API Audit Logs, CLI and Browser Session Management, Short-lived Cloud Credentials, and Secure Cloud Access for Workloads
We’re releasing some security improvements around how users access Porter and how Porter accesses your cloud accounts. We have also overhauled our API audit logs.
API Audit Logs 2.0
A queryable record of all project-wide activity against the Porter API (including from the dashboard). Results can be filtered based on user, time, action, and resource. This is now the default view under the “Security” tab.
CLI and Browser Session Management
The Porter CLI now authenticates with short-lived sessions. You can also monitor and revoke all active browser/CLI sessions from one place. Admins can manage these sessions team-wide.
Action required: users on older versions of the CLI should upgrade to the latest version (brew upgrade porter, or /bin/bash -c "$(curl -fsSL <https://install.porter.run>)").
Short-lived Cloud Credentials
Porter now accesses your cloud through session-based, auto-expiring tokens instead of long-lived access keys. This is already live for AWS and GCP. Support for Azure will be released shortly and all customers using Azure will be notified.
Secure Cloud Access for Workloads
Your applications can now receive scoped cloud permissions natively, with no persistent access keys to provision or rotate. More information is available in our docs.
