What's New in Apache Knox
New features and functional updates for Apache Knox are introduced in Cloudera Runtime 7.3.2, its service packs, and cumulative hotfixes.
Cloudera Runtime 7.3.2.0:
Cloudera Runtime 7.3.2 introduces new features of Knox and includes all service packs and cumulative hotfixes from 7.3.1.100 through 7.3.1.706. For a comprehensive record of all updates in Cloudera Runtime 7.3.1.x, see New Features.
- SameSite attribute for pac4j session cookies is now configurable
- You can now configure the SameSite attribute for pac4j session cookies.
- Group impersonation support in Knox
- Knox now supports group impersonation, allowing users in specific groups to impersonate other users. For more information, see Configuring Group Impersonation in Knox.
- Knox IDBroker integration with HashiCorp Vault
- Knox IDBroker now integrates with HashiCorp Vault for AWS credentials management, allowing IDBroker to authenticate with AWS using short-lived credentials from Vault instead of storing long-lived credentials for this purpose. For more information, see Configuring Knox IDBroker with HashiCorp Vault.
- Role-level alias management for Knox Gateway and IDBroker
- The alias management configuration has been moved from service-level to role-level.
Each role now has its own dedicated configuration:
gateway_save_alias_command_inputfor the Knox Gateway role andidbroker_save_alias_command_inputfor the IDBroker role. Two role-specific commands are now available: Save Alias - Knox Gateway and Save Alias - IDBroker. For more information, see Saving aliases.
