https://github.com/osquery/osquery logo
Title
z

Zay Hanlon

05/02/2023, 2:00 PM
Hello! Here's what's new in Fleet version 4.31.0 🚀💻:fleet:GitOps (API only) granular role added (Premium and Ultimate license required): Ideal for automated workflows as part of CI/CD actions that need some configuration/write access, without defaulting access to the highest access role of admin. • mTLS support in fleetd: Support for TLS client certificates in fleetd (Orbit) to ensure secure communication to Fleet. This additional layer of security helps prevent unauthorized access and enhances data privacy. • :ladybug:*Bugs squashed:* ◦ Team maintainer or admin unable to 'save' a new policy if they were an observer of another team ◦ Dashboard links to hosts filtered by platform did not carry over the 'team' filter ◦ Improved performance of the teams dropdown for organizations with a large/growing number of teams ◦ Maintain previous table state or filtered state when returning 'back' on the software tab in host details page and software details page. ◦ Improved experience of tabbed navigation through the setup flow ◦ Tooltip information related to software bundles was cut off ◦ Several situations where a 500 error was returned rather than the appropriate 401 or 403 ◦ Many more - check our release notes below for details! MDM updates: • Added the
fleetctl get mdm-commands
command to get a list of MDM commands that were executed. Added the
GET /api/latest/fleet/mdm/apple/commands
API endpoint. • Added Fleet UI flows for uploading, downloading, deleting, and viewing information about a Fleet MDM bootstrap package. • Added
apple_bm_enabled_and_configured
to app config responses. • Added support for the
mdm.macos_setup.macos_setup_assistant
key in the 'config' and 'team' YAML payloads supported by
fleetctl apply
. • Added the endpoints to set, get and delete the macOS setup assistant associated with a team or no team (
GET
,
POST
and
DELETE
methods on the
/api/latest/fleet/mdm/apple/enrollment_profile
path). • Added functionality to gate Apple MDM login behind SAML authentication. • Added new "verifying" status for MDM profiles. • Updated macOS settings status filters and aggregate counts to more accurately reflect the status of FileVault settings. Please read the release notes for more information as well as full details on all of the available MDM capabilities, and let us know if you have any questions! 🤙🏽