Fixed bug where unused access risk factor wasn't being surfaced for some applicable grants

  • Enabled command K while inputs/textareas/select are focused
  • Added Shift+Select to new tables
  • Fixed bug with bulk selection where deselecting items does not work
  • Fixed inconsistent styling on danger zone page
  • Risk Center suggestion scoring improvements
  • Users can filter for Databricks NHI connections
  • Fixed a bug in UAR bulk reviewer assignment
  • Improved access review experience by making export functionality available for past access reviews while maintaining appropriate restrictions on reminder functionality.
  • When an on-call schedule is deleted in the end system, its assigned group membership access is now immediately revoked. Previously, a 24-hour grace period was given.
  • Added search query to URL for user group, user resources, resource groups, resource roles, and group users tables
  • Updated styling of request duration dropdown
  • Updated styling of the group access tab of a group
  • Fixed access review metrics to correctly count only users specified in filters when generating reports for User Access Reviews.
  • Added an access level column to a user resource and user group tables
  • Updated terminology for inventory apps + bundles to contain "assets" (resources and groups)
  • Added requested by for all requests requested by someone else
  • Added opal_org_name name field to event streaming payload.
  • Added the ability to filter resources by ancestor in the GetResources API. This allows users to retrieve all resources that are descendants of a specified resource, making it easier to navigate hierarchical resource structures.
  • Fixed links from slack, emails, and google chat directing to broken pages
  • Fixed a bug where “Create Access Review Date” input could have the wrong dates
  • Fixed a bug where when adding resources to a group, an apps resources list would not expand.
  • Fixed a bug causing usage data to show as "Not Available" incorrectly for certain groups.
  • Fixed a bug where users resources page wasn't paginated
  • Fixed a bug where propagation tickets may not have displayed correctly

  • Fixed a bug where loading approved requests with a propagation ticket may have failed
  • Added a warning when setting a custom global max resource and group duration if it exceeds a year
  • Fixed broken labels on break glass modal
  • Performance improvements for the risk center.
  • Fixed colors for EC2 usage table in dark mode
  • Added more detail to some GCP connection creation errors.
  • Fixed a bug where the assignment of AWS Identity Center resources were not populated if one of their assignees is missing an email.
  • Fixed a bug causing access rules to sometimes not be synced.
  • Added groups and apps to UAR schedules table.
  • Changed UAR paths to used nested routes instead of category search params
  • Changed UAR schedules path from /access-reviews/t/{SCHEDULE_ID}?category=schedules to /access-reviews/{SCHEDULE_ID}
  • Converted all paths for UARs to routes instead of hashes. Eg. #my-review -> /my-review
  • Improved handling of LaunchDarkly errors and fallback to degraded experience if it is down.
  • Fixed a bug where GCP projects would not be removed from Opal after being deleted in GCP.
  • Updated request form label from Expires In to How long do you need access?
  • Opal can now automatically revoke access from users in end systems when they are deprovisioned in IDP/HRIS systems. This can be enabled in IDP/HRIS settings.
  • Added max possible duration option when creating an API Access Token
  • Fixed missing My Access toggle in app detail view in Catalog
  • The "Connect" button for AWS Identity Center Roles now directly links to an AWS session using the role in question rather than the AWS Identity Center start page.
  • Improved the sorting order for the last used field in the risk center to make it easier to view usage data.
  • Visibility configuration can now be modified for Access Rules & Okta group rules.
  • Minor UI changes to Risk Center.
  • Added 'New Access Request' entry to quick search menu.
  • Mitigated an issue where Okta replication lag would result in stale data to be imported.
  • Removed feature-flagging service from the critical path such that the app functions if it goes down.
  • Improved API request validation to properly handle all requests with bodies. This fixes an issue creating and modifying terraform resources using apis with no request body.
  • Added the ability to update a user's access level or duration in a group via the API.
  • Fixed a bug when setting a custom duration for an Owner Escalation Policy would default to an invalid '0' option.
  • Fixed a bug where some custom connector login events were not attributed to their resource.
  • AWS, Azure and GCP apps now default to list view in the UI.