As part of our work on the Access Control Extension, we will migrate the whole authorization system behind Bosch IoT Insights.
Maintenance window
When: Wednesday, January 20, 2021, 08:00 – 14:00 CET
In this maintenance window, we will migrate from the old authorization system to the new system without downtime.
We estimate a maximum time frame of four hours for the migration procedure if everything goes well.
This is the second attempt. The migration has been aborted during the last maintenance window on January 14, 2021.
Limitations during maintenance
The following functionalities won’t be available during the maintenance window to avoid inconsistencies during the migration.
- Creating a new service subscription
- Terminating a service subscription
- Inviting users to a project
- Creating technical users
- Changing roles of users of a project
- Deleting users from a project
- No access to non-shared query templates for a short time
- Users on the Bosch IoT Insights UI will be logged out and can log in again immediately
Data ingestion, processing and querying services are not affected. Dashboards continue to work normally.
Important changes
The following changes could affect a few of our customers, although we have no knowledge of customers who use the affected API in an automated way.
- API to manage groups has been removed
- API to manage roles has been added instead of groups
- API to manage users and role assignments has been changed
- Default roles are now written in lower case, e.g. power_user
- Bosch IoT Things Policy subjects related to Bosch IoT Insights changed
- Example of a previous subject: iot-permissions:82b5c1e3-e769-4d9a-b15a-333148554c73
- Example of a new subject representing the same role: iot-suite:/ext-iam.insights.myproject.user
- Note: If you added iot-permissions subjects, created by Bosch IoT Insights to your Bosch IoT Things policies, you need to migrate them, too. Contact us for support.