What's New in 24.1.0
This section provides information about the new features and enhancements that have been implemented in version 24.1.0.
This page includes the following:
Automic SaaS
Automic SaaS and Automic Automation versions have slightly different release cadences. This is why you may read about features in the product documentation that are not available on your environment yet. This deviation in content happens only during a short period of time.
In addition to the other new features described in this topic, the following is available for Automic SaaS:
Ability to Create Users
Automic SaaS administrator users no longer have to place a request with Broadcom to have additional Users created in their environments. As of version 24.1.0, administrator Users with the necessary rights can create Users in Client 0 and in the production Clients and move them to the Clients they should have access to, either through the Automic Web Interface or through the AE REST API.
For more information see:
General Enhancements
This version introduces the following new features:
Restrictions to User Privileges
Automic Automation 24.1.0 provides a significant security enhancement. As of this version, additional restrictions have been added to the following existing privileges that administrators can assign to Users:
Least Privilege Requirement for Granting Privileges to other Users
As of this version, administrator users with the right to define other Users' privileges will not be able to grant privileges that they do not have themselves. A new internal check guarantees that this restriction is honored system-wide, that is, everywhere where modifying User objects is possible: AWI, Java API, REST API, XML import.
Administrators who have created Users with more privileges than themselves in previous versions will still be able to view those User definitions, provided they have the necessary rights. However, they will not be able to modify them.
For more information, see Granting Automation Engine Privileges.
Restricted Privilege to Start and Stop Processes
So far, any User with access to the Administration perspective could start and stop processes on the Automation Engine Management > Processes and Utilization page. As of version 24.1.0, this is no longer possible.
The previous Execute system upgrades privilege has been enhanced to include the right to start and stop processes too. This privilege is called Upgrade system, start and stop processes now. This means that as of now, to be able to start and stop processes (both from the UI and through scripts), a User must have this privilege. The following script functions are affected by this change: :SHUTDOWN, :TERMINATE and MODIFY_SYSTEM.
For more information, see Starting/Stopping a Process.
Restricted Privilege to Configure AWI Logging and Tracing
So far, any User with access to Client 0 could configure AWI's log level on the AWI Management > Logging page. As of version 24.1.0, this is no longer possible.
The previous Create diagnostic information privilege has been enhanced to include the right to define AWI's log level. This means that as of now, to be able to configure AWI's log level and tracing (both from the UI and through scripts), a User must have this privilege. The following script functions are affected by this change: TRACE and TRACE_DUMP.
For more information, see Configuring the Log Level in AWI.
New Privilege to Start CAU
So far, the Execute system upgrades privilege (now renamed to Upgrade system, start and stop processes) included the ability to upgrade Agents automatically using the Centralized Agent Upgrade (CAU)) solution. As of 24.1.0, Upgrade system, start and stop processes DOES NOT include the right to upgrade the Agents. Now, administrators need a new dedicated privilege called Upgrade Agents (CAU) for this purpose.
Important! If you upgrade from 24.0.0 to 24.1.0, all the Users that had the Execute system upgrades privilege will automatically get the new Upgrade Agents (CAU) privilege too. If you create new administrator Users, you will have to grant this new privilege manually.
For more information, see Granting Automation Engine Privileges.
Encryption Tool (ucybcryp) Available for Linux
As of version 24.1.0, the ucybcryp encryption tool is available for Linux x64, which allows you to generate and obfuscate passwords on a Linux system. For more information, see Obfuscating Passwords.
Telemetry - Export Detail Data
This version introduces a new button on the telemetry Usage Data page called Export Detail Data that lets you export the detailed usage data information per node (SKU) as CSV. For more information, see Usage Data.
AE REST API
This version introduces the following capabilities in the AE REST API:
User Management
The AE REST API has been enhanced with the following new capabilities:
-
Create Users in production Clients using the administrator User in Client 0 (previously it was already possible to create Users in Client 0).
-
Move Users from Client 0 to a production Client.
-
Close a User session.
-
Disconnect a User from a session
Client Management
The AE REST API has been enhanced with the following new capabilities:
-
Create a Client
-
Get the attributes of a Client.
-
Start and stop Clients.
-
Update Client attributes.
For more information, see AE REST API documentation.
Automic Automation Kubernetes Edition
This version introduces the following new features in AAKE:
AAKE Installation and Upgrade without the Automic Automation Helm Plugin
As of version 24.1.0, the Automic Automation Helm Plugin is optional. You do not longer need it to install and/or upgrade AAKE. Instead, to monitor the status of the installation, you can use the following command:
kubectl get baa automic-automation -o jsonpath="{$.status.stage}"
Pausing the AAKE Upgrade Process No Longer Necessary
When upgrading your AAKE installation, it is no longer necessary to pause the process and wait until the database is backed up. In the operator section of the values.yaml file you can specify whether the upgrade process should stop or not by entering true or false in the pauseOnUpgrade parameter. For more information, see Upgrading Container-Based Systems.
AAKE Containers Run in Restricted Mode
As of version 24.1.0, the AAKE containers run in non-privileged/restricted mode and are no longer started with the root user. This means that you can now activate the restricted pod security policies that you deem appropriate. For more information, see Container-Based Installation - Automic Automation Kubernetes Edition.
Automic Web Interface
BROADCOM is committed to continuously improve the accessibility of its products. With 24.1.0, all status icons in AWI have been redesigned to provide the optimum size and color contrast. For more information, see Task Status.
Agents
This version introduces the following features in the Agents:
HTTP Proxy Connection Enabled in the New FTP Agent
With this version, the FTP Agent connection capabilities have been enhanced to include HTTP Proxy. For this purpose, the FTP Connection object provides a new configuration option. For more information, see Establishing the Connection in the FTP Agent Integration documentation.
WEBSOCKET_TIMEOUT Parameter in UC_HOSTCHAR_DEFAULT Variable
The WEBSOCKET_TIMEOUT parameter has been added to the UC_HOSTCHAR_DEFAULT variable. It allows you to specify a timeout for the connection between a TLS/SSL Agent and the Automation Engine.
When this parameter is defined in Client 0, it applies to the entire system. You can also duplicate the variable and move it to the relevant Client to define an individual interval for a specific Agent.
Important! Make sure you define the relevant timeout intervals using this new parameter.
For more information, see UC_HOSTCHAR_DEFAULT - Host Characteristics.
The existing WEBSOCKET_TIMEOUT parameter in the UC_SYSTEM_SETTINGS refers only to the connection timeout of the Java API or AWI and the corresponding Java communication process.
For more information, see WEBSOCKET_TIMEOUT.
Cloud Integrations
This section provides information about the new features and enhancements that have been implemented in the Cloud Integrations for Automic Automation 24.1.0.
This page includes the following:
Ansible Tower
Ansible Tower is designed as a hub for your automation tasks that manages credentials, job templates and job template workflows, executes simple tasks remotely and many more. However, it lacks the powerful orchestrating and scheduling capabilities that Automic Automation offers. With the Automic Automation / Ansible Tower Agent Integration you can manage thousands of servers and databases, pass parameters between playbooks, create Workflows that consists of multiple playbooks, and much more. Automic Automation does the JSON parsing and processing of these complex scenarios.
The documentation for the Ansible Tower Agent is available at Automic Automation / Ansible Tower Agent Integration.
AWS Step Functions
AWS Step Functions is a visual workflow cloud service that allows you to use different AWS services to build distributed applications, automate processes, orchestrate microservices, and create data and machine learning (ML) pipelines.
Integrating Automic Automation with AWS Step Functions allows you to start, cancel and restart State Machines in AWS Step Functions from Automic Automation.
The documentation for the AWS Step Functions Agent is available at Automic Automation /AWS Step Functions Agent Integration.
Azure Logic Apps
Azure Logic Apps is a cloud platform where you can create and run automated workflows with little to no code. By using the visual designer and selecting from pre-built operations, you can quickly build a workflow that integrates and manages your apps, data, services, and systems. It simplifies the way that you connect legacy, modern, and cutting-edge systems across cloud, on premises, and hybrid environments and provides low-code-no-code tools for you to develop highly scalable integration solutions for your enterprise and business-to-business (B2B) scenarios.
Integrating Automic Automation with Azure Logic Apps allows you to run workflows in your Azure Logic Apps workspace from Automic Automation. The following list describes some example tasks, business processes, and workloads that you can automate using Azure Logic Apps:
-
Schedule and send email notifications using Office 365 when a specific event happens, for example, a new file is uploaded.
-
Route and process customer orders across on-premises systems and cloud services.
-
Move uploaded files from an SFTP or FTP server to Azure Storage.
-
Monitor tweets, analyze the sentiment, and create alerts or tasks for items that need review.
The documentation for the Azure Agent is available at Automic Automation / Azure Logic Apps Agent Integration.
FTP
File Transfer Protocol (FTP) is a standard network protocol used to copy a file from one server to another over a TCP-based network, such as the Internet. The Integration FTP Agent lets you issue commands between your local file system (where the Agent runs) and one or more remote FTP servers and between two remote FTP servers. It is not necessary to install the Integration FTP Agent on the FTP server(s). It can be installed anywhere where it best suits your company. Once the Integration FTP Agent is installed, the connection to the FTP server happens through the Agent via Connection Agents. You need a Connection object per FTP server that you want to connect to.
The documentation for the FTP Agent is available at Automic Automation / FTP Agent Integration.
S3 Enhancements
S3 (Simple Storage Service) is an industry-leading, object storage service that is the standard for many Automic Automation users. Customers of all sizes and industries use S3 to store and protect any amount of data for a range of use cases, such as big data analytics, backup and restore, archive, enterprise applications, and so on.
Integrating Automic Automation with S3 allows you automate business processes that require common storage operations (CRUD) on different target systems.
The documentation for the S3 Agent is available at Automic Automation / S3 Agent Integration.
See also: