In the digital age, a top-notch API gateway must not only be reliable and secure but also bring robust governance and security features designed for enterprise needs. The new Kong Gateway 3.3 for Open Source comes with robust enhancements such as configurable queuing behavior, high-scale reliability with readiness probes, and notable improvements to the OpenTelemetry plugin. These capabilities, which are central to our offerings, set the foundation and are included in our enterprise versions.
In this post, we'll further explore the Kong Gateway 3.3 advanced and exclusive features introduced in Kong Enterprise and Kong Konnect.
Kong is thrilled to announce an OpenAPI Spec (OAS) for the Kong Enterprise admin API. OAS specs are critical for organizations as they navigate and consume APIs. They provide a single source of truth as to the shape of a given API that is referenceable by all who consume the API.
By providing a machine-readable, easily shareable specification, we encourage third-party developers and partners to leverage our APIs creatively. Moreover, embracing an OpenAPI spec reinforces our commitment to transparency and open standards.
View all of Kong's published specs at developer.konghq.com.
In a move to further bolster software security and enhance transparency, every new release of Kong Enterprise now includes a Software Bill of Materials (SBOM). An SBOM is essentially a comprehensive record of the various components that make up a software product. These components can be anything from open-source libraries, third-party software, or proprietary code.
By incorporating SBOMs, Kong Enterprise provides in-depth insights into the third-party components used in our software. This increased transparency allows users to not only understand the building blocks of our software but also facilitates effective management and compliance with licensing requirements.
Moreover, SBOMs can be crucial in ensuring adherence to specific industry standards or regulations that might apply to the software. For instance, security-focused regulations may necessitate a comprehensive understanding of all software components, a need that SBOMs directly address.
To offer flexibility and ease of use, we'll provide SBOMs in two widely adopted and industry-recognized formats: cycloneDX and SPDX. Both of these formats are designed to accurately document and communicate the components used in a software product, thus aiding in software transparency, license compliance, and security analysis.
Starting in Kong Enterprise 3.3 and for all following Kong Enterprises releases you can find the associated SBOM in our documentation under ‘Software Bill of Materials.'
Click here to get the SBOM for the 3.3 release. SBOMs are more than equipped to provide you with the necessary resources and support to ensure your organization benefits from this added layer of transparency and security.
One of the standout enhancements of Kong Enterprise 3.3 is the inclusion of support for AWS Identity and Access Management (IAM) database authentication. This feature specifically caters to users of DB-backed instances of Kong who seek to establish connections to Amazon Aurora or Amazon Relational Database Service (RDS) as their database for Kong Enterprise configuration.
This integration significantly expands the potential of Kong Enterprise, allowing organizations to leverage the powerful capabilities of AWS’s IAM service. Not only does this feature enhance the overall security architecture of the applications running on AWS, but it also presents a centralized platform for access management, thereby streamlining operations and reducing the complexities traditionally associated with multiple access management systems.
Furthermore, the use of IAM database authentication for connections with AWS Aurora or RDS bolsters the security of network traffic via encryption. This function serves to protect sensitive data and communication, thereby ensuring that information remains confidential and protected during transmission.
By enabling AWS IAM authentication, Kong Enterprise 3.3 offers organizations a more robust, secure, and streamlined system for managing their API gateways. This integration signifies our commitment to not only respond to the evolving needs of our users but also stay ahead of the curve in the increasingly complex digital landscape. It's part of our constant push to deliver more innovative, efficient, and secure solutions for our user base, and a reflection of our dedication to driving the future of the API gateway space.
The Kong Konnect platform now allows users to associate metadata with their Kong Gateway data planes within a runtime group.
Users can define key-value pairs within the Konnect interface. These key-value pairs are set on the data planes and propagated up to Konnect, providing a powerful tool for categorizing and managing clusters of data planes across an organization. Examples of data plane labels that can be used are as follows:
This feature enriches the governance you get in Kong Konnect by adding useful details about individual DPs within a runtime group. Additional details can be found here.
In the image below you'll see the Konnect UI, which we call Runtime Manager. It lists all of your ‘Runtime Instances', which in this case are connected Kong Enterprise gateways. This feature powers the brand new ‘labels' column in this view below.
Sign up for Kong Konnect for free and get started today with Kong Gateway 3.3!
If you're interested in Kong Enterprise 3.3 you can download it for free here. If you have Kong Gateway installed already, upgrading to 3.3 is easy. Check out our upgrade guide.
For a full list of features, fixes, and updates, please see the available CHANGELOG for Kong Enterprise here and Kong Gateway OSS here.
Managed Redis cache is a turnkey "Shared State" add-on for Kong Dedicated Cloud Gateways. It is designed to combine the performance of an in-memory data store with the simplicity of a SaaS product. When you spin up a Dedicated Cloud Gateway in Kong
With Kong Ingress Controller, when your Control Plane was hosted in Kong Konnect, and you were using Kubernetes Gateway API, your dataplane, routes, and services were in read-only mode. When using Kong Ingress Controller with Kubernetes Gateway API
Architecture Overview A multicloud DCGW architecture typically contains three main layers. 1\. Konnect Control Plane The SaaS control plane manages configuration, plugins, and policies. All gateways connect securely to this layer. 2\. Dedicated C
The Shifting Economic Landscape: The AI token economy in 2026 is evolving, and enterprise leaders must distinguish between low-cost input tokens and high-premium output tokens to maintain profitability. Agentic AI Financial Risks: The transition t
Today we're excited to announce Kong Gateway 3.9! Since unveiling Kong Gateway 3.8 at API Summit 2024 just a few months ago, we’ve been busy making important updates and improvements to Kong Gateway. This release introduces new functionality arou
At API Summit , Kong announced the upcoming beta release of a brand new gateway deployment method in Kong Konnect: Serverless Gateways. Designed for speed, simplicity of use, and affordability, it’s the quickest way to deploy a Kong Gateway. Toda
It’s no secret that building global API infrastructure is a daunting task. In April, we announced the general availability of Kong Konnect Dedicated Cloud Gateways — a fully managed, multi-region API management solution that makes setting up globa