Mender 3.4 on-prem released: integrate Mender with AWS IoT Core and other backend services

Today Mender 3.4 is released, including all the features we published on Hosted Mender in the last few months as part of our continuous development and rolling releases.

Thanks to the native support of AWS IoT Core and the support of Webhooks, we simplified the integration of Mender with other backend services avoiding the need to periodically poll the management API end-points to pull data and synchronize it with your cloud and on-prem infrastructure.

This release also includes, among other improvements, the following security-related features:

  • SAML Federated Authentication
  • Personal Access Tokens

Mender 3.4 is an LTS (Long Term Support) release and will be maintained for 12 months starting from the release date. This also marks the end-of-life for our Mender 3.0 LTS release. We encourage all users and customers to upgrade to Mender 3.4 at their convenience.

Additionally, Mender 3.4 officially supports the latest Yocto LTS release, Kirkstone. Branches in meta-mender are maintained according to the same schedule, which means that the meta-mender Kirkstone branch is an LTS release, supported until at least April 2024. At the same time, support for the Zeus and Warrior branches is dropped. We still accept pull requests for them, but they become community maintained and are no longer supported by Mender.

AWS IoT Core Integration

Mender 3.4 now supports native integrations with AWS IoT Core. Most notably, it can provision devices to your AWS IoT Core instance, so your device applications are ready to send and receive data to and from the AWS services. This avoids the hassle of certificate and key pair generation and management for your AWS IoT applications.

This integration is available in all Mender plans, as well as Mender Open Source.

Webhooks

Mender 3.4 also supports Webhooks to send data to third-party systems. With this mechanism, it’s possible to notify external applications about device lifecycle events. This helps you avoid polling and manual synchronization between Mender and other systems.

This integration is available in all Mender plans, as well as Mender Open Source.

SAML Federated Authentication

It is now possible to configure Mender to leverage a SAML-compatible Identity Provider (IdP) to identify and authenticate users. Thanks to this feature, users can log in to Mender using their existing credentials (e.g., Azure/Microsoft, AWS, or any other SAML-compatible service.

Setting up Mender as a SAML Service Provider (SP) requires uploading the SAML metadata from your IdP in the “Organization and billing” settings view. Once the XML metadata file upload is complete, you will obtain the Start URL (login URL), which will initiate the SAML authentication for your user.

Only authorized users from your IdP can log in to Mender. You can authorize users by creating them in the “User management” settings view, leaving the optional password field blank. This way, the user will be automatically linked to the SAML IdP on the first log-in.

The feature is available in the Enterprise plan on Hosted Mender and in the on-prem version of Mender Enterprise.

Personal Access Tokens

Mender 3.4 supports the generation and use of Personal Access Tokens when performing management API calls.

Personal Access Tokens are long-lived JWT tokens that you can use to programmatically access the Mender management APIs without logging in each time you need to perform API calls or handling the JWT token expiration.

Personal Access Tokens act as API keys you can use from your CI/CD pipelines or scheduled jobs to access the Mender management APIs. The Personal Access Tokens impersonate the user who generated them, including all the permissions and roles associated with the user.

Try the new features

Get started is the best place to do a quick test of the new release from scratch and get you started with the new features of Mender 3.4.

All the new features are also available in Hosted Mender, our managed solution. Sign up for the free trial and all features and add-ons are available for 12 months for free.

Support for your board

With an active open source community supporting a large number of different hardware and operating systems and growing every day, Mender has quickly become the trusted choice by some of the world’s most respected brands.

If you are getting started with OTA updates, or do not have time to integrate the Mender client with your board for robust A/B system updates, there are several resources available to you!

You can get a full overview of types of hardware and operating system support in the Device Support documentation.

The Board Integrations category in Mender Hub is a community site to contribute, reuse and maintain Mender board integrations.

We are also happy to help with consulting services to enable verified Mender support for your board!

Share your feedback

We appreciate your general feedback on Mender, be it positive or need for improvement, in the Mender Hub General Discussions forum. Your continued feedback ensures Mender will meet your needs even better in the future!

If you believe you have encountered a bug, please submit your report at the Mender JIRA issue tracker.

We hope you enjoy the new features and are looking forward to hearing from you!

1 Like

A post was split to a new topic: Mender for TinyGo application