v5.6.0

• Add specific error messages when a TPP token scope/privilege is not sufficient for the current function. The message will include both the current and missing scope/privilege, #175.
• Add Set-VaasTeam to update existing VaaS teams. You can update the name, role, and/or user matching rules. User matching rules can be overwritten or appended to.
• Add Remove-VaasObject to remove a VaaS team, application, machine, machine identity, tag, or connector.
• Remove TppObject class. This was causing issues for some who aren't familiar with the Using keyword and differences between it and import-module when it comes to classes.
• Add Invoke-VaasWorkflow to trigger either a Test, Provision, or Discover machine/machine identity workflow. As one example, this is super helpful when looking to automate renewal and provisioning of certificates that may expire soon.

v5.5.1

• Fix error with Get-TppPermission when an identity which had been permissioned has had its account deleted. Explicit permissions will be returned, but the identity path and name will be null as we can no longer look it up from the provider.
• Get-TppPermission -Attribute has been deprecated. Identity path and name are included in the return object. For other attributes, use Get-TppIdentityAttribute.

v5.5.0

• Add Set-TppAttribute -NoOverwrite to allow additions to an attribute list. #189
• Add Get-TppAttribute -NoLookup for the remote cases where a built-in attribute and custom field have the same name. The default will be to look for a custom field. Use -NoLookup to override. #192
• Add ability to export the chain on VaaS with Export-VenafiCertificate
• Add ability to export a certificate to a file on VaaS with Export-VenafiCertificate
• Fix certain characters in friendly name causing Test-TppIdentityFormat to fail, #205
• Add ability to set specific permission with Set-TppPermission and not just an entire permissions object, #197
• Enhance pipeline support for Set-TppPermission
• Fix failure removing a custom field value with Set-TppAttribute, #199
• Fix ConvertTo-TppFullPath appending '\ved\policy' incorrectly on non-Windows environments

v5.4.1

• Add support for JWT token authentication in New-VenafiSession and New-TppToken

v5.4.0

• Add 'all' token scope with 2 values, 'core' and 'admin'. 'Core' is all scopes except for admin and 'admin' includes admin. Use as New-VenafiSession -Scope @{'all'='core'}. Not suggested for production environments
• Add -SkipCertificateCheck to New-VenafiSession and New-TppToken to bypass certificate checking, useful in pre-production environments, connecting via IP, etc. If you aren't creating a new session, but providing a token directly to a function, the same functionality can be found by setting an environment variable $env:VENAFIPS_SKIP_CERT_CHECK=1. If vaulting your token, this value will also be vaulted in the metadata making it very easy to use New-VenafiSession -VaultRefreshAccessToken $name and connect to pre-prod environments with no certificate checking
• New-VenafiSession -VaultMetadata is now deprecated and metadata will be vaulted by default
• Token scope is now vaulted in metadata and added to $VenafiSession when using -VaultAccessTokenName or -VaultRefreshTokenName of New-VenafiSession
• Update Write-VerboseWithSecret to support secrets in delimited json
• Fix TppObject ParentPath error when it contains certain characters, #186
• Fix object does not exist error with Move-TppObject in a try/catch, #185

v5.3.1

• Fix Get-TppClassAttribute -All error when providing VenafiSession directly, #182

v5.3.0

• Add Remove-TppObject to remove any object. Multiple people have asked for this so it's been added, but be careful using it as it can be very destructive. Recommend using -WhatIf to validate.
• Fix Invoke-VenafiCertificateAction always running as verbose, #173
• Fix Set-TppAttribute error when providing a null value, #176
• Fix Set-TppPermission error when providing VenafiSession directly, #174

v5.2.2

• Add specific event webhook subscription, not just types, and criticality option to New-VaasConnector
• Fix Get-TppObject returning invalid parent path, #166
• Fix Get-VenafiCertificate -All not paging through all results, #164
• Update Remove-TppCertificate and Remove-TppCertificateAssociation to align with latest Get-TppAttribute changes, #168

v5.2.1

• Fix Set-TppAttribute not setting integer values, #145
• Fix New-VenafiSession sending null header for windows integrated authentication, #162

v5.2.0

• Add Find-VaasObject to search for ActivityLog, Machine, MachineIdentity, CertificateRequest, and CertificateInstance
• Add -IssueDateBefore and IssueDateAfter to Find-VenafiCertificate for TPP
• Add New-TppObject -Force to create missing parent policy folders
• Supercharge New-TppPolicy
  • Add -Name to provide a list of policy folders to create
  • Add -Attribute and -PolicyAttribute to set both kinds of attributes at policy creation time
  • Add -Force to create missing parent policy folders
• Update messaging for Export-VenafiCertificate when using parameters for the wrong platform, #149
• Update New-VaasApplication -Owner to accept a name in addition to guid
• Update VaaS searching to be aware of fields/values case sensitivity and adjust where needed. Eg., certificatestatus as opposed to certificateStatus.
• Fix Find-TppObject parameter sets to disallow -Recursive when -Path not provided, #153
• Fix Find-VenafiCertificate -Issuer not working due to missing quotes, #146
• Fix Invoke-VenafiRestMethod -FullResponse consuming certain errors instead of throwing them, #152
• Fix Get-VaasIssuingTemplate -All not executing under certain circumstances