New Features:

• Added support for ingesting GCP BigQuery datasets into Opal.

Bug Fixes:

• Fixed issue when reviewing access to a group that contains deleted resources.

Improvements:

• Allow new visibility options for showing group resources to reviewers in UARs.

Bug Fixes:

• Fixed sync issue when deleting a user on an Owner's source group.

New Features:

• Added toggle to send notifications when new items are imported into Opal.
• Added "Remember my email" functionality in the login flow.

Improvements:

• On MFA validation failure, users are now shown a helpful error message.

Bug Fixes:

• Fixed a security issue with organization sign-ups.
• Fixed a bug with UAR resource visibility where reviewers were unable to see assigned resources they don't have visibility into or have been deleted.

Improvements:

• Updated GCP app creation instructions to improve clarity.

Bug Fixes:

• Fixed a bug where removing an app from Opal would fail in certain scenarios.

New Features:

• We have added a toggle to hide the "Reason" field for requests. To enable this, go to a resource's request configuration, and toggle "Include Reason field in request" under the approval flow toggles. This will hide the "Reason" field for requesters when submitting a request for that resource.

Bug fixes:

• Fixed a bug where an error message would not properly display when adding an AWS Orgs app.

New Features:

• Added option for admins to set reason as optional in a request configuration.

Bug Fixes:

• Resolved a bug that was causing some bulk requests requiring MFA to fail.
• Resolved several small quality of life bugs with bulk requesting that caused the default expiration time to not display correctly.
• Fixed an issue where filtering events by event type would sometimes filter out events of the matching type.

New Features:

• Added support for regional STS endpoints in AWS.
• Support the "Restrict logins to SAML" option on Opal's CLI.

Improvements:

• Return a more descriptive error message when Opal cannot find the GCP service account.
• Make Google Groups user removal idempotent for non-existent users.
• Properly switch between resources/groups tabs when selecting new items.

Bug Fixes:

• Fixed a bug that caused the incorrect expiration to be set when requesting a resource requiring MFA.

Improvements:

• Allow setting roles as request configuration conditions in our API.
• Properly update group user source during sync.
• Show search results that also match a resource/group's remote name.
• Handle Slack rate limiting errors with retries and exponential backoff.

Fixed:

• Resolved an error with deleted managers in UAR assignment.
• Clear the selected item in the Slack request modal if the parent resource is changed.

Bug Fixes:

• Resolved an issue causing AWS RDS Instance ARNs to not be populated during sync.