Yandex Identity and Access Management release notes
Written by
Updated at December 2, 2024
Labels next to update description indicate the interface supporting the update: management console, CLI, API, or Terraform.
Q3 2024
- Added Workload Identity Federations that allow you to grant access to external applications without using long-lived access keys. This feature is at the Preview stage.
Management console
CLI
Terraform
API
- You can now create API keys with limited scope and validity period.
Management console
CLI
Terraform
API
- Added the ResolveAgent REST API method.
API
- Added the ability to revoke an IAM token using Yandex Cloud CLI.
CLI
- Added
All users in organization X
andAll users in federation N
system groups. - Added the Terraform data source used to get the service agent ID.
Terraform
Q2 2024
- Added the last used date info for service account access keys. You can find this info on the service account page in the management console
or in thelast_used_at
field when using the API to invoke access key management methods.Management console
API
Q1 2024
- Added the Security Token Service component to get temporary access keys compatible with AWS S3 API. This feature is at the Preview stage.
CLI
API
- Added OAuth client authentication support by authenticating a service account token.
- Added the option of using masked token ID for Audit Trails logs.
- Improved the key rotation mechanism in OpenID Connect
.