This release of JIT Groups introduces the following new feature:
- GKE-enabled groups: You can now mark a JIT Groups as GKE-enabled. This causes JIT Groups to automatically add the group to
gke-security-groupsand configure it so that it can be used for Kubernetes RBAC.
In addition, the release includes several stability improvements, component updates, and a fix for the following:
- In previous versions, joining a newly created group occasionally failed with logs indicating that a call to the Groups Settings API was rejected with a
Failed request validation in update settingserror. The reason for this error is that it can take several seconds before a newly created group becomes visible in the Groups Settings API. JIT Groups now implements backoff/retry to compensate for this behavior.
To deploy or upgrade JIT Groups in your environment, see Deploy JIT Groups and use the branch jitgroups/latest. To upgrade from an older version of JIT Access, see Upgrade from JIT Access.