Ability to restrict access to the Import wizard
Valid from Pega Version 8.5
You can now restrict access to the Import wizard so that users implement an automated pipeline to deploy changes between environments such as staging and production. Deployment Manager is one method by which to create pipelines. By using pipelines to propagate changes, users can apply a standardized and automated deployment process for migrating their applications.
For more information, see:
- Ensuring that users migrate applications with a pipeline by restricting the Import wizard
- Understanding model-driven DevOps with Deployment Manager
Security fields in JFrog Artifactory repository do not work
Valid from Pega Version 7.3
The fields in the Security section of the JFrog Artifactory repository rule form, including the Secure protocol field, the Truststore field, and the Keystore field, were not implemented. In the Pega™ Platform 7.3 Designer Studio help, disregard the optional Security section in step 4 of the Configuring a JFrog Artifactory or Amazon S3 repository connection help topic, and disregard the optional Security section in step 5 of the Creating a repository configuration help topic in the 7.3.1 Designer Studio help.
Search and Reporting does not index large items
Valid from Pega Version 8.5
When using the Search and Reporting (SRS) microservice in Pega Platform™ 8.5, you might encounter problems with indexing large out-of-the-box rules. The issue is not visible in Queue Processors, but you can access logs to verify which items the system does not index.
Data schema error on z/OS split schema upgrades from versions before Pega 7.1.8
Valid from Pega Version 4.1
When upgrading to a split schema on Pega 7.x with IBM DB2 for z/OS, you see an error during the data schema upgrade when the system tries to drop the PRPC_Updatescache procedure. Because triggers on rules tables use PRPC_Updatescache, you must use the ZOSDisableTriggerScripts to disable these triggers before you update the data schema.
- Follow the instructions in the Pega 7 Platform Upgrade Guide to upgrade the rules schema, but stop immediately before you upgrade the data schema with the upgrade.bat or upgrade.sh script. The Pega 7 Platform Upgrade Guide is on the page.
- Copy the contents of the <distribution>\ResourceKit\ZOSDisableTriggerScripts directory into the <distribution>\scripts\ directory.
- Run fixZosTriggers.bat or fixZosTriggers.sh with the following arguments:
--action preupgrade
--dataschema
<data schema name>--oldrulesschema
<old rules schema name. If you are upgrading from a single-schema system, this is the data schema name.>--newrulesschema
<new rules schema name>--automaticddl
<Optional. Set to true to automatically apply the disable trigger SQL scripts.>For example:
fixZosTriggers --action preupgrade --dataschema pegadata --oldrulesschema pegarules --newrulesschema newrules --automaticddl false
- If you did not set --automaticddl to true in the previous step, run the <distribution>\schema/disable.sql script to manually disable the trigger SQL scripts.
- Run the data schema upgrade as described in the Pega 7 Platform Upgrade Guide.
Data encryption across search nodes
Valid from Pega Version 7.3
You can now encrypt communication among search nodes. Encryption secures the data that is transferred across nodes so that it cannot be accessed by unauthorized hosts. Encryption is enabled by default for new installations and upgrades from Pega® 7.1.6 or earlier to Pega 7.3. Encryption is not enabled by default for upgrades from Pega 7.1.7 or later to Pega 7.3. You can enable and disable search encryption from the Search landing page or by using the indexing/distributed/enable_inter_node_encryption Dynamic System Setting.
For more information, see Enabling and disabling encryption for communication among search nodes.
Improve cluster security by limiting concurrent operator sessions
Valid from Pega Version 7.3
You can increase the security of a Pega® Platform cluster by limiting the number of concurrent sessions allowed for each operator. Because operators typically do not require multiple concurrent sessions for performing their work, limiting the number of sessions reduces the chance that an unknown or untrusted person could access systems in the cluster. Use the new setting Number of concurrent sessions allowed for each operator on the Production tab of the System Data Instance form to configure the number of concurrent sessions for operators. You must restart your system when you change this setting. You can also create a list of operators by using the presence/maxsessions/operators/whitelist Dynamic System Setting, to which the maximum number of concurrent sessions setting will not apply.
For more information, see System form - Completing the Production tab.