page sometimes displayed blank timestamps.
2023-11-08CLI40.8.0This release upgrades the 'rdpreplay' Docker image to be based on Ubuntu 22.04.
2023-11-07Admin UI85.65.0This release adds a workflow settings page to the Admin UI. This page currently only has one setting, allowing admins to specify the maximum duration access may be requested for.
2023-11-06Admin UI85.64.0This release changes the Access Request form to base requests on total duration instead of a 'valid until' time.
2023-11-06CLI40.4.0This release fixes a rare edge case in idle timeout calculation, where if a user sent over one query per second for the entire duration of their idle timeout, the idle timeout would never be reset and it would log them out as if they had sent no queries.
2023-11-02CLI40.1.0This release fixes a bug in sdm audit users, restoring visibility into service accounts via this command.
2023-11-02Admin UI85.61.0This release adds the ability to view and change a user's External ID in the Admin UI.
2023-11-02Terraform6.0.5This release specifies the weight fields of the Workflows domain as computed in the SDM Terraform Provider. When a computed field is not provided in the configuration, Terraform will not try to update the computed value to null in subsequent execution plans.
2023-11-01Admin UI85.60.0This release fixes an issue where the Member CID field was not optional as described when setting up the CrowdStrike provider in Device Posture settings.
2023-11-01Terraform6.0.4This release fixes a bug in the API in which the creation and deletion of WorkflowRoles were not concurrency safe. The bug affected the SDM Terraform provider and any other API consumer that tried to do concurrent creation and deletion of WorkflowRoles.
2023-11-01Server79.87.0This release fixes a bug in the API in which the creation and deletion of WorkflowRoles were not concurrency safe. The bug affected the SDM Terraform provider and any other API consumer that tried to do concurrent creation and deletion of WorkflowRoles.