Pomerium 0.7

April 16, 2020

The 0.7 release of Pomerium lays the groundwork to support rich, dynamic access policies capable of making authorization decisions based on external data-sources from outside your identity provider.

This release includes the following features:

  • Open Policy Agent: Pomerium now leverages Cloud Native Computing Foundation’s Open Policy Agent (OPA) as the default policy engine. OPA support in this version unlocks future capabilities for writing authorization policy in the rego policy language. This will promote safe, performant, fine-grained controls to incorporate data from external records of account. Access policies will continue to work as before, but will now be backed by an even faster evaluation engine.

  • Service Account Generator: Pomerium now includes a command line interface for generating arbitrary route-based service account sessions. Generated service accounts can be used to impersonate users, perform service-to-service communication, and facilitate end-to-end testing for applications managed by Pomerium.

  • JWT-based sessions: Pomerium now uses standard JSON Web Tokens (RFC 7519) across all routes and associated user sessions. Cryptographically signed JWT sessions are also made available to downstream applications so that internal app developers can spend less time reinventing SSO, and more time on their apps.

This release includes 62 commits from 11 authors across 7 organizations and includes additional new features, secure workflow enhancements, general improvements, and bug fixes! A complete list of the changes in this release can be found in Pomerium’s 0.7 changelog.

As always, we recommend upgrading and testing this release in an isolated environment. If you experience any issues, please report them on the Pomerium GitHub issue tracker.

Share:

Stay Connected

Stay up to date with Pomerium news and announcements.

More Blog Posts

See All Blog Posts
Blog
Identity Aware Proxy (IAP): Meaning, Pricing, Solutions
Blog
The Great VPN Myth: What PCI DSS 4.0 Actually Requires for Remote Access
Blog
Zscaler vs. Tailscale vs. Pomerium: Detailed Comparison

Revolutionize
Your Security

Embrace Seamless Resource Access, Robust Zero Trust Integration, and Streamlined Compliance with Our App.

Pomerium logo
© 2024 Pomerium. All rights reserved