As we complete October, we’re excited to share a host of new features designed to boost security, enhance management, and provide even greater flexibility in setting up your Convox environment. From major improvements to our Role-Based Access Control (RBAC) and expanded SSL options for internal services to the latest updates in v2 and v3 racks, this month's highlights empower you to manage your resources with more precision and control. Let’s dive into the updates.
We've introduced a comprehensive update to Role-Based Access Control, giving you the tools to manage permissions with unmatched precision. With custom roles, you can now define who has access to specific areas across both the Console and CLI, making it easier to enforce least-privilege access and strengthen security. The new RBAC setup includes pre-configured roles for common use cases, while also allowing you to create tailored roles with resource-specific permissions. Explore these new controls under the Roles tab in the Users page to implement secure, customized access management for your team.
You can now define initContainers for your services, which run setup tasks before the main application container starts. Whether initializing volumes or running security scripts, initContainers guarantee a fully prepared environment before your main application launches, giving you more control over the deployment setup process.
We’ve added the ability to create SSL certificates via DNS01 challenges for internal service routers, similar to the primary rack router. This update lets you secure internal traffic within your VPC, enhancing security for applications that need to communicate privately with internal AWS services or other racks.
The convox run command now allows custom IAM policies specified in convox.yml to be automatically attached to containers executing commands. This update offers greater flexibility for tasks needing temporary AWS access, such as accessing databases or S3 resources, making your service configurations more streamlined and secure.
