Major Release Notes

These release notes describe Conjur Enterprise V5 and Conjur Open Source V1.

What's new in Conjur Enterprise V5

 

The icon identifies content available to Conjur Enterprise customers only.

Conjur Enterprise V5 is a major release. This release is built using Conjur Open Source V1.0, leveraging all new capabilities introduced in the Open Source product.

Conjur Enterprise V5 introduces the following enhancements and new capabilities:

  • Easy migration from Open Source to Enterprise

    Conjur Enterprise V5 is an extension of Conjur Open Source V1. Use Conjur Open Source knowing that the migration path to Conjur Enterprise is a progressive step in a DevOps environment.

  • AWS IAM Authenticator

    Enhance your Amazon development environments with Conjur. Leverage IAM roles of AWS Principals (EC2, Lambda, Auto Scaling, etc.) for strong authentication while using Conjur for policy-based authorization. See AWS IAM Authenticator for more information.

  • LDAP authenticator

    Use your existing LDAP directory for authentication. This feature was previously available only to Conjur Enterprise. See LDAP Authenticator for information.

  • Policy Enhancements

    The following enhancements simplify policy creation and management and also result in database performance improvements.

    • Streamlined policy loading

      Policy load modes (POST, PATCH, and PUT in the API) make policy maintenance more efficient, easier for the user, and more aligned to standard database principles of creating, updating, and deleting. In the CLI, the load modes are implemented as command options. See Load and Manage Policy for more information.

    • Policy management

      Enhancements in policy statements and CLI commands eliminate multiple ways to create Conjur resources and strengthen the Conjur "policy as code" philosophy.

      See Create Resources in Policy Files for more information.

    • Policy versioning

      Versions of policy (the policy resources loaded under a policy id) are maintained in the Conjur database and are retrievable.

      See View Policy History for more information.

  • Improved auditing features using Syslog

    The auditing logs now use the industry-standard RFC 5424 protocol (Syslog), facilitating integration with third party tools for reporting.

    See Audit for more information.

What's new in Conjur open source V1

Conjur Open Source Version 1.0 is a major release. This release makes many features available to the Open Source audience that were previously available only to Conjur Enterprise customers.

Conjur Open Source Version 1.0 offers the following enhancements:

  • Easy migration from Open Source to Enterprise.

    This release, along with the Conjur Enterprise V5 release, makes the migration path from Conjur Open Source to Conjur Enterprise an easy, progressive step in a DevOps environment.

  • AWS IAM Authenticator

    Enhance your Amazon development environments with Conjur. Leverage IAM roles of AWS Principals (EC2, Lambda, Auto Scaling, etc.) for strong authentication while using Conjur for policy-based authorization. See AWS IAM Authenticator for more information.

  • Kubernetes Authenticator and Kubernetes integration

    Enhance your Kubernetes or Red Hat Open Shift development environments with Conjur. The K8S authenticator introduces strong authentication for application containers running in the Kubernetes or OpenShift environments, allowing secure end to end secret management for these workloads.

    These features were previously available only to Conjur Enterprise.

    See Kubernetes Authenticator for authenticator information.

    See Kubernetes and OpenShift Integration for integration procedures.

  • LDAP authenticator

    Use your existing LDAP directory for authentication. This feature was previously available only to Conjur Enterprise. See LDAP Authenticator for information.

  • Secret rotations

    Protect your infrastructure access by scheduling automatic rotations for the following secrets: 

    Rotation was previously available only to Enterprise customers. See the links above for specific information about configuring the rotators. See Rotation for general information about implementing and managing Conjur rotation.

  • Auditing

    The same Syslog auditing features that were introduced into Conjur Enterprise are available in Conjur Open Source. Previously, auditing was available only to Enterprise customers.

    See Audit for more information.

More about Conjur Enterprise V5

Conjur Enterprise Version 4 versus Conjur Enterprise Version 5

This section is for existing Conjur Enterprise V4 users to compare their current implementation with the new Conjur Enterprise V5 product.

Changes to CLI Commands and Policy Statements

For a detailed list of differences in CLI and policy syntax between the two versions of Conjur, see Policy and CLI in V5 vs V4.

Features Not Yet Available in Enterprise Version 5

The following features have not yet been ported from V4 to V5. They are planned. Watch our Change Logs, where we list improvements in each minor release.

  • Additional rotators (Oracle, GCP Service Account keys, SSH keys, and Host Factory Tokens)
  • SSH and public key functions

See your CyberArk Conjur account representative for more information.

More about Conjur Open Source V1

Change Log Location

Conjur Open Source server development is available in the master branch of cyberark/conjur on GitHub. Use the Changelog to view descriptions of new releases as they become available.

Obtain Images

Conjur Open Source server images are available from the following locations: