This topic describes the release notes for Bastionhost and provides links to the relevant references.
2022
| Version | Feature | Type | Description | Involved edition | Release date | References |
|---|---|---|---|---|---|---|
| V3.2.31 | Oracle database O&M | New | O&M operations can be performed on Oracle databases. | Enterprise | 2022-12-22 | O&M overview |
| Management of third-party asset sources | Optimized | Third-party asset sources, such as Amazon Web Services (AWS) and Tencent Cloud, can be imported and managed. | Basic and Enterprise | Manage third-party asset sources | ||
| Optimization of the O&M portal | Optimized | The O&M portal can be used by local users, Active Directory (AD)-authenticated users, and Lightweight Directory Access Protocol (LDAP)-authenticated users to modify keys and user information. | Basic and Enterprise | Configure security policies | ||
| Asset connectivity check | New | The asset connectivity is automatically checked. The status of the asset connectivity is updated every 4 hours. | Basic and Enterprise | Manage a host | ||
| Management of AD and LDAP settings | Optimized | AD and LDAP settings can be cleared. | Basic and Enterprise | Configure AD authentication or LDAP authentication | ||
| Update of API operations | Optimized | An API operation is released to manage the public key of a user. When a user is created or edited, the following settings can be configured: user's validity period, two-factor authentication, and whether the user must reset the password upon the next logon. | Basic and Enterprise | None | ||
| Host key | New | ED25519 keys can be used as host keys. | Basic and Enterprise | None | ||
| V3.2.30 | O&M applicant review | New | The O&M applicant review feature is supported. After the feature is enabled, an O&M engineer can log on to the required assets and perform O&M operations only after the Bastionhost administrator approves the O&M application submitted by the O&M engineer. | Basic and Enterprise | 2022-11-21 | Create a control policy |
| Host O&M token | New | O&M tokens can be obtained on the Host O&M page. You can use an O&M token to perform client-based O&M. | Basic and Enterprise | None | ||
| Notification | New | Text messages and email notifications are supported. In addition to internal messages, you can use text messages and emails to receive notifications such as command alerts, storage alerts, and notifications of O&M address changes. | Basic and Enterprise | Use the notification feature | ||
| Asset monitoring | New | Assets on which no O&M operations are performed for the last seven or 30 days can be filtered. | Basic and Enterprise | None | ||
| User logon settings | New | Users can be configured to use only key pairs for authentication when they log on to a bastion host. | Basic and Enterprise | Configure the parameters on the User Settings tab | ||
| Two-factor authentication | New | The mobile phone numbers in Saudi Arabia (+966) are supported by the two-factor authentication feature. | Basic and Enterprise | Enable two-factor authentication | ||
| Settings for two-factor authentication | Optimized | Two-factor authentication settings for multiple users can be modified at a time on the Users page. | Basic and Enterprise | Enable two-factor authentication | ||
| Access control policies | Optimized | The logic for creating access control policies is optimized. | Basic and Enterprise | Create a control policy | ||
| User status monitoring | Optimized | Tags are added for deleted RAM users. | Basic and Enterprise | Manage users | ||
| Stability optimization | Optimized | The overload protection mechanism is supported to improve the stability of O&M sessions. | Basic and Enterprise | None | ||
| V3.2.28 | Database O&M and audit | New | Database O&M and audit are supported. You can perform O&M and audit operations on ApsaraDB RDS for MySQL instances, ApsaraDB RDS for SQL Server instances, ApsaraDB RDS for PostgreSQL instances, and self-managed databases. | Enterprise | 2022-07-27 | Use the database management feature |
| O&M portal | New | The O&M portal is added. You can log on to the O&M portal to maintain assets on which you have permissions on a web page. You can also use a one-time password (OTP) token to log on to the O&M portal as a local user. | Basic and Enterprise | O&M overview | ||
| OTP tokens for local users to implement two-factor authentication | New | OTP tokens are provided for local users to implement two-factor authentication. Local users can scan the quick response (QR) code that is displayed in the O&M portal to implement two-factor authentication. | Basic and Enterprise | Enable two-factor authentication | ||
| Custom ports for hosts | New | Custom ports are supported for hosts. If you import multiple hosts by using an Excel file, you can specify custom ports for the hosts. | Basic and Enterprise | Change the service port of a host | ||
| V3.2.26 | Management of third-party asset sources | New | Third-party asset sources can be managed. You can import assets from third-party asset sources. | Basic and Enterprise | 2022-04-06 | Add hosts |
| Verification codes of two-factor authentication | New | Verification codes can be sent by using notifications in DingTalk during two-factor authentication. You can select Chinese or English in which you want to send a verification code. | Basic and Enterprise | Enable two-factor authentication | ||
| User settings for two-factor authentication | New | Two-factor authentication can be configured for a single user. | Basic and Enterprise | Manage users | ||
| API operations | New | API operations are released to configure AD authentication, two-factor authentication, and shared keys. | Basic and Enterprise | |||
| Search conditions for password change tasks | Optimized | Host IP addresses and host names can be used to search for password change tasks. | Enterprise | None | ||
| Text messages for two-factor authentication | New | The mobile phone numbers in Poland (+48) and Spain (+34) are supported by the two-factor authentication feature. | Basic and Enterprise | Which countries and regions support the SMS-based two-factor authentication feature of Bastionhost? | ||
| Regular updates of the configurations and status of AD-authenticated and LDAP-authenticated users | Iterated | The configurations and status of AD-authenticated and LDAP-authenticated users can be regularly updated. | Basic and Enterprise | Configure the parameters on the User Settings tab |
2021
| Version | Feature | Type | Description | Involved edition | Release date | References |
|---|---|---|---|---|---|---|
| V3.2.22 | Authorization rules | New | Authorization rules can be created. You can create authorization rules to authorize multiple users to manage assets. You can also specify a validity period for an authorization rule. | Basic and Enterprise | 2021-11-22 | Create an authorization rule and Manage an authorization rule |
| Import and export of bastion host configurations | New | The import and export of bastion host configurations are supported. You can export the configurations of a bastion host and import the exported configurations for use on other bastion hosts. | Basic and Enterprise | Use the configuration backup feature | ||
| Proxy mode of the network domain feature | New | The proxy mode of the network domain feature is supported by Bastionhost Enterprise Edition. This allows you to configure a secondary proxy server in a network domain. If an error occurs on the primary proxy server, the secondary proxy server is automatically connected to your bastion host. | Enterprise | Use the network domain feature | ||
| Network domains | New | Internal messages are supported to notify you of network domain errors. | Enterprise | Use the notification feature | ||
| Personalized desktops | New | Personalized desktops can be enabled when you configure O&M settings. Users can use Windows personalized desktops. | Basic and Enterprise | Configure O&M settings | ||
| Password reset upon next logon | New | When you create a local user, you are allowed to specify whether the user must reset the password upon the next logon. | Basic and Enterprise | Manage users | ||
| V3.2.20 | Asset access by using proxies | New | Proxies can be used to access assets. SSH, SOCKS5, and HTTP proxies are supported. | Enterprise | 2021-07-22 | Use the network domain feature |
| Global configuration item for host fingerprint verification | New | A global configuration item is added to verify host fingerprints. | Basic and Enterprise | Configure O&M settings | ||
| Access control on logon accounts | Optimized | Access control on logon accounts is optimized. A switch is added to control whether empty accounts are visible. | Basic and Enterprise | Configure O&M settings | ||
| Backup and export of O&M logs | New | O&M logs can be backed up and exported. | Basic and Enterprise | Use the log backup feature | ||
| Internal messages | New | Internal messages are supported in the following scenarios:
| Basic and Enterprise | Use the notification feature | ||
| Text messages for two-factor authentication | New | The mobile phone numbers in France (+33), Israel (+972), and Italy (+39) are supported by the two-factor authentication feature. | Basic and Enterprise | Which countries and regions support the SMS-based two-factor authentication feature of Bastionhost? | ||
| V3.2.18 | Export of the host list | New | The host list can be exported. | Basic and Enterprise | 2021-04-21 | Export the host list with a few clicks |
| Use the key management feature | New | The key management feature is released. This feature allows you to bind a key to multiple host accounts at a time. | Basic and Enterprise | Use the shared key feature | ||
| Marking of users | Optimized | Users can be marked as inactive based on the time range you specify. | Basic and Enterprise | None | ||
| Import of AD-authenticated or LDAP-authenticated users | Optimized | Keywords of usernames can be used to search for the AD-authenticated or LDAP-authenticated users that you want to import. | Basic and Enterprise | Manage users | ||
| Access control policies | New | The access control feature is updated. You can specify time ranges to allow user access to a host. | Basic and Enterprise | Create a control policy | ||
| Two-factor authentication | New | Emails can be used to receive verification codes during two-factor authentication. You can specify the number of days a user can skip the two-factor authentication after the user enters the correct verification code. | Basic and Enterprise | Enable two-factor authentication | ||
| Password validity period for local users | New | The password validity period of a local user can be configured. | Basic and Enterprise | Configure the parameters on the User Settings tab | ||
| V3.2.17 | Password change | New | A task can be created to change the passwords of different Linux host accounts at a time. | Enterprise | 2021-03-15 | Use the automatic password change feature |
| Clearance of the fingerprints on multiple hosts at a time | New | Fingerprints on multiple hosts can be cleared at a time. | Basic and Enterprise | Clear host fingerprints | ||
| Searching for hosts, host groups, users, and user groups | Optimized |
| Basic and Enterprise | None | ||
| Text messages for two-factor authentication | New | The mobile phone numbers in the Republic of Korea (+82), the Philippines (+63), Taiwan (China) (+886), Switzerland (+41), and Sweden (+46) are supported by the two-factor authentication feature. | Basic and Enterprise | Which countries and regions support the SMS-based two-factor authentication feature of Bastionhost? | ||
| User logon prohibition | Iterated | The session interruption feature is released to prohibit users from accessing hosts. | Basic and Enterprise | Interrupt sessions | ||
| Adding users | New | A user validity period can be configured when you create a local user or import an AD-authenticated or LDAP-authenticated user. | Basic and Enterprise | Manage users | ||
| O&M reports | New | The O&M report feature is released. This feature allows you to export reports to Word, PDF, or HTML files. | Basic and Enterprise | View the O&M information on the O&M Reports page and export an O&M report | ||
| Extended storage plans for audit videos | Iterated | Extended storage plans can be purchased to store audit videos. | Basic and Enterprise | Purchase a bastion host | ||
| Host O&M by using a web terminal | New | O&M operations can be performed on hosts in the console of a bastion host by using a web terminal. | Enterprise | Use the host O&M feature | ||
| Idle duration for O&M and total O&M duration | Iterated | Idle duration for O&M and total O&M duration can be configured. | Basic and Enterprise | Configure O&M settings | ||
| API operations | New | API operations are released to manage users, user groups, hosts, host groups, host accounts, and host authorization. | Basic and Enterprise | Hosts (available only for bastion hosts that run V3.2.17 and later versions) |
2020
| Version | Feature | Type | Description | Involved edition | Release date | References |
|---|---|---|---|---|---|---|
| V3.2.13 | Release of Bastionhost Enterprise Edition | New | Bastionhost Enterprise Edition is released. | Basic and Enterprise | 2020-11-16 | Billing |
| Wizard | New | A wizard is provided to walk you through how to use Bastionhost. To use the wizard, you can click Wizard in the upper-right corner in the console of a bastion host. | Basic and Enterprise | None | ||
| Marking of released Elastic Compute Service (ECS) instances | Optimized | Released ECS instances can be marked. | Basic and Enterprise | None | ||
| User settings | New | User groups can be selected when you create a user. | Basic and Enterprise | Manage users | ||
| Text messages for two-factor authentication | New | The mobile phone numbers in Germany (+49), Australia (+61), the United States (+1), Dubai (+971), Japan (+81), the United Kingdom (+44), India (+91), and Macao (China) (+853) are supported by the two-factor authentication feature. | Basic and Enterprise | Which countries and regions support the SMS-based two-factor authentication feature of Bastionhost? | ||
| Network diagnostics | New | The network diagnostics feature is released. | Basic and Enterprise | Diagnose network issues |