Skip to content

Release 17.4.0#53436

Merged
camscale merged 1 commit intobranch/v17from
release/17.4.0
Mar 28, 2025
Merged

Release 17.4.0#53436
camscale merged 1 commit intobranch/v17from
release/17.4.0

Conversation

@camscale
Copy link
Copy Markdown
Contributor

@camscale camscale commented Mar 26, 2025
edited
Loading

17.4.0 (03/27/25)

Database access for Oracle RDS

Teleport database access now supports connecting to Oracle RDS with Kerberos
authentication.

AWS integration status dashboard

Teleport web UI now provides a detailed status dashboard for AWS integration as
well as the new "user tasks" view that highlights integration issues
requiring user attention along with suggested remediation steps.

Windows desktop improvements

Teleport now supports registering the same host twice - once as a domain-joined
machine, and one as a standalone machine. This allows Teleport users to
connect as Active Directory users and local users to the same host.

Other fixes and improvements

  • Enable support for joining Kubernetes sessions in the web UI. #53450
  • Fixed an issue tsh proxy db does not honour --db-roles when renewing certificates. #53445
  • Fixed an issue that could cause backend instability when running very large numbers of app/db/kube resources through a single agent. #53419
  • Added static_jwks field to the GitLab join method configuration to support cases where Teleport Auth Service cannot reach the GitLab instance. #53413
  • Introduced workload-identity-aws-ra service for generating AWS credentials using Roles Anywhere directly from tbot. #53408
  • Helm chart now supports specifying a second factor list, this simplifies setting up SSO MFA with the teleport-cluster chart. #53319
  • Improved resource consumption when retrieving resources via the Web UI or tsh ls. #53302
  • Added support for topologySpreadConstraints to the teleport-cluster Helm chart. #53287
  • Fixed rare high CPU usage bug in reverse tunnel agents. #53281
  • Fixed an issue PostgreSQL via WebUI fails when IP pinning is enabled. PostgreSQL via WebUI no longer requires Proxy to dial its own public address. #53250
  • Added overview information to "Enroll New Resource" guides in the web UI. #53218
  • Added support for SendEnv OpenSSH option in tsh. #53216
  • Added support for using DynamoDB Streams FIPS endpoints. #53201
  • Allow AD and non-AD logins to single Windows desktop. #53199
  • Workload ID: support for attesting Systemd services. #53108

Enterprise:

  • Fixed Slack plugin failing to enroll with "need auth" error in the web UI.

@camscale camscale added the no-changelog Indicates that a PR does not require a changelog entry label Mar 26, 2025
@camscale camscale mentioned this pull request Mar 26, 2025
Closed
@camscale camscale added this pull request to the merge queue Mar 28, 2025
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Mar 28, 2025
@camscale camscale added this pull request to the merge queue Mar 28, 2025
Merged via the queue into branch/v17 with commit 2a979e2 Mar 28, 2025
42 checks passed
@camscale camscale deleted the release/17.4.0 branch March 28, 2025 01:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@espadolini espadolini espadolini approved these changes

@tigrato tigrato tigrato approved these changes

@strideynet strideynet strideynet approved these changes

Assignees

No one assigned

Labels

backport helm no-changelog Indicates that a PR does not require a changelog entry size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@camscale @espadolini @tigrato @strideynet