See what makes Kong the fastest, most-adopted API gateway
Check out the latest Kong feature releases and updates
Single platform for SaaS end-to-end connectivity
Enterprise service mesh based on Kuma and Envoy
Collaborative API design platform
API and Microservices Security for Gateways, Service Mesh, and Beyond
Call for speakers & sponsors, Kong API Summit 2023!
5 MIN READ
Hayden Lam also contributed to this post.
Today we’re thrilled to announce new features in Kong Konnect, including secrets management, support for Kong Gateway 3.1, Analytics updates, runtime group APIs, system accounts, and an intuitive overview page and service wizard. In this blog, we’ll explore all these exciting updates in Kong Konnect.
You can now seamlessly reference sensitive information securely from third-party secrets managers such as AWS Secrets Manager, GCP Secrets Manager, and Hashicorp Vault. You can also use environment variables for accessing and storing secrets.
Now your secrets — such as usernames and passwords, API tokens, database credentials, and private keys — are centrally managed, auditable, and protected from unauthorized use. This makes the Kong Konnect platform secure by design as it only references secrets stored in these secret managers instead of accessing the actual value of the secrets.
You can learn more about secrets management in the documentation. To learn about other Kong Gateway 3.0 features supported in Kong Konnect, refer to the Kong Gateway 3.0 release blog post.
Figure 1: Kong Konnect supports Secrets Management
We’re happy to announce that Kong Konnect now supports Kong Gateway 3.1 including some of the new plugins added in 3.1. You can deploy and manage Kong Gateway 3.1 runtime instances across any cloud or on-premise environment using the Konnect Runtime Manager. You can seamlessly apply newly added plugin policies such as SAML 2.0, AppDynamics, JWE Decrypt, and XML Threat Protection plugins to increase security and visibility across all your APIs and services.
Get started with the newest version of Kong Gateway in Konnect.
You can now choose between multiple different metrics and chart types when creating custom reports in Kong Analytics. These updates enable you to easily understand API traffic patterns, user behavior and trends over time.
You have the option to select from different chart types such as line, horizontal and vertical bar charts to visualize your API calls. You can now easily select from a number of relative time frames (Figure 3) to set a date range for your custom reports. Relative time frames are dynamic and the report captures a snapshot of data relative to when you view the report.
Lastly, you can choose from a bunch of newly added metrics including Request per minute, Response latency, Response size and Request size all represented as percentiles. Analytics uses percentiles to enable you to understand the real performance characteristics of your APIs. Percentiles depict a more accurate picture of what most end users experience using your APIs instead of hiding critical experiences by displaying averages.
Figure 2: New chart types added in Analytics custom report
Figure 3: Relative Time Selection capability
Try it out now! Log in to your Kong Konnect account and navigate to Analytics → Reports to try out these features.
You can now fully automate your runtime group workflows and integrate with the Konnect admin API to configure the gateway in a Konnect managed runtime instance.
This set of APIs allow you to create and manage runtime groups. As a result, your central infrastructure teams are able to leverage the API to provision runtime groups as part of their onboarding process for new teams and departments. These endpoints also provide the config parameters required to connect a Kong Gateway data plane to the runtime group.
This is the set of APIs that allow you to manage your data plane (DP) nodes, DP certificates, and (most notably) the gateway configuration (AKA the Kong Admin API). Combined with the runtime groups API, you are now able to automate your entire runtime groups workflow end to end.
The three groups endpoints in runtime group configuration are:
Core entities include Services, Routes, Consumers, Plugins, Upstreams, Certificates, CA Certificates, SNIs, Targets and Vaults.
Refer to our documentation for additional details.
You can now create an account for a system user such as your GitHub repo to access Kong Konnect using system accounts. Unlike user accounts, system accounts can be created without a verified email address. This allows a system account to be used as part of an automation or integration workflow that isn’t associated with any person’s identity.
The system account has access to a system account access token the same way a regular Konnect user has access to a personal access token (PAT). The system account can be assigned roles directly or by becoming a part of a team. As such, an access token created by a system account inherits the roles assigned to the system account.
This feature is currently in beta. We welcome customers to provide early feedback.
Now you can get a high-level summary of your entire Konnect ecosystem including news updates and learning resources as well as an intuitive experience when creating a new service with the Konnect Overview page. By clicking on “Add a Service” you can seamlessly register a service within Service Hub, create a deployment to the Kong Gateway, publish API docs to the Dev Portal, and apply plugins in a simple four-step process.
Figure 4: Konnect Overview and Service Wizard
Refer to our documentation to dive deeper into Kong Konnect or register for our weekly product demo and live Q&A.
Ready to take it for a spin? Start your Kong Konnect free trial to get your hands on these new features.