Yandex Identity and Access Management release notes

Labels next to update description indicate the interface supporting the update: management console, CLI, API, or Terraform.

Q3 2024Q3 2024

• Added Workload Identity Federations that allow you to grant access to external applications without using long-lived access keys. This feature is at the Preview stage. Management console CLI Terraform API
• You can now create API keys with limited scope and validity period. Management console CLI Terraform API
• Added the ResolveAgent REST API method. API
• Added the ability to revoke an IAM token using Yandex Cloud CLI. CLI
• Added All users in organization X and All users in federation N system groups.
• Added the Terraform data source used to get the service agent ID. Terraform

Q2 2024Q2 2024

• Added the last used date info for service account access keys. You can find this info on the service account page in the management console or in the last_used_at field when using the API to invoke access key management methods. Management console API

Q1 2024Q1 2024

• Added the Security Token Service component to get temporary access keys compatible with AWS S3 API. This feature is at the Preview stage. CLI API
• Added OAuth client authentication support by authenticating a service account token.
• Added the option of using masked token ID for Audit Trails logs.
• Improved the key rotation mechanism in OpenID Connect.