Welcome to the Convox Newsletter! Stay ahead with the latest updates, news, and insights. Join our community of innovators and be the first to know about new features, product launches, and updates. Empower yourself with helpful tips and resources to maximize Convox's solutions. Don't miss out!

Feature Highlight: Temporary Rack Access Command

We're introducing a new feature to our platform: the Temporary Rack Access command. This functionality generates access credentials and is useful for including read access URLs in support tickets or for any internal temporary access requirements. All credentials require a duration and will automatically expire.

Usage:

convox rack access --role [role] --duration-in-hours [duration]

This feature includes the "Rack Access Key Rotation" function, which provides  a  simple way to invalidate all previously generated temporary access credentials.

Example:

convox rack access key rotate

Supported from versions 20230704162933 for v2  and 3.13.1 for v3 onwards, this command serves as a valuable tool for better control over temporary rack access, enhancing both operational efficiency and security.

Product updates and notifications:

• Enhanced GitHub Action Build: Allows users to access the Git version hash of the application while building from a Github action.  Users can now tag releases in our error tracker with the Git version and easily access this information from within the application during the error tracker initialization process.
• Specified Policies for Every Service: Allows you to create roles tailored to specific services, effortlessly overriding the IamPolicy exclusively for that service. You can now define roles that cater to the unique requirements of each service, ensuring optimal performance and secure access. (It will not be used if policies is defined on convox.yml`).

V2:

• Service level IAM Policy - Create a role that will use the defined policies on that service. It overrides the IamPolicy just for that service

V3:

• Add Custom label support: Allows each user to add custom labels to Kubernetes objects.
• Add grpc support: This feature allows user to deploy grpc service using convox. Here an example of simple  grpc server: https://github.com/convox-examples/grpc
• k8s 1.25: AKS is retiring v1.24.x on 30 July 2023. We’ve upgraded to the new version to stay within supported versions and service-level agreements (SLA).

Latest Releases

To keep you updated on the latest releases, here is a summary of our recent work:

Version 3 (RSS or GitHub)

• 3.13.0  
  • Add custom label support (#658)  
  • Feat k8s 1.25 (#657)  
  • Add grpc support (#656)
• 3.12.4  
  • Update testify to v1.8.4  
  • Update kubectl version  
  • Rewrite cert renew logic  
  • certs renew command and fix certs list cmd  
  • Use seperate job  
  • Add digital ocean cleanup
• 3.13.1  
  • set random_id for build node if build node enabled  
  • Use plural for duration in hours  
  • update golang.org/x/text to v0.11.0  
  • Refactor telemetry work (#666)  
  • Add doc for rack access cmdAdd rack api access access mechanism  
  • Bootstrap read access authorization

Version 2 (RSS or GitHub)

• 20230619214423  
  • Reimplement whitelisting for rack api #3683  
  • Fix Spot instances preventing rack from updating #3685
• 20230614151114  
  • Remove ExistingGatewayAttachment on installing into existing VPC by  #3684  
  • Add DedicatedBuilder condition to BuildLaunchTemplate  #3682
• 20230718213916  
  • #3690 Enable  sqs managed  sse [@nightfury1204]

Article: Navigating Changes in AWS: A Guide to Spot Instances and the SpotInstanceBid Parameter

In the dynamic landscape of AWS, recent shifts from Launch Configurations to Launch Templates necessitate an understanding and adjustment for users employing the SpotInstanceBid parameter. This blog post will articulate the implications of these transitions and offer practical guidance to ensure your services continue to function efficiently. Continue reading here.

Is Google Meet HIPAA Complaint? Here's How to Create a Self-hosted Alternative with Convox

Discover a cost-effective and flexible alternative for small organizations and enterprises seeking HIPAA-compliant solutions. While Google Meet can be made HIPAA-compliant with adjustments, its inclusion in Google Workspace has increased costs. That's why a self-hosted solution like NextCloud or Jitsi becomes a superior choice. Our featured article guides you through the step-by-step process of setting up NextCloud as a self-hosted Google Meet alternative. Take the next leap towards HIPAA compliance by diving into the detailed instructions. Read the full article  here