v0.26.0

This release introduces Keyless Authentication for AWS: services running on AWS Lambda, ECS and EC2 can now natively authenticate to SecretHub to fetch their secrets, without needing another secret key.

We’ll be adding more Keyless Authentication providers (e.g. Google Cloud and Azure) in future releases, so stay tuned!

Added

• Add support for keyless authentication for any service running on AWS (e.g. EC2, Lambda or ECS) using the --identity-provider=aws flag.
• Add service aws init and service aws ls commands to create and list services that use AWS IAM + KMS as credential.
• Add service type and creation time to the service ls output.
• Create service permissions using --permission <subdirectory>:<permission> flag.
• Add --description, --desc and --descr aliases for description flag of org init and service init.
• Add config update-passphrase command to change the passphrase of your credential.

Removed

• Remove config upgrade command. The config update-passphrase command can be used to change the passphrase of your credential. To upgrade old configuration files, use a CLI with a version <= v0.25 to run the config upgrade command.

Fixed

• Improve help-text for nested management commands.
• Fix error message shown when run env-file cannot be read.
• Fix unicode characters in the passphrase breaking passphrase caching (see #132).
• When asking for user input, on invalid input, don't print "please try again" after the last try failed.
• When asking for user input, on invalid input, don't continue the command after the last try failed.