Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Release Notes

Release Note for CTE for Kubernetes

search

Release Note for CTE for Kubernetes

Release Note Version Date
1.2.0.48 2023-05-23

copy link to clipboardContainer Image Digest

Verify that the Container Image Digest matches the version that you are installing.

copy link to clipboardNew Features and Enhancements

  • Support for Trusted Pods

    CTE for Kubernetes allows only trusted pods to access protected data volumes and attach to CTE for Kubernetes claims if you activate this optional feature. CTE for Kubernetes uses signature sets to validate the pod as trusted. Signatures are in the form of key-value pairs which contain the image name and the corresponding digest value. After mapping the image signature with the received signature set, CTE for Kubernetes will allow, or prevent, mounting of the the encrypted volume.

    See Support for Trusted Pods for more information.

  • Support for Using external certificates with Kubernetes

    CipherTrust Transparent Encryption can now use an external certificate, available at a user-defined path, to communicate with CipherTrust Manager.

    See Using external certificates with CTE for Kubernetes for more information.

  • CTE for Kubernetes Logging

    Improved the CTE for Kubernetes logging information in the Troubleshooting section.

  • CTE for Kubernetes Lifecycle and OS Support

    The CTE for Kubernetes taxonomy documentation has been updated for CTE for Kubernetes and moved to an independent location.

  • Supports Rancher for Kubernetes

    CTE for Kubernetes now supports Rancher for Kubernetes.

    See Rancher for more information.

copy link to clipboardResolved Issues

  • AGT-43174: Typo in example storageclass yaml file

    CipherTrust was spelled as CipherTrust in the storageclass yaml file in the example directory. This has been fixed.

  • AGT-43740 [CS1452612]: Not able to resolve CipherTrust Manager FQDN hostname when registering

    Name resolution was failing to communicate with CipherTrust Manager nodes that used FQDN, instead of an IP address so agent registration was unsuccessful. This has been fixed.

  • AGT-44993: Documentation Improvement: CSI External Certificate feature

    See Using external certificates with CTE for Kubernetes for more information.

copy link to clipboardKnown Issues

  • AGT-41592: CTE for Kubernetes client does not display the active Data Transformation guard policy during Data Transformation

    When Offline Data Transformation is running, the Guard Policy does not display as active on CipherTrust Manager, because it does not send any Guard Policy details to CipherTrust Manager. Only after the production policy is applied to the GuardPoint do the details populate CipherTrust Manager.

  • AGT-45130: CTE-CSI: fsstress test is hanging

    When multiple binaries are started from inside a GuardPoint in quick succession, a hang may occur.

    Work-around

    Do not apply policies to GuardPoints that contain binary files.

    note

    Note

    Thales will release a patch to fix this issue very shortly.

On this page